Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Not getting netflow through the firewall

Dear All,

From last few days i am trying to get the netflow logs from the router to my system but its not happening. here is one firewall cyberoam between router and system. can anyone tell me what exact port numbers need to be open on the firewall to get the logs.

Quick responce will be appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Not getting netflow through the firewall

I have encountered these kind of issues frequently - it most usually is a  case of ACLs either on the firewall or on the router itself.

If any-any allows packets to reach NTA and specific port opening does not, then your firewall team seems to be doing it wrong. Did they make sure they opened UDP 2055 and UDP 9996? And source is FastEthernet0/0 and destination is your NTA server?

Regards,
Don Thomas Jacob
http://www.solarwinds.com/netflow-traffic-analyzer.aspx


NOTE: Please rate and close questions if you found any of the answers helpful.

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
10 REPLIES
New Member

Not getting netflow through the firewall

I am using Solarwind and trying to get the logs on port number 2055 and 9666.

Router-------Firewall--------System

New Member

Re: Not getting netflow through the firewall

I have asked firewall team to open the port number 2055 and 9666 to my system and for bidirectional to SNMP (TCP 161,162). But still i am not getting.

Re: Not getting netflow through the firewall

hi,

could you post netflow config from your router?

is router at least able to ping the system/NMS?

New Member

Not getting netflow through the firewall

No router is not able to ping my server becoz firewall team has allowed netflow ports on the firewall not ICMP.

interface FastEthernet0/0

ip address 10.10.10.1 255.255.255.0

ip flow ingress

ip route-cache flow input

ip flow-export source FastEthernet0/0

ip flow-export version 5

ip flow-export destination 10.10.10.50 2055

ip flow-export destination 10.10.10.50 9666

Should i allow ICMP from router to my server ?

Not getting netflow through the firewall

hi,

yes, just for troubleshooting purpose. you can ask your FW team to block it again afterwards.

i just want to ensure your router knows how to get to your NMS.

could you do below and post a show ip flow export?

ip cef

interface FastEthernet0/0

no ip route-cache flow input

ip route-cache flow

no ip route-cache cef

New Member

Not getting netflow through the firewall

Please not if my firewall team allow access "any to any" than we are getting the netflow logs.

They need the exact port number and they are even not ready to do the troubleshooting with us. that is the biggest issue for us.

Re: Not getting netflow through the firewall

Hi,

Did your FW team opened "UDP" ports for 161, 162, 2055 and 9666?

Sent from Cisco Technical Support iPhone App

New Member

Not getting netflow through the firewall

Yes, they have opened the port as mentioned below.

2055 & 9666 ( Source router LAN interface and destiona My server)

161 & 162 ( SNMP - Bidirection)

Bronze

Re: Not getting netflow through the firewall

I have encountered these kind of issues frequently - it most usually is a  case of ACLs either on the firewall or on the router itself.

If any-any allows packets to reach NTA and specific port opening does not, then your firewall team seems to be doing it wrong. Did they make sure they opened UDP 2055 and UDP 9996? And source is FastEthernet0/0 and destination is your NTA server?

Regards,
Don Thomas Jacob
http://www.solarwinds.com/netflow-traffic-analyzer.aspx


NOTE: Please rate and close questions if you found any of the answers helpful.

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
New Member

Not getting netflow through the firewall

Thaks a lot Mr. johnlloyd_13 & Mr. Don. Now the issue has been resolved. Port number was not correctly open in the firewall.

1459
Views
5
Helpful
10
Replies
CreatePlease login to create content