Cisco Netflow配置开启

 

Netflow配置开启
router:
ip flow-export source lo1
ip flow-export version 5
ip flow-export destination 172.29.8.56 9996
interface g0/0/0
ip flow ingress
ip flow egress
interface g0/0/1
ip flow ingress
ip flow egress

ASA:
flow-export destination DMZ 172.29.12.120 9996
access-list Netflow-Export extended permit ip any any
class-map NETFLOW
match access-list Netflow-Export
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
class NETFLOW
flow-export event-type all destination 172.29.12.120
snmp-server community easnmp
snmp-server enable traps

ASR1002-X
flow exporter NETFLOW-TO-ORION
destination 172.29.12.120
source GigabitEthernet0/0/2
transport udp 9996
export-protocol netflow-v5
!
!
flow monitor NETFLOW-MONITOR
exporter NETFLOW-TO-ORION
cache timeout inactive 10
cache timeout active 5
record netflow ipv4 original-input
!
!
interface GigabitEthernet0/0/2
ip flow monitor NETFLOW-MONITOR input

Cisco N3K
feature sflow
sflow sampling-rate 5000
sflow max-sampled-size 200
sflow counter-poll-interval 100
sflow max-datagram-size 2000
sflow collector-ip 172.16.186.201 vrf default source 172.16.9.9
sflow collector-port 9996
sflow agent-ip 172.16.186.1
sflow data-source interface Ethernet1/1-52
sflow data-source interface port-channel1

 cisco 4506

flow record NETFLOW
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes
collect counter packets
!
!
flow exporter NETFLOW-TO-ORION
destination 172.29.12.120
source Loopback1
transport udp 9996
export-protocol netflow-v5
!
!
flow monitor NETFLOW-MONITOR
description Original Netflow captures
exporter NETFLOW-TO-ORION
cache timeout inactive 10
cache timeout active 5
record NETFLOW
!

interface GigabitEthernet2/2

 

 ip flow monitor NETFLOW-MONITOR input

posted @ 2019-01-04 11:18  Me-lihu  阅读(4)  评论(0编辑  收藏  举报