Yes - I made this post sticky so it will show at the top of the forum.
To make it even more confusing it will actually enter the policy cmmand for you THE FIRST TIME you enter the destination command at global config. But after that you are on your own. Or that is what I have noticed after doing it several times.
we had session with our customer Eric, who had problems with exporting NetFlow with ASA 5510 v8.2.(1) - all configuration commands were issued, but ASA exported only template packets without data.
Issue was resolved only after he issued this command:
Despite it produced this output, after that ASA started exporting data packets : INFO: 'flow-export enable' command is deprecated. Converting to flow-export actions under MPF
Has anyone encountered the same problem with ASA 5510 series?
I'm having a problem with flows not being received by orion from our ASA 5520 [8.2(1)]. Orion receives SNMP fine from this same ASA and it's also receiving flows from our 1841 fine. This is what i've got:
DatacenterASA# show run | inc flow
access-list netflow-export extended permit ip any any
flow-export destination Outside x.x.x.x 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
match access-list netflow-export
flow-export event-type all destination x.x.x.x
DatacenterASA# config t
DatacenterASA(config)# flow-export enable
INFO: 'flow-export enable' command is deprecated. Converting to flow-export actions under MPF.Help!*Update*: Fixed my problem. The knowledge base article has the port set to 2055, but orion has it set to by default to 9996. The knowledge base article should be changed to reflect this.
I'll let the writer know.
Thx for the feedback.
Hi I have to questions from this post since Im configuring ASA5550:
1. What should the port set to be for (config)# flow-export destination inside 10.2.2.2 2055?
2055 0r 9996?
2. Also, will this matter if i chose OUTSIDE instead of INSIDE: (config)# flow-export destination inside 10.2.2.2 2055...
since it mentions on the KB that' Replace <interface name> with the interface name that will be used to send exports to Orion NTA. This interface must be on the same side of the ASA as the Orion server.'
Actually Orion defaults to 2055. You can change the port number in NetFlow settings and use multiple ports by adding port numbers separated by a comma. (2055, 9996).