Hi, I am wondering if this is possible. Our ISP's router is a Cisco 2600 and I am asking them to add the Netflow commands to it so we can see who is doing what on our router when it gets busy. However our Netflow server is on our Internal network. This 2600 connects to our Cisco 2950 switch and into a VLAN where the "outside" port of our Cisco Pix sits. The 2600's IP is the first IP of our Public IP scope for example, 220.127.116.11 and the "outside" port of the Cisco Pix is the 2nd of the scope 18.104.22.168. Now if I tell my ISP that the Netflow server is on 192.168.25.25 what will need to be added to the Cisco 2600? I can't figure out how I can get this Netflow traffic from this 2600 to my LAN server.
Thanks, my ISP will add the ip route 192.168.25.25 255.255.255.255 22.214.171.124 and the various Netflow commands. Will I have to do something special on the Pix like enable 126.96.36.199 on port 9996 (netflow) to 192.168.25.25?
Yes I would expect that you would need to configure the PIX to permit the traffic from an outside source to an inside destination on the particular port. By default the PIX does not allow outside sources to initiate traffic to inside destinations so you will need configuration to permit this.
Allow "routers ip" to "servers IP" on port 9996 (Netflow), the Pix firewall says "No NAT rule is configured for destination host "server IP" on the inside interface from the outside interface. Please configure a Static NAT or NAT Exemption rule for this host"
Shall I just let the Pix create the static translation rule?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...