Netflow was working perfectly,all the information was collected by a Fluke Netflow collecotr software
GetVPN was rolled out on the WAN a few months back.
Since then, we only see mostly ESP traffic in the Netflow graphs. We do not see the breakdown of Layer4 traffic anymore.
It appears that the Netflow traffic is only processed and collected before the GetVPN decryption at the border routers ??
Is there a way to influence the order of netflow processing in such a way to gather the traffic information after it has been decrypted at the GetVPN border routers.
I have flexible netflow enabled (with the output-feature) as follows on a border router. And its currently only enabled on the WAN interfaces (which are also GetVPN enabled). We are still mostly seeing ESP traffic. Is there a way to see the unencrypted traffic within the Netflow ??
Or is the only way to disable netflow on the WAN Interfaces and then enable it on the LAN interfaces instead (which are not GetVPN enabled) ?
I experianced the same thing as your describing and have not been able to figure out any alternative except to also collect netflow stats on the inside interfaces. Seems logical that if we want to collect netflow before encryption with flexible netflow then we would also want to collect statistics after decryption with flexible netflow.
If you were able to figure out how to make it work like you wanted please let me know.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :