Real-Time Netflow Analyzer and Cisco ASA 5510 Setup help.

Hi all,

I just downloaded the RTNA and have setup our Cisco ASA 5510 to enable Netflow.

I followed this doc to setup Netflow on the Cisco to point to the IP address of the PC that has the RTNA installed.

https://supportforums.cisco.com/docs/DOC-6114

It's pretty much the same as the one on Solarwind Kb.

http://knowledgebase.solarwinds.com/kb/questions/795/Configuring+Cisco+ASA+devices+for+use+with+Orion+NTA

The Cisco ASA version 8.2(4) btw.

I also enabled the SMTP on the Cisco.

snmp-server host inside 192.168.1.254 community ciscoasa version 2c
snmp-server location US
snmp-server contact Superman
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps syslog

192.168.1.254 = Cisco ASA Internal IP address

BUT,

Every time I tried to add Netflow Device in RTNA, it kept saying "Credentials test failed".

Do I need to use SNMP version 3? SNMP version 2 or 1 won't work with Cisco ASA?

Please advise.

Thank you much for the help.

 

-CP 

Parents
  • I'm able to connect the SNMP now.

    I changed the snmp-server host inside ip address to the computer that has the RTNA installed and now it's working.

    I can see Traffic In and Out data for the outside and inside interface of the ASA.

     

    But I can not click on Start Flow Capture. The error below shows up:

    "Netflow is not detected on the selected interface. Please select another or configure the interface to send Netflow data to the host Netflow Realtime is running on."

    Please advise.

    Thanks!

  • Hi cpangker--

    I checked the support logs for previous cases like this. Have you tried doing a network trace to analyze the SNMP traffic on the node?

     

    M

  • I am running into the same issues with my ASA.  I get the Traffic In and Traffic Out numbers through SNMP polling, but cannot start the Netflow Analyzer.

    I ran a packet capture on the traffic and noticed that the ASA is using Netflow version 9, whereas other Cisco devices are using version 5.  I have no issues running the Analyzer on those devices.

    Is it because the tool is not compatible with version 9 that analyzing the traffic is unavailable?  If so, how soon until a new release is available that can support it? 

  • Netflow V9 will be considered for a future release.

    --HTH

    Steve

  • Apparently support for netflow v9 didn't help. I have the latest RTNA and am having the same problem. According to SW's website RTNA supports version 9. Why do you need SNMP for this to work? Netflow packets are UDP and I can see them making it to my pc.

    rtna.png

Reply Children
No Data