Trouble getting SOME sites to show traffic in Netflow

FormerMember

I have Netflow installed and configured and it is showing data (with current "Last Data Received" dates & times), however I have two sites that will not update. One site is a Cisco 3725 runing 12.4 9t IOS --  the other is a Cisco 2821 running 12.4(15)T5 IOS

I made sure that the routers / interfaces were added to Orion before configuring the routers to sent flow info.  When I try to add the routers to Netflow, they do NOT show up in the current exporters list, but I can add them by chosing "all Cisco".  They simply show Last Data Received = NEVER.

I have tried both "ip route-cache flow" and "ip flow ingress" / "ip flow egress" on various interfaces and sub-interfaces.  I have tried bother version 5 and version 9 with no change in behavior.  The router seems to be exporting:

Albany_VPN#sh ip flow exp
Flow export v5 is enabled for main cache
  Export source and destination details :
  VRF ID : Default
    Source(1)       192.168.18.3 (FastEthernet0/0.1)
    Destination(1)  10.0.1.70 (2055)
  Version 5 flow records
  781785 flows exported in 26185 udp datagrams
  0 flows failed due to lack of export packet
  0 export packets were sent up to process level
  0 export packets were dropped due to no fib
  0 export packets were dropped due to adjacency issues
  0 export packets were dropped due to fragmentation failures
  0 export packets were dropped due to encapsulation fixup failures
Albany_VPN#

I know that Netflow is working (since it is showing data from other routers).  I can ping the Orion Server from the router. and I have checked and re-checked the IP addresses and Port etc.

Here is a "sanitized" config as it is configured today:

Albany_VPN#sh run
Building configuration...

Current configuration : 8509 bytes
!
version 12.4
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname Albany_VPN
!
boot-start-marker
boot-end-marker
!
logging count
logging buffered 16000 debugging
enable secret {removed}
!
aaa new-model
!
aaa authentication login TRAuthList group radius local
!
aaa session-id common
!
resource policy
!
clock timezone PST -8
clock summer-time PDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
no network-clock-participate slot 1
voice-card 1
 dspfarm
!
ip cef
ip tcp synwait-time 5
ip telnet source-interface FastEthernet0/0.1
!
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.118.1 192.168.118.10
ip dhcp excluded-address 192.168.18.1 192.168.18.130
!
ip dhcp pool IP-PHONES
   network 192.168.118.0 255.255.255.0
   option 150 ip 192.168.101.88 192.168.101.87
   domain-name wsi.local
   default-router 192.168.118.3
   dns-server 10.1.1.6 10.1.1.2
!        
ip dhcp pool Pcs
   network 192.168.18.0 255.255.255.0
   option 150 ip 192.168.101.88 192.168.101.87
   domain-name wsi.local
   default-router 192.168.18.3
   dns-server 10.1.1.2 10.1.1.6
!
ip tftp source-interface FastEthernet0/0.1
ip domain lookup source-interface FastEthernet0/0.1
ip domain name wsi.local
ip name-server 10.1.1.6
ip ssh source-interface FastEthernet0/0.1
!
isdn switch-type primary-4ess
!
voice call carrier capacity active
!
voice translation-rule 100
 rule 1 /4300/ /2412/
 rule 2 /4301/ /2412/
 rule 3 /4302/ /2412/
!
voice translation-profile SRST
 translate called 100
!
fax interface-type fax-mail
!
application
 global
  service alternate DEFAULT
 !       
username bchernish privilege 15 secret {removed}
username elomega privilege 15 secret {removed}
username bnelsonmt privilege 15 secret {removed}
username ccinoc privilege 15 secret {removed}
archive
 path tftp://Orion/Albany
 write-memory
!
controller T1 1/0
 framing esf
 linecode b8zs
 cablelength short 133
 pri-group timeslots 1-24 service mgcp
!
controller T1 1/1
 framing sf
 linecode ami
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key {removed} address {removed}
crypto isakmp keepalive 15
!
crypto ipsec security-association lifetime seconds 28800
!
crypto ipsec transform-set {removed} esp-3des esp-md5-hmac
!
crypto map Albany_vpn 10 ipsec-isakmp
 set peer {removed}
 set transform-set {removed}
 match address 130
 reverse-route
!
interface FastEthernet0/0
 description TRUNKED TO SWITCH
 no ip address
 ip accounting output-packets
 ip route-cache flow
 duplex auto
 speed auto
!
interface FastEthernet0/0.1
 description Albany Data / Managemnet VLAN
 encapsulation dot1Q 1 native
 ip address 192.168.18.3 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly
!
interface FastEthernet0/0.118
 description IP PHONE VLAN
 encapsulation dot1Q 118
 ip address 192.168.118.3 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly
!
interface Serial0/0
 ip address {removed} 255.255.255.252
 ip flow ingress
 ip flow egress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 no fair-queue
 crypto map Albany_vpn
!
interface FastEthernet0/1
 ip address {removed} 255.255.255.252
 ip flow ingress
 ip flow egress
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/1
 ip address 192.168.202.1 255.255.255.0
 ip access-group 102 in
 ip nat inside
 ip virtual-reassembly
 encapsulation ppp
!        
interface Serial1/0:23
 no ip address
 encapsulation hdlc
 no logging event link-status
 isdn switch-type primary-ni
 isdn incoming-voice voice
 isdn bind-l3 ccm-manager
 no cdp enable
!
router eigrp 316
 redistribute static
 network 192.168.18.0
 network 192.168.118.0
 network 192.168.202.0
 no auto-summary
!
ip route 0.0.0.0 0.0.0.0 {removed}
ip route 10.0.0.0 255.255.224.0 {removed}
ip route 10.1.0.0 255.255.224.0 {removed}
ip route {removed} 255.255.255.248 {removed}
ip route 192.168.0.0 255.255.0.0 Serial0/0 12.118.151.217
ip route 192.168.20.0 255.255.255.0 Serial0/1
ip route 192.168.101.0 255.255.255.0 Serial0/0 12.118.151.217
!
ip flow-cache timeout active 1
ip flow-export source FastEthernet0/0.1
ip flow-export version 5
ip flow-export destination 10.0.1.70 2055
!
ip http server
no ip http secure-server
ip http path flash
ip nat inside source route-map nonat interface FastEthernet0/1 overload
!
ip radius source-interface FastEthernet0/0.1
logging source-interface FastEthernet0/0.1
logging 10.0.1.70
access-list 14 permit {removed}
access-list 14 permit {removed}
access-list 14 permit {removed}
access-list 14 permit 192.168.0.0 0.0.255.255
access-list 14 permit 10.125.0.0 0.0.7.255
access-list 14 permit 10.0.0.0 0.0.7.255
access-list 14 permit {removed}
access-list 14 permit {removed}
access-list 14 permit 10.1.0.0 0.0.7.255
access-list 102 permit ip any any
access-list 130 permit ip 192.168.18.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 130 permit ip 192.168.118.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 130 permit ip 192.168.18.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 130 permit ip 192.168.118.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 130 permit ip 192.168.20.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 130 permit ip 192.168.120.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 130 permit ip 192.168.20.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 130 permit ip 192.168.120.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 140 deny   ip 192.168.18.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 140 deny   ip 192.168.118.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 140 deny   ip 192.168.18.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 140 deny   ip 192.168.118.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 140 deny   ip 192.168.20.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 140 deny   ip 192.168.120.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 140 deny   ip 192.168.20.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 140 deny   ip 192.168.120.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 140 permit ip 192.168.18.0 0.0.0.255 any
access-list 140 permit ip 192.168.118.0 0.0.0.255 any
access-list 140 permit ip 192.168.20.0 0.0.0.255 any
access-list 140 permit ip 192.168.120.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
snmp-server community wsi RO
snmp-server community ws1 RW
!
route-map nonat permit 10
 match ip address 140
!
radius-server host 10.1.1.6 auth-port 1645 acct-port 1646 key {removed}
!
control-plane
!
voice-port 1/0:23
 echo-cancel coverage 24
!
ccm-manager fallback-mgcp
ccm-manager redundant-host 192.168.101.87
ccm-manager mgcp
ccm-manager music-on-hold
ccm-manager config server 192.168.101.88 192.168.101.87
ccm-manager config
!        
mgcp
mgcp call-agent 192.168.101.88 2427 service-type mgcp version 0.1
mgcp dtmf-relay voip codec all mode out-of-band
mgcp rtp unreachable timeout 1000 action notify
mgcp modem passthrough voip mode nse
mgcp package-capability rtp-package
mgcp package-capability sst-package
no mgcp package-capability fxr-package
mgcp package-capability pre-package
no mgcp timer receive-rtcp
mgcp sdp simple
mgcp rtp payload-type g726r16 static
mgcp bind control source-interface FastEthernet0/0.1
mgcp bind media source-interface FastEthernet0/0.1
!
mgcp profile default
!
dial-peer voice 5 pots
 translation-profile incoming SRST
 service mgcpapp
 destination-pattern 9T
 incoming called-number .
 direct-inward-dial
 port 1/0:23
!
call-manager-fallback
 max-conferences 8 gain -6
 transfer-system full-consult
 timeouts interdigit 5
 ip source-address 192.168.118.3 port 2000
 max-ephones 30
 max-dn 60
 alias 1 4300 to 2412
 alias 2 4301 to 2412
 alias 3 4302 to 2412
 translate called 100
!
line con 0
 exec-timeout 0 0
line aux 0
 exec-timeout 0 0
line vty 0 4
 access-class 14 in
 exec-timeout 0 0
 privilege level 15
 login authentication TRAuthList
 transport input ssh
line vty 5 15
 access-class 14 in
 privilege level 15
 login authentication TRAuthList
 transport input ssh
!
ntp clock-period 17180499
ntp peer 192.168.1.1
!
end

Albany_VPN#

 

Am I missing something simple here or does anyone have any idea what I should try nexy?

Thanks,

Brian

FormerMember

Does anyone have any ideas on this?  My head is starting to get sore (from banging it against the wall).

 

Thanks

 

Brian