This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Create Post
denstjames
Level 9
‎06-13-2018 01:09 PM

NTA netflow on palo alto and silverpeak

I have netflow configured on my cisco devices with no issues but on my palo alto firewalls and my silverpeak wan accelerators I get the message that NetFlow Receiver Service [Poller] detected long flow with duration 90s on <link>Node</link>.

The article with the link points to says:

To resolve this error, the following lines must appear in the Flow Monitor section of the Configuration file for Flow Records on Cisco devices:

cache timeout inact 10

cache timeout act 5

I look on my palo alto firewall and the active timeout is set to 5 (there is no field for inactive timeout). Anyone else out there with a palo alto or silverpeak that uses NTA having the same issue?

Labels (1)
Labels
0 Kudos
Reply
6 Replies
derik.pfeffer
Level 12
‎08-22-2019 11:34 AM

denstjames​,

Did you ever get the Silverpeak devices to show up with flow information in NTA? If so, what did you need to change on the Silverpeak configuration to make this successful?

Best Regards,

Derik Pfeffer

Loop1

0 Kudos
Reply
derik.pfeffer
Level 12
In response to derik.pfeffer
‎09-13-2019 10:03 AM

All,

We found that we needed to monitor different Interfaces for SilverPeaks than expected. We also changed the timeouts. Once this was done we could see flows from the SilverPeak devices.

Best Regards,

Derik Pfeffer

Loop1

0 Kudos
Reply
saw10
Level 12
In response to derik.pfeffer
‎09-05-2019 04:36 PM

This is how we have our SilverPeaks configed for flow

SilverPeak Flow.PNG

For our environment the flow "comes from" the sp_lan interface.  Make sure you are monitoring that interface.

Reply
dramsey1
Level 8
In response to saw10
‎11-22-2019 01:30 AM

We found we can get data on LAN or WAN, but those interfaces have to be check for resource monitoring before NTA will collect on them.
pastedImage_0.png

In this case Netflow was turned on for the Silverpeak, but sp_wan and sp_lan was not checked, so nothing collected.

0 Kudos
Reply
chayden18
Level 10
In response to saw10
‎10-23-2019 07:40 AM

Just to add to this... on the SolarWinds side you will get 2 options of netflow interfaces: sp lan and sp wan. For our config, and most others I'm assuming as well, the sp_lan is the internal interfaces combined into 1 logical, and the sp_wan is the external interface (since we only have one on each silver peak, I can't confirm this to be a sum of all of them but would assume it's the same.)

0 Kudos
Reply
ferrashoo
Level 12
‎06-19-2019 08:41 AM

Any update for Silverpeak from the community?

Reply

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
© 2021 SolarWinds Worldwide, LLC. All Rights Reserved.