Cisco ASA NetFlow Configuration

Cisco ASA NetFlow Configuration

Hi,

Some new IOS for ASA devices does support a NetFlow feature termed as NetFlow Secure Event Logging (NSEL) and is based on NetFlow version 9. The NetFlow Secure Event Logging available in ASA is based on events triggered on the firewall devices.

ASA NetFlow export is dependent on the version of ASA software running. ASA version 8.2 software supports NetFlow export across all ASA models. The following fields must be included in the ASA configuration to export flow data to the NetFlow Analyzer .

The following commands must be included in your global service policy for NetFlow export to function.

(config)# flow-export destination inside NetFlow Analyzer server IP address 9996
(config)# flow-export template timeout-rate 1
(config)# flow-export delay flow-create 60

(config)# logging flow-export-syslogs disable
(config)#
access-list netflow-export extended permit ip any any


(config)# class-map netflow-export-class
(config-cmap)#
match access-list netflow-export
(config)#policy-map global_policy

(config-pmap)#
class netflow-export-class
(config-pmap-c)#
flow-export event-type all destination NetFlow Analyzer server IP

Thanks
Praveen kumar
NetFlow Analyzer Technical Team
+1 925 965 9435




              New to ADManager Plus?

                New to ADSelfService Plus?