cancel
Showing results for 
Search instead for 
Did you mean: 
mulala
Level 8

Router outside (ASA)firewall unable to send netflow to solarwinds server

Hi Team,

I have router with public IP address which is outside cisco ASA firewall and its unable to send netflow to solarwinds server with private IP address which is inside the firewall.

I have natted the solarwinds server  IP address which is private to a public IP address .Below are config done on ASA.

access-list out-ili-in extended permit udp 41.204.xxx.0 255.255.254.0 host 172.26.0.xx eq 2055

flow-export destination inside 172.26.0.xx 2055

I have done show flow exporter statistics on router to confirm if netflow   configuration are working

IIKE-INT-RTR#show flow exporter statistics

Flow Exporter NTAexp:

  Packet send statistics (last cleared 1w5d ago):

    Successfully sent:         2834615               (3706395917 bytes)

    Reason not given:          3827857               (3976106528 bytes)

  Client send statistics:

    Client: Flow Monitor NTAmon

      Records added:           125687778

        - sent:                11041105

        - failed to send:      114646673

      Bytes added:             4273384452

        - sent:                375397570

        - failed to send:      3897986882

    Client: Option options application-name

      Records added:           23070111

        - sent:                23070111

      Bytes added:             1914819213

        - sent:                1914819213

    Client: Option options application-attributes

      Records added:           4537904

        - sent:                4537904

ILRIKE-INT-RTR#show flow interface

Interface GigabitEthernet0/0/0

  FNF:  monitor:          NTAmon

        direction:        Input

        traffic(ip):      on

  FNF:  monitor:          NTAmon

        direction:        Output

        traffic(ip):      on

0 Kudos
1 Reply
neomatrix1217
Level 15

Re: Router outside (ASA)firewall unable to send netflow to solarwinds server

Try this using wireshark to verify that port 2055 is coming into the orion server from that IP.

Success Center

0 Kudos