Cisco :: 2951 - Interfaces Send Netflow Data Despite No Flow Config Under Interface
Aug 17, 2011
Cisco 2951 w/ HWIC-4ESW
IOS 15.0(1)M5
#sh ip flow int
Vlan533
ip flow ingress
ip flow egress
#
The SVI sends the flow data just fine, however I also continue to receive flow data from most other interfaces.
I have attached a screenshot of one of our netflow collectors indicating that many of the interfaces are sending flow data even though not configured to do so. We have two different netflow collectors, from different vendors and both confirm the same interfaces sending flow data.
Normally I wouldn't care and ignore it, however one of them uses a license limit by interface and is a bit problematic.
View 2 Replies
ADVERTISEMENT
Nov 21, 2012
I have a virtualization server with 4 network interfaces and connected it to a SAN. There are few virtual machines which writes data to the SAN.
I want to connect to the SAN with multiple interfaces to speed up the network.
Is it possible to send data on multiple interfaces? How can I configure it?
Computers are connected to san through switch.
SAN: Equallogic PS 4100 E
Switch: Dell Power Connect
Computer: Dell T610
OS: Centos 5
Virtualization: Kvm
NIC: 8
I am not sure about network card brand now.
View 1 Replies
View Related
Nov 29, 2012
I've got an issue with SNMP and netflow tools. They are displaying different data for the same (sub)interfaces.I've got metroethernet link which connects root A (Cisco 7606, 12.2(18)SXF8) and root B (Cisco 2811, 12.3(11)TS). MPLS is configured on the link (behind root B there is no more MPLS). I'm attaching root configurations (I've ommited parts of config).Interfaces are:
Root A - gi2/6.2144
Root B - fa0/1
I've configured SNMP and netflow on both devices. I'm using two SNMP tools (CA Spectrum and eHealth) and two netflow tools (CA NetQoS Reporter Analyzer and Fluke Networks NetFlow Tracker) to collect the data. SNMP tools show the same info for defined (sub)interface.Netflow tools also show the same info for defined (sub)interface. I'm attaching reports from one SNMP tool and one netflow tool for the same time period.
1. Looking at SNMP tool, it can be seen quite amount of that data in both in and out direction.
2. Looking at netflow tool, it can be seen quite amount of that data in out direction, while in direction shows small amount of data.
I'm aware that Cisco has difficulties with SNMP counters on subinterfaces. I'm also aware that MPLS netflow has its own difficulties.Root B netflow configuration is quite simple as it has just 2 interfaces to configure netflow on (Fa0/0 and Fa0/1). So I would guess SNMP and netflow data should match, but they don't. When you look at SNMP tool reports for roots A and B, it can be seen that traffic volume is practically mirrored.
View 3 Replies
View Related
Mar 21, 2013
I have three ASA5505, two firewalls connected to central VPN hub. the central inside network is 192.168.0.0/24,Network A is 192.168.1.0/24,Network B is 192.168.2.0/24,In one of this site (central), I have server with NetFlow collector.,I will collect the traffic information from all ASA at the my one serverCan I configure source IP address (or source interface - inside) for NetFlow packet, originate from ASA? (for example from site A)If it is not possible I think, I can rewrite my access lists and permit udp traffic from outside interface to server IP like this:access-list VPNACL permit udp host <Outside IP site A> host <Inside IP the Server> eq 9996,But I do not understand, what port I must be use in access list on Central site ASA. ,access-list VPNACL_A permit udp host <Inside IP the Server> host <Outside IP site A> eq 9996 ? or, in this place, must be source port in the udp netflow packet?
View 2 Replies
View Related
Jan 2, 2013
I'm attempting to set up a detector that fires when an application is seen. I've set up the flow monitor
2951-HQ#sho flow monitor AppWatch cache
Cache type: Normal
Cache size: 4096
[code]....
I'm runnig c2951-universalk9-mz.SPA.152-3.T2.bin
View 3 Replies
View Related
Jun 13, 2012
I am fairly new to configuring ASA's. I have an ASA 5505 with one outside interface and three inside interfaces (inside1, inside2, and management). I need inside1 and inside2 to be able to talk to eachother but cannot work out how to make this happen. They are both configured to the same security level and the 'Enable traffic between interfaces with same security level' box is ticked. I have also tried adding appropriate NAT and Access rules. The packet tracer suggests the rules are correct for allowing traffic flow between interfaces but obviosly this may not be the case.
View 14 Replies
View Related
Jun 21, 2012
I use 3 interfaces on an ASA 5510. First interface is Lan, Second interface is Outside, Third interface is ADSL The Outside interface is used for VPN L2L and smtp traffic. (Leased line on router managed by ISP)The Adsl interface is used for Http traffic. (Adsl Cisco router) I use this configuration found on another forum subjet for routing.route outside 0.0.0.0 0.0.0.0 x.x.x.x 1route adsl 0.0.0.0 0.0.0.0 y.y.y.y 2 nat (inside) 1 0 0global (outside) 1 interfaceglobal (Adsl) 1 interface static (Adsl,inside) tcp 0.0.0.0 www 0.0.0.0 www netmask 0.0.0.0 The problem is now I have an www intranet server on the VPN remote site. How i can exempt the http traffic to the intranet server routed through Adsl interface?
View 7 Replies
View Related
Dec 27, 2011
configuring my Cisco 2951 router. There are three routed interfaces that I need to configure: one for the internal LAN, the second for another private subnet that connects to a Data Centre and the third for the WAN connection. I have configured the Ge0/0 interface as the LAN interface with the internal network 10.17.0.0/24. I have also configured my WAN interface Ge0/1 for internet connectivity. Now, I need to configure the third interface Ge0/2 that will connect to the Data Centre. This will be a private point to point switched ethernet link. The Data Centre will host a secondary domain controlller. So, I want it to be on the same network as the internal LAN, i.e., 10.17.0.0/24. I want to be able to see all other devices that will be located at the Data Centre just like I would see all devices connected to the internal LAN.The problem I am facing is that Cisco 2951 does not allow me to configure two routed interfaces to be on the same subnet. Is there any way to work around this problem and configure both the internal LAN and the Data Centre private network to be on the same subnet.
View 6 Replies
View Related
Apr 11, 2011
We have just installed our first 2951 router, and were suprised to see in our Netflow collector that Tunnel interfaces appeared even though we did not configure any, I have seen other posts talking about PIM tunnel when using Multicast, but we dont use multicast and the tunnel is GRE questions are, where do these interfaces come from? how do they pick up an IP address? can we shut them down? IOS is 150-1.M4 loopback interface ip address is 172.16.224.238 ( tunnel source) see output from sh int below
Tunnel0 is up, line protocol is up Hardware is Tunnel Interface is unnumbered. Using address of Tunnel1 (172.16.0.1) MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec, reliability 255/255, txload 99/255, rxload 1/255 Encapsulation TUNNEL, loopback not
[Code]......
View 6 Replies
View Related
Aug 23, 2011
how to configure WRT54GC compact Router if the data should be configured to flow from PC1 through Switch to Router and then to PC2 back through Switch in the following configuration?
(PC1) -------------------(SW)--------------------(Router)
HD: 10.14.40.10/16 |
G/W: 10.14.40.1 |
[Code]....
That's, the data flow is PC1 -> SW -> Router -> SW -> PC2. I think that Router has to have both routing of 10.14.40.1 & 10.14.50.1, but how should I configure the router?
View 1 Replies
View Related
Dec 21, 2011
I have configured my 2951 router to send logs to my Kiwi syslog server like below.
#logging 10.20.20.52
But I am not receiving any logs from my router, the same has configured on my asa5520 and its sending logs.
View 3 Replies
View Related
Jan 12, 2013
I am really new to Cisco and having a hard time with my Cisco 2800 series.
I have two sites connected with each other Site A and Site B (Using the same Cisco 2800). Now site A can connect to site B on the Cisco and the internal network, but site B can only see the Cisco and not the internal network of site A. So all the traffic is coming in to site B but can't break out of site B. I have tried everything I can think of but again my knowledge of Cisco is not good at all.
View 11 Replies
View Related
Feb 13, 2012
I have a 1t3/e3 card in a new 2951. When I statred the router, I found no interface corresponding to this module when do "show ip interface brief"
View 3 Replies
View Related
Aug 14, 2011
I have 2 computers in my room which between them i very frequently share files between. Wirelessly they were both connected to my home's router until recently the router was removed, but will be back soon.The problem though, was that with using the router, file sharing between those computers was slow, and with the router gone, I was lost because there was no movement of data between the computers whatsoever, I had no crossover cable, but plenty of regular ethernet cable. Than I remembered something about gigabit lan not needing crossovers(both of the computers being gigabit) and I connected them, and marveled at the new way to share files. And more by the exponential boost in speed(800kb/s to a grand 12mb/s{though I still think that is slow for gigabit.}). Obviously I've overcome a problem, but that's not where this story ends, it comes with another problem. When the router is reconnected to these computers, will the files still transfer through there new found direct connection? or will it attempt to go through the router, only allowing me to get the speeds I want when one of these computers isn't connected to the router?
View 11 Replies
View Related
Jun 18, 2011
We have a controlled setup comprising of a 4402 WLC in our Data Centre and 1242AG LWAPs in our branches.The Wireless works well with a mixture of locally switched (h-reap) and centrally switched WLANs.I have a problem where Android devices don't seem to function as they should.I have been using an Android phone (HTC Desire, currently running 2.3.4 OS, but has been a persistant issue since 2.1) and it connects to my home wireless (and others) fine, but when connecting to the Wireless LAN at the office, it connects fine and gets assigned an IP address, but NO data flows. None, like there is no connection at all. I have just been using it on 3G. I figured it might have just been an issue with the hardware, so didn't bother too much.I have just purchase a new tablet (ASUS Transformer, Currently running 3.1 OS) and this does the same thing.I have tried publishing a new WLAN and have tried all types of encryption and authentication al the way down to open and still, no data flow. I have tried statically setting the IP details and still nothing.Interestingly, When I attended the last Cisco Live conference in Melbourne this year, I had my phone and it displayed the same behaviour on the Cisco supplied wireless, BUT, there was a second IPv6 enabled, when connected to that everything worked fine.
View 2 Replies
View Related
Mar 18, 2012
I would like to run some NetFlow monitoring on a few sub interfaces on a router. This is a 7301, with an NPE-G1.What I want to know is, does Cisco have a page anywhere (because I can't find one) that lists typical additional CPU and memory loads one can expect when enabling NetFlow on an (sub)-interface; perhaps for a given speed (Mbps) and/or number of flows?I don't want to enable NetFlow and then bring the device to a grinding halt, how can I know what sort of overhead to expect?
View 2 Replies
View Related
Dec 4, 2012
Can ASA 5510 be configured as bridge mode and still send Netflow info to a collector?ie have a PIX connect internal network to internet. Because PIX does not support NetFlow, as a temporary solution, we were thinking of putting an ASA 5510 between the PIX and internet gateway, and configure it as a bridge so that there will be no routing issues, and the ASA can still send Netflow info to a collector.
View 2 Replies
View Related
Dec 4, 2012
Can ASA 5510 be configured as bridge mode and still send Netflow info to a collector?We have a PIX connect internal network to internet. Because PIX does not support NetFlow, as a temporary solution, we were thinking of putting an ASA 5510 between the PIX and internet gateway, and configure it as a bridge so that there will be no routing issues, and the ASA can still send Netflow info to a collector.
View 1 Replies
View Related
Aug 8, 2011
I have a cisco router 2951 and this is the message that apear on the console:
ERROR: DDR controller 1 data training time out during initialization! Stop.
What does it mean?
View 3 Replies
View Related
May 17, 2013
How can i enable Netflow for each Vlan Or interface indvidually in Cisco ASA? currently i have setup Netflow and only 2 interfaces are shwoing traffic for Netflow which are not even as my physical or Vlan interfaces . (see screen shot )
EscapeASA# sh interface ip brief
Interface IP-Address OK? Method Status Protocol
Internal-Data0/0 unassigned YES unset up up
[Code].....
View 9 Replies
View Related
Jun 26, 2012
I've configured N7K to export layer 2 flows. Using 2 different flow collectors (open source and commercial), gaps/drops in the reported traffic are observed on a periodic basis.Problem doesn't seems to be with the exporters, hence I wondering if netflow configuration on N7K can be tweaked to address this symptom. Using the 'show exporter' command, no errors/drops are observed. [code]
View 2 Replies
View Related
Feb 14, 2011
I'm trying to gather netflow data over an IPSEC VPN and through my research I've learned that I need to configure Flexible Netflow. However, I have a Cisco 2801 router with the latest ROMMON and IOS and the Flexible Netflow options aren't available.
For instance:
flow exporter dwtmonitor
destination 10.0.16.172
source Loopback0
transport udp 2055
output-features
When I type "flow exporter <name>" it only allows me to enter "flow <name>" and there's no "destination" options or anything else.
ROMMON: 12.4(13r)TIOS: 12.4(25d)
View 2 Replies
View Related
Apr 1, 2013
If I have a PI 1.2 system that has multiple interfaces configured I can upgrade to PI 1.3 and both interfaces remain and I can see both under the admin webpage under appliance interfaces. But if I do a fresh install of PI 1.3 I can only configure one interface. The commands fail from the cli to configure anything but gigabitethernet 0. Are multiple interfaces not supported in PI?
View 2 Replies
View Related
Nov 9, 2012
I am trying to fetch data on netflow analyzer 9 by Cisco router 2911. But netflow is unable to show any data.
cr2911-01#sh runn | sec ip flow
ip flow-cache timeout active 1
ip flow-export version 5
ip flow-export destination 10.1.208.32 9996
[code]...
View 2 Replies
View Related
Jun 13, 2012
How does a device attached to a Cisco IP Phone send data to the switch?a. As tagged (using the voice VLAN)b. As untaggedc. As tagged (using the data VLAN)d. As tagged (using the CoS value)The correct question is A in the book though it said that tagging is switch process PC's doesn't tag frames.
View 4 Replies
View Related
May 8, 2012
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console)server(SERVER B). These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials,after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.Where do you think is the problem?
View 3 Replies
View Related
Dec 1, 2012
Packet Sniffing is mainly used on non-switched networks to display data that was supposed to be sent to nodes other than yourself, allowing you to see information such as usernames and passwords etc.My question is, why can this technology not be used as easily on a switched network? When nodes send data through a switch does it become encrypted?
View 6 Replies
View Related
Aug 19, 2012
I need to know if I can pull Netflow style data (Top Talkers, Top Sessions, etc) from ASA 5505s? We are looking at buying some but I need to be able to export this kind of data to my managment station which is also a collector. I have read on this forum that 8.2 and above should support Netflow but I have read conflicting information.
View 2 Replies
View Related
Apr 18, 2013
I have a an ASA 5520 connected to a Layer 3 (3750) switch (Inside) and a connection to a 2960 switch (Outside) to get to the internet. . I have created vlan interfaces on the 3750 switch and enabled ip routing on the switch to enable the vlans to communicate with each other.
Vlan Interfaces on the switch:
Vlan 100 172.17.1
Vlan 200 172.18.1
Vlan 300 192.168.3.1
I want the devices connected to the 3 vlans to be able to pass through the firewall and get out to the internet.I have connected the ASA to the 3750 by routed interfaces (10.10.10.1) --------- (10.10.10.2) and they are able to ping each other.I have also put a default route on the 3750 sending all traffic from the switch to the ASA inside interface (10.10.10.1)The issue that i am having is that the ASA also connects to a 2960 which has a connection to the Internet, and they are handing off an ethernet connection from the 2960 that sits in VLAN 55 (Vlan 55 is the Internet accessible vlan).How do I configure my ASA to send all traffic from my (3) vlans to the interfaces that connects to the 2960 switch?
View 21 Replies
View Related
May 7, 2012
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console) server (SERVER B).These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials, after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.
View 1 Replies
View Related
Mar 9, 2013
i m not able to send data out of my laptop dell inspiron 15r (2013) using bluetooth but at the same time i m able to receive data instead.
View 1 Replies
View Related
Nov 1, 2012
Having an issue that we have with a CISCO2951/K9. It connects to Internet through the GigabitEthernet0/1 interface. Since a few days ago, the Gi0/1 interface is flapping many times in a day:
100468: Oct 30 12:16:28 CST: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
100469: Oct 30 12:16:29 CST: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to down
100474: Oct 30 12:17:08 CST: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up
[Code]....
View 2 Replies
View Related
Nov 10, 2011
We have a new optical fiber connection from a new ISP (only for Internet) and we found that our Cisco router RV220w won't work with this new connection because is not possible to add the V LAN ID 20 for the WAN traffic, as required by our ISP/connection. Now we would like to know what Cisco routers can support this feature and that can be "similar" to the RV220w or if there is another way to solve this problem and maintain our actual RV220w, because the features on this particular router (apart of the V LAN ID on Wan) are more than enough for us -
We would like to have a “simple” router and with firewall and VPN features as RV220w, because the one that our provider says that works seems to be too much for us Cisco 2951-SEC K9 – We are a small company with a network of around 10 computers and we only need some VPN connections for our sales companies in Europe and workers when traveling (3-5 VPN connections are OK).
View 3 Replies
View Related
