2 Replies Latest reply on Dec 15, 2010 11:44 AM by ACDII

    NTA and ASA 8.3

    ACDII

      I am running a trial version of NTA and trying to get data off a Cisco ASA 5510. I have it configured to send to the server, but it is not seeing anything coming from the ASA.  I need to know that this can be done, otherwise we wont purchase it.

        • Re: NTA and ASA 8.3
          Jesquitin

          NTA can successfully accept Netflow data from Cisco ASA 8.2 and higher. Cisco uses Netflow v9 NSEL template.  This sends the information in two parts, Template information and data.  The most common issues are that the devices is not sending one or the other.  The best way to identify which is the issue is by performing a data capture form the Orion server and investigating the packets.  NOTE:  If you already have an existing Global policy then you will just need to add the Netflow policy to it.

           

          access-list netflow-export extended permit ip any any

          flow-export destination inside 172.27.1.9 2055

          flow-export template timeout-rate 1

          flow-export delay flow-create 60

          class-map netflow-export-class 

          match access-list netflow-export 

          policy-map global_policy 

          class netflow-export-class  

          flow-export event-type all destination 172.27.1.9 

          service-policy global_policy global