Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

The problem: NetFlow is missing info in case of NAT

Hello dear colleagues!

I have the following problem.

I use NAT. And all traffic going from the outside to a local IP-address (e.g. Internet) generates NetFlow packets missing info on the local IP-address. Instead of this they contain external IP-address of the router. And if I need to calculate Internet traffic relatively to local IP-adresses this makes a problem.

Does anyone know how to solve it?

4 REPLIES

Re: The problem: NetFlow is missing info in case of NAT

Hi,

Where have you applied the netflow? on which router? which interface ?

Can you provide more information on this.

If i assume that you have 2 interface in your router one connected to the External network and one connected to your internal network, then enabling netflow on the internal interface will get what you want.

-VJ

Community Member

Re: The problem: NetFlow is missing info in case of NAT

Cisco 3620. Data coming from the outside is being captured at the external router interface - that's the way NetFlow system is organized.

Re: The problem: NetFlow is missing info in case of NAT

Hi,

If you could provide some more details on your setup, it would be nice.

You have mentioned that netflow is enabled on cisco 3620 routers external interface.

Try enabling netflow on the inside interface (probably the ethernet interface) on this router, which sees the De'Nated traffic.

All you have to do it enabled ip netflow switching on the inside interface in this router. then the flow from this interface will also go to your netflow server, from where you can see the statistics..

HTH

-VJ

Community Member

Re: The problem: NetFlow is missing info in case of NAT

Here is an article concerning this little problem:

http://www.netup.biz/articles.php?n=10

148
Views
0
Helpful
4
Replies
CreatePlease to create content