Netflow on cisco me 6523

hello
im trying to get netflow working on a me 6523 to a destination address using udp port 4739 but im not getting anything through wire shark while connected
to a span port on the router or the connecting switch.
Im using the management interface which is using port-channel1

Hi Sean,
Can you try configuring your Cisco switch as below and check.
mls netflow     // This enables NetFlow on the Supervisor.
mls nde sender version 7
mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.
mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.
mls flow ip interface-full
mls nde interface
The next two commands will help to enable NetFlow data export for  bridged traffic which is optional. You can specify the list of VLANs  here to enable bridged traffic.
ip flow ingress layer2-switched vlan
ip flow export layer2-switched vlan
Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
ip flow egress       // This command has to be executed on all the L3/VLAN interfaces.
ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the flow server
ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
ip flow-export version 9
ip flow-cache timeout active 1
snmp-server ifindex persist
Regards,
Don Thomas Jacob
ManageEngine NetFlow Analyzer

Similar Messages

  • Netflow on Cisco 7600

    Hi All.
    It is known that SUP720-3B on Cisco 76xx doesn't support ip flow egress on interfaces.
    In the last IOS in cisco feature navigator versions I see netflow egress accounting support (see picture bellow).
    Somebody tested this feature? It really works?
    Thanks.
    Konstantin

    Hi Prima,
    This question has been already answered several times and the answer is still the same :-) : it's not supported on 7600 platform due to hardware limitation.
    HTH
    Laurent.

  • Netflow on Cisco Catalyst 3750 Metro Series Switches

    Does netflow possible in 3750 metro series?

    Hi Syed,
    You have to first check if there is any image in switch or not so that you can manually boot from switch: prompt but as you said there is no image in the switch you have to go for xmodem procedure to upgrade the switch.
    Have a look at this link and just follow step by step instructions and you will be good to go
    http://www.cisco.com/en/US/products/hw/switches/ps607/products_tech_note09186a00800946e5.shtml#xmodem
    HTH, if yes please rate the post.
    Ankur

  • Configuring Netflow on Cisco 3560X

    I have a WS-C3560X-24P with this SW version 12.2(55)SE1. It has several L3 Vlan interfaces.
    How do I enable it to send Netflow traps?
    It does not support the ip flow-export commands.
    thanks!!!
    Sergio

    Hello,
      3560 series doesn't support netflow. There are only two sulutions:
    1. use another switch 4500 or 6500 -> more expensive solution
    2. try use a netflow probe. There are commercial sulutions and
    free solutions. The probe is connected via span/mirror port or
    via optical tap/splitter.
    Visit http://support.caligare.com/kb/entry/42/  to see a list of
    supported devices.
    I'm sorry, both solutions are not ideal, but what is in the world?
    Jan
    PS.: Please, rate if you are satisfied.

  • Is it possible to run both Netflow v5 and v9 at the same time

    Hi All,
    Just wondering if it is possible to run netflow version 9 and version 5 at the same time (to different destinations) on the same router please?
    Thanks very much
    Regards
    Amanda

    No Amanda,
    we cannot simultaneously configure both versions of NETFLOW on cisco ios. After configuring firstone when you try to configure other version it will override the previously configured version.
    "Please do rate helpful posts"

  • 5508 pair show "Down" as data sources for Netflow

    I've setup my 5508s to monitor and export netflow to Cisco Prime Infrastructure but no data populates in the expected tabs.  When I check Admin-> Data Sources they show up as "down", while other netflow exporters (ASA1000s I used to test) show as "up".  I verified in the WLC CLI that they are exporting flows.  Thoughts?
    WLC show flow exporter stat:
    Exporter-name: CiscoPrime
      Total Flows Sent: 69536
      Total Pkts Sent: 4021
      Total Pkts Dropped: 0
      Last Sent Time: Thu Aug 15 15:24:29 2013

    Hi Marcin,
    You are most welcome my friend I think the great NetPros in this thread
    offer some excellent tips and strategies for this plan as well as the restrictions
    you will encounter moving forward. You will likely want to make the 5508 the
    primary controller with an eye on moving away from the 4400 at some point
    due to it's EoL and inability to run the latest code versions.
    Cheers!
    Rob
    "Show a little faith, there's magic in the night" - Springsteen

  • Trouble Removing Netflow destination

    I have been trying to remove a netflow destination.   I have been attempting:
    no flow-export destination internal 10.118.5.143 2055
    but I receive:
    ERROR: flow-export: destination in use. Remove all references before attempting
    to delete.
    What command/s do I need to run to remove all references?
    output from sh run | i flow-export:
    flow-export destination internal 10.118.5.143 2055
    class-map netflow-export-class
    class netflow-export-class
      flow-export event-type all destination 10.118.5.143
    Thanks!

    Check out the last couple of posts at http://forums.manageengine.com/topic/disable-netflow-on-cisco-asa that should addresses this issue.

  • Netflow on 2960 and 3560 !!

    Dear all,
    I am trying to configure netflow on cisco catalyst 2960(12.250 SE4) and 3560G(12.250 ) switches for mcafee network security manager.
    But netflow command is not supported for this mcafee device. 
    I want to know, is there any process to configure netflow on this device?
    thanks in advance.

      As far as I know those switches do not support any kind of netflow .

  • NETFLOW ON SWITCHES?

    Guys,
    I have a C3560 (C3560-HBOOT-M) Version 12.2(25r)SE1, RELEASE SOFTWARE
    MODEL  WS-C3560G-24TS-S
    Would it be possibel to configure netflow on this device.
    I don't see any ip route-cache flow command.
    Looking forward to your answers.
    Nik

    Netflow is not suported on Catalyst 3560 switches. Cisco doesn't document it very well as far as I've seen.
    Think of Netflow as primarily a router technology. While most switches also route, the access switches (such as 3560 series) don't have the support for Netflow built into them. 4500 and 6500 series switches handle it via add-on to the low end supervisors (i.e. NFFC for some 4500 supervisors) or high end supervisors (such as Sup-720 in 6500's)
    This 3rd party link may be useful: http://www.manageengine.com/products/netflow/help/cisco-netflow/netflow-ios-versions.html
    Also: http://support.caligare.com/kb/entry/42/
    Hope this helps.

  • WCS monitoring

    I have recently started using the Wireless Control System. This is monitoring the WiSM2 controller, and 1524 AP, 1040 indoor AP,s. I wanted to know if I can monitor the Traffic- Bandwidth Utilization, Number of Clients, Session details, Type of device etc on  per AP level, per SSID level, per controller level.   I also want to know if i can generate reports Traffic- Bandwidth Utilization, Number of Clients, Session details, Type of device etc on  per AP level, per SSID level. I also want to know how can I findi the license of the WCS if any. And how can I take a backup of current WCS configuration if I decide to reinstall the WCS into any other server?

    WCS is EOL and what you need to look at is Prime Infrastructure. Now I'm not going to tell you everything PI can do or can't, but this is a tool for monitoring the wireless. It can give tell you number of clients on a given ap or radio or the utilization, but it will not know of bandwidth per user or total bandwidth used. This is not something that this tool is built for.
    http://www.cisco.com/en/US/products/ps12239/
    The WLC with newer code can do NetFlow which is application visibility.
    http://www.plixer.com/blog/netflow-configuration/cisco-wlc-netflow-configuration/
    I don't think there is one solution for what you are looking for. I guess you can always find a tool to check bandwidth from the switchport that the ap is connected to. Something like Cacti
    http://en.m.wikipedia.org/wiki/Cacti_(software)
    Sent from Cisco Technical Support iPhone App

  • ASA5505 how to record the traffic log

    Hello, everyone,
    I want to analysis the log from asa5505,
    I have configured the device to send the log to a syslog server.
    but I found the log seems like event log, it's format like below :
    6|Nov 11 2010|18:07:33|302014|192.168.2.22|192.168.1.2|Teardown TCP connection 986 for outside:218.30.82.201/80 to inside:192.168.1.2/1764 duration 0:10:01 bytes 619 FIN Timeout
    I want to obtain the traffic log, it may contains each connection record  information, including send bytes and receive bytes,  URL and so on...
    but I can't find out how to setup the device to let the asa5505 record the traffic log,
    someone can give some tips, thanks in advanced.

    Hi,
    You need to enable the Netflow protocol.
    Here are two documents related to Netflow for Cisco ASA:
    https://supportforums.cisco.com/docs/DOC-6114
    https://supportforums.cisco.com/docs/DOC-6113
    Best regards,
    Giorgos

  • Which Traffic Analyzer is good?

    Hi All,
    Right now we are using OpenNMS to get alerts and traffic view for our All Cisco network. I want to deploy deep packet inspection product to have more idea about top talkers, application response time and application bandwidth usage, etc. I don't want to utilize netflow in router and switch. Kind of worry put more load on the device. I would like just setup SPAN or use tap to mirror the traffic and the monitoring device can analyze the traffic or capture the traffic.
    Does anyone use ntop's product like nBox, nProbe, Recorder? I know there are lots of netflow analyzer software, but I don't want to configure netflow in Cisco. We would like try cheaper solution before we go to the expensive commercial ones. The throughput I will monitor is around 500Mbps.
    Any recommendation? Really appreciated!
    Lou

    Check
    http://www.ntop.org/news.php

  • Cisco netflow problem!!!

    I'm trying to configure netflow on router2600 and still it's not working. here is my cisco configuration:
    Current configuration : 2153 bytes
    version 12.2
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log uptime
    service password-encryption
    hostname GEO_OSMP
    boot-start-marker
    boot-end-marker
    aaa new-model
    aaa authentication enable default none
    username osmp secret xxx
    ip subnet-zero
    ip flow-cache timeout active 2
    ip name-server 213.x.x.34
    ip name-server 213.x.x.35
    call rsvp-sync
    controller E1 0/0
    controller E1 0/1
    interface FastEthernet0/0
    no ip address
    ip accounting output-packets
    ip flow ingress
    speed 100
    full-duplex
    no clns route-cache
    interface FastEthernet0/0.1
    bandwidth 10000000
    encapsulation dot1Q 50
    ip address 192.168.0.1 255.255.255.0
    ip accounting output-packets
    ip nat inside
    ip flow ingress
    interface FastEthernet0/0.2
    encapsulation dot1Q 60
    ip address 213.x.x.39 255.255.255.240
    ip nat outside
    ip flow ingress
    interface FastEthernet0/0.3
    encapsulation dot1Q 40
    ip address 213.x.x.91 255.255.255.252
    ip nat outside
    ip flow ingress
    ip nat inside source route-map telenet interface FastEthernet0/0.3 overload
    ip nat inside source route-map wanex interface FastEthernet0/0.2 overload
    ip flow-export source FastEthernet0/0.1
    ip flow-export version 5
    ip flow-export destination 192.168.0.18 9996
    ip classless
    ip route 0.0.0.0 0.0.x.x.131.42.89
    ip route 0.0.0.0 0.0.x.x.200.20.33 110
    no ip http server
    ip access-list extended interneti
    permit ip 192.168.0.0 0.0.0.255 any
    ip access-list extended wanex
    permit ip 192.168.0.0 0.0.0.255 any
    logging history size 500
    logging trap debugging
    route-map wanex permit 10
    match ip address interneti
    match interface FastEthernet0/0.2
    route-map telenet permit 10
    match ip address interneti
    match interface FastEthernet0/0.3
    snmp-server community OSMP_LAN RO
    snmp-server community osmp RO
    snmp-server community kodi RW 60
    snmp-server ifindex persist
    snmp-server queue-length 100
    snmp-server host 192.168.0.18 OSMP_LAN
    control-plane
    dial-peer cor custom
    gateway
    line con 0
    line aux 0
    line vty 0 4
    password xxx
    end
    HELP MEEEE!!!!

    Can you provide the output of the "show ip flow export" and "show version" commands?

  • Designing Cisco Netflow Architecture ?

    My company isn't using a management system for analyzing the WAN traffic and we want to implement Cisco Netflow to analyse the network traffic on the backbone. We have a huge network with more then 100 sites across the world. We use 120x 2600 routers and 6x 7200 routers.
    Now the question is : How to collect the data into a central place ?
    The routers have netflow activated and they send the netflow information to a netflow collector. Now we need a program that collects the data from the netflow collectors to a central place and analyzes this. I searched the cisco site and found out that cisco uses a Netflow server for that solution. But Cisco has decided to partner with third-party vendors to deliver the Netflow Server product.
    Does Anybody have any ideas ?

    Hi
    if I understand you correctly you need some application to make your netflow data human viewable , right ?
    Take a look at this page, it is a very good listing of different vendors which deliever such products, also some freeware projects are listed ...
    http://www.switch.ch/tf-tant/floma/software.html
    here is a additional listing
    http://www.inmon.com/technology/netflowapps.php
    Michael

  • Cisco 6506 Netflow configuration

    I configured netflow to capture data received by vlan 950. 
    vlan 950 has an ip 10.198.0.12. But the output is capturing only packets with source ip of this subnet only.
    why is it not showing any traffic received from outside? or sent to outside hosts?

    Hi Rafael,
    you need an Assurance License for that feature to work
    check the below link:
    http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps12239/guide_c07-714720.html
    Thanks-
    Afroz
    [Do rate the useful post]

Maybe you are looking for

  • How to process very large internal tables and stop time limit

    Hello Experts, I am currently having a problem on how to fix a certain report where we process more than 500 thousand records in the internal table. I can't think of any solution that can make the below code any faster. I just checked in our prod ser

  • How do I create a filter in photoshop that will effect any photo you add it to?

    I need to create a template that can be quickly and easily changed out week to week. So I need to adjust the colors of photos but add that to any photo I choose week after week. How do I do this??

  • Question about photo slideshow

    When you have a photo page, is there a way to eliminate being able to click on a photo to enlarge it? I'd just like to have people scroll down to look at my photos, instead of the option of clicking on one and going through a slideshow. I know you ca

  • Charging problem with nokia 603

    Hi, I just bought Nokia 603 one week back but i had to give it back to nokia are for charging problem, anyway my point is all nokia hardly had problems with charging but now with nokia 603 it is really strange. Can Nokia please check in to this

  • Wanted a Full Time Job

    Dear Sir/Mam,  My name is P.S.Sivakumar and I am Presently working as a PAT in a leading Software Firm at Chennai. I had my Under Graduation in Mechatronics Engineering from Thiagarajar College of Engineering(Autonomous), Madurai.  I've lot intrest i