NetFlow - Data is not available

I'm having this same exact issue.  Just started happening today.  Up until today, it has been working without issue.  NTA v4.1

Questions:

1. Was it working before?

If no: Then most likely the configuration or routing issue. To verify if it is something to do with NTA or device, run wireshark on the Orion server and filter it to the IP address for that node, check if your getting any flow data.

If yes: are there any device configuration changes, or access list policy update (in case it is behind a firewall)? same thing, run wireshark to isolate the issue.

2. Do you have other node/interfaces shows netflow data

if yes: then most likely it is some thing on the device configuration or access list.

If no: then there is a chance that it is something on NTA.

- RDP to your Orion server and stop the netflow service (Orion service manager)

- RDP to your NTA FSDB and launch NTA flow configurator and test the connection to your SQL by hitting the test and hit ok to restart the service.

- Once the NTA FSDB is complete, start the netflow service on the Orion server.

3. What is your NTA version, if you are NTA 3.11 and below, step 2 on the No part will not work for you. If you are 4.0 and above, that will work.

*** if you are on 4.0, 4.0.1 or 4.0.3, I suggest you can upgrade your NTA to 4.1 but make sure your NPM is on 11.0.1

hi.

1. Was it working before? A: Yes

I've done a capture with wireshark but got no packets regarding "CFLOW" packets.

2. Do you have other node/interfaces shows netflow data? A: Yes

I have others devices exporting graphics to my server and that is working fine.

I have more then 30 end point exporting graphics working properly, just a few of them are not working.

From the end points I can see the flow being exported to my Orion server. There is a rule allowing this traffic on my firewall.

3. What is your NTA version, if you are NTA 3.11 and below, step 2 on the No part will not work for you. If you are 4.0 and above, that will work.

Orion Platform 2014.2.0, SAM 6.1.1, QoE 1.0, NCM 7.3.1, NPM 11.0, NTA 4.0.3, IVIM 1.10.0

PS: The server was not collecting the CFLOW packets from a certain cisco router so I changed the UDP port to 9555 then changed  to the right port and suddenly it started working again. I have tried to do with the other devices but no luck so far.

ip flow-export source GigabitEthernet0/1

ip flow-export version 5

ip flow-export destination X.X.X.X 2055

1. Was it working before? A: Yes

I've done a capture with wireshark but got no packets regarding "CFLOW" packets.

- if you are not getting any Cflow data then, it is a configuration issue or access list policy (in case over a firewall).

2. Do you have other node/interfaces shows netflow data? A: Yes

I have others devices exporting graphics to my server and that is working fine.

I have more then 30 end point exporting graphics working properly, just a few of them are not working.

From the end points I can see the flow being exported to my Orion server. There is a rule allowing this traffic on my firewall.

- you just need one to work to make sure it is not the NTA application

PS: The server was not collecting the CFLOW packets from a certain cisco router so I changed the UDP port to 9555 then changed  to the right port and suddenly it started working again. I have tried to do with the other devices but no luck so far.

ip flow-export source GigabitEthernet0/1

ip flow-export version 5

ip flow-export destination X.X.X.X 2055

- from your statement, you change the NTA application port from 2055 to 9555? or you change only the port on the config of the device?

you need to make sure that all of your configuration of the devices are set to the same port of the application. Check what port you are using on the NTA and check to those that are working and not working. maybe the ports are not sync.