Cisco Switching/Routing :: ME3600X Ip Accounting / Net-flow
Jul 26, 2012
Struggling to find any documentation that states both "ip accounting & netflow" are supported on the new ME3600 switches. I have tried both a 12 and 15 release of software. Netflow produces no data what so ever, ip accounting only produces data (of the global network) when configured on my uplink (running MP-BGP network) unable to get specific data for user networks in seperate VRFs. Is this a case of the commands being there but not being supported?
View 0 Replies
ADVERTISEMENT
Nov 8, 2012
How does one find the top user or IP accounting with this ASA5505 v7.22 device?
-With 1841 ISR:
-sh ip accounting
-sh ip flow top
Very lame if they don't have similar commands or capabilities on the ASA series.
View 1 Replies
View Related
Dec 15, 2010
I have a Cisco 2621XM router with two ethernet interfaces that sits before a vendor supplied VPN router. I need to see the IP traffic incoming to my router from the WAN side (fasteth0/1 below). I setup ip cef, and ip flow ingress on the interface. However -- it seems that what I see when I use "ip cache flow" command doesn't have a very long history or life. What commands am I missing so that I can see a summary of the stats over say the last 5, 10 or 15 minutes? Is this the best config that can be used for this, or can I create a more summarized report just using the router HW and IOS? Basic current configuration:version 12.3service timestamps debug uptimeservice timestamps log uptimeservice password-encryption!hostname Littleboy!ip subnet-zeroip cef table event-log size 1024ip cefip cef accounting per-prefix non-recursive prefix-lengthip cef traffic-statistics load-interval 180!ip flow-cache entries 2048ip flow-cache timeout inactive 60!interface FastEthernet0/1 description Littleboy to vpn-wan ip address 10.1.0.1 255.255.255.252 ip flow ingress?
View 5 Replies
View Related
Mar 13, 2013
we are trying to use the SD Card Slot on an Cisco ME3600X (ME-3600X-24FS-M) IOS Version 15.2(4)S2. If i try to copy a file from the sd card slot to the flash there is no Option like "slot0:" or something alse and no syslog message appers while adding the SD Card.
View 5 Replies
View Related
Apr 16, 2012
I'm looking for a 24-port SFP switch. Each of the two switches in the subject meets that requirement. If I went with the ME switch over the 3750 (at about half the cost), what features/functionality if any, would I be giving up?
View 5 Replies
View Related
Oct 30, 2012
I have 2 ME3600Xs and utilize Broadcast and Multicast storm control on client facing interfaces. One of my ME3600s is reporting a Multicast storm and that a packet filter action has been applied. The strange thing is that it is showing up on an Admin Down interface that has nothing connected to it. [code]
View 2 Replies
View Related
May 5, 2012
Our customer has a Cisco ME3600X with the IOS me 360x-universalK9-mz.122-52.EY3.They are saying that is not possible to configure the "switchport port-security mac-address sticky" in the interfaces and want to know whether any additional license is needed.As far as I know there isn't any extra license to activate this feature and also I believe the ME3600 switch should have this feature with the universal IOS, isn't that right?
View 1 Replies
View Related
Sep 3, 2012
How to Enable IP Accounting in Cre switch 4000 Running cat OS and Cisc ASA 5510 (8.2 )
View 1 Replies
View Related
Nov 12, 2012
Trying to configure netflow on a 3750-X. I'm sort of copying my config from a router but, it seemd that the commandes below don't work.
Is there different set of commands to configure the source and destination.
ip flow-export source Tunnel0
ip flow-export destination 172.20.X.X 9995
View 1 Replies
View Related
Nov 12, 2012
I met a strange problem after enabling flow-control in 2960s.my enviroment,
- 2 cisco 2960s 24ts-l have been created a stack
- IOS is 12.2(58)se2
- all ports have been enabled flowcontrol receive dersied
via show flowcontrol, I can see each Gigabyte Port have been enabled "flowcontrol receive desired" but, when I do the following tests
- connect equallogic ps4000xv to the port 21, I found the status of port is "input flow-control is off"
- connect one server with Broadcom Gigabyte Network adapter, which has been enable TX ON RX ON, or Auto, the status of the port is still "input flow-control is off"
I guess, the port status should be ""input flow-control is on". Test them with another port, I got the same result. why?
View 12 Replies
View Related
Jan 12, 2013
I am really new to Cisco and having a hard time with my Cisco 2800 series.
I have two sites connected with each other Site A and Site B (Using the same Cisco 2800). Now site A can connect to site B on the Cisco and the internal network, but site B can only see the Cisco and not the internal network of site A. So all the traffic is coming in to site B but can't break out of site B. I have tried everything I can think of but again my knowledge of Cisco is not good at all.
View 11 Replies
View Related
Nov 28, 2012
I want to see net flow data.I have configured this command on the c6500.but I can to see data only below...How can I configration ip cache flow on the C6500? what is the problem?
int gi4/31
ip add x.x.x.x
ip route-cache flow
c6500# show ip cache flow
Displaying software-switched flow entries on the MSFC in Module 5:
[code].....
View 1 Replies
View Related
Nov 21, 2011
I'm receiving multicast traffic (400Mbps) on port 9/38 and sending it out on port gi9/48. I'm trying to achieve that traffic will stay within the card without using the switchfabric,
View 2 Replies
View Related
Jan 19, 2012
Does the Cisco WS-C3560X-24P-S switch supports ip flow export?
View 1 Replies
View Related
Nov 27, 2011
We have a pair of 6509 working in a VSS configuration (IOS 12.2(33)SX5). The 6509s connect to a pair of ASAs (7.2 code) running in an Active/Standby setup. These ASAs in turn connect to routers going to remote sites. I have configured Netflow on the following VLANS,
VLAN 10 - Servers Vlan
VLAN 9 - Transit/ASA VLAN (connects ASAs to 6509s). All traffic originating from any VLAN on the 6509 crosses this VLAN in order to reach remote sites and vice versa
I configured the netflow source VLAN 11 although I am not collecing any netflow from it.Although I have been getting lots of Netflow info, I noticed that netflow for traffic originating from any user VLAN on the 6509s going to any remote site via TRANSIT/ASA VLAN(9) does not get reported, I even tested with 4 GB traffic but no result. Only reverse traffic (i.e. from remote site to user VLAN) is reported as it traverses the Transit VLAN (9).
I read somewhere that egress netflow is not supported in 6500, but isnt traffic originating from a user vlan to a remote site via the transit VLAN (9) considered ingress with respect to the transit VLAN (9)? I would like to know whether bidirectional Netflow is supported on 6500 VLANS. I have mimimum control on routers beyond the ASAs, and since these ASAs run 7.2 code netflow is not supported, and Monitoring this Transit Vlan gives me extremely useful info.
I do get netflow biderectional traffic from the Server Vlan 10, but I think it is correlated by the netflow collector from vlans 9 and 10. [code]
View 9 Replies
View Related
Jul 7, 2012
How to configure traffic flow between computers inside VLANs and a routed port? Here is the setup details:
1. Switch 3750-X
2. VLAN 100 - ( SVI IP address 192.168.100.1 /24)
3. VLAN 200 - ( SVI IP address 192.168.200.1 /24)
4. routed port gi1/0/48 (IP address 192.168.150.1 /24). Note: this port is directly connected to a firewall ASA 5520 port IP 192.168.150.100 /24
Ip routing is enabled on the switch and inter vlan traffic is flowing ok. I can ping the routed port gi1/0/48 from any computer connected in the VLAN 100 or 200. For example computer with IP 192.168.100.25 can ping the routed port 192.168.150.1. Switch can ping firewall port 192.168.150.100 and the 'sh ip route' command shows the network 192.168.150.0 /24 as directly connected network.
any computer in the two VLANs CANNOT ping firewall ASA port 192.168.150.100 Is it because inter VLAN routing does not work with a routed port on L3 switch? I looked up fallback bridging, but it is meant for non IP traffic.The goal is I am trying to set the ASA port as an internet gateway for VLANs.
View 4 Replies
View Related
Jun 21, 2012
I use 3 interfaces on an ASA 5510. First interface is Lan, Second interface is Outside, Third interface is ADSL The Outside interface is used for VPN L2L and smtp traffic. (Leased line on router managed by ISP)The Adsl interface is used for Http traffic. (Adsl Cisco router) I use this configuration found on another forum subjet for routing.route outside 0.0.0.0 0.0.0.0 x.x.x.x 1route adsl 0.0.0.0 0.0.0.0 y.y.y.y 2 nat (inside) 1 0 0global (outside) 1 interfaceglobal (Adsl) 1 interface static (Adsl,inside) tcp 0.0.0.0 www 0.0.0.0 www netmask 0.0.0.0 The problem is now I have an www intranet server on the VPN remote site. How i can exempt the http traffic to the intranet server routed through Adsl interface?
View 7 Replies
View Related
Aug 1, 2011
Do you know if the following Cisco switches ME3600X ME3800X support Netflow? I need to collect data on interfaces and export it to an external Netflow collector installed on a server. In other word, I need to be sure that those switches support the following command (or similar):
ip flow-export destination <IP> ip flow-export source <Interface> ip flow-export version 5 ip flow-cache timeout active 1 ip flow-cache timeout inactive 15 snmp-server ifindex persist !
[Code].....
View 3 Replies
View Related
Feb 28, 2012
I have an Metro network running ISIS to different locations. There are severals vrf's on different VLAN's with separate ISIS routing processes. ISIS is running in L2-Only There are two redundant hub routers (ME3600X) that are placed centrally.Connected to each of the ME3600X is an ISR2951 that connects to the internet and handling backup connections over DMVPN. Over those DMVPN tunnels I run MPLS over GRE and routing with BGP. The leaves are IBGP neighbours, and the central ISRs are route-reflectors. In those routers I redistribute from BGP to ISIS and vice versa. The IBGP has an admin distance of 200 and the ISIS route has 115, so in normal operations the ISIS route is installed in the FIB.
My problem is that when an primary connection goes down, I want the backup route via the DMVPN to be redistributed from BGP in to ISIS, and the traffic to go over the DMVPN instead. But what will happen is that when the ISIS route over the primary connection disapear both my ISR's will compete in advertising the route, and as one of the ISR's is advertising it the other one recives it and since ISIS distance are better it will prefer that one, and the other way around. So my routes are coming and going, and everything is unstable. With just one ISR, it works as it should.I tag the route redistributed in to ISIS, but there is no way to add a incoming distribute list to the interface of the ISR in ISIS, otherwise I might have stopped the route in to the ISR if it was advertised by the other ISR.
Also tried to put the ISR's in different L1 areas in ISIS and redistributed L2 to L1 in the ME3600X with an route-map filtering the routes learned from BGP from the ISR's. That works for failing over, but then I'm stuck on the DMVPN bacause when the primary way comes back again, the L1 learned from the ISR is prefered before the L2 learned from the neighbor over the Metro network.
I was thinking of extending the BGP in to the ME3600X, I could of course use EIGRP with distribute-list's between the ME end the ISR. [code]
View 2 Replies
View Related
Mar 4, 2013
If I choose to authenticate NCS users through Cisco ACS (5.4 in this instance) via TACACS, do I still have the ability to do accounting to track what changes they have made? I'm not getting anything in the TACACS accounting reports and I don't see anywhere to configure TACACS for accounting within NCS gui like I can on a WLC. I know that NCS has an internal audit trail but if a users account is both a local account on NCS as well as an account being authenticated through ACS does the Audit trail on NCS for that local user still contain the information about changes the user made? I ask because it looks like it does but I want to make sure I'm not going mad. Here is my example:
Local account username: NCS_Admin2AD account via TACACS username: NCS_Admin2
Audit trail for the NCS_Admin2 account on NCS looks like changes are being logged to NCS even though the user is logging in with their AD credentials via TACACS.
View 4 Replies
View Related
Oct 23, 2011
what command is required to configure ip accounting on an interface?
I would have thought to what is required is on the interface, turn on Ip accounting i.e.
int gi0/0/0
ip accounting
However, there is no ip accounting command within the interface. We are running version Version 15.1(1)S2.
View 6 Replies
View Related
Mar 19, 2013
it seems there is no option for flexconnect registered AP's to work with external accounting server.I am using zeroshell server to authenticate with the radius server,which works perfectly!but there is no option under flexconnect security group to specify accounting server.is there a way to redierct AP to a local acoouting+authentication radius ?
View 5 Replies
View Related
Sep 12, 2012
I've got an issue with my ACS 5.1 implementation not updating any of the RADIUS or TACACS authz, authc, or acct records. Nothing is showing up, even though i've logged in via TACACS to several devices, and there are numerous wireless devices authenticated and online via RADIUS right now.
View 3 Replies
View Related
Feb 6, 2013
How to configure ACS 5.1 local administrator accounting and where have to check the accounting log . suppose administrator logged in to ACS and created some user or delete users where will see the log , which user have they created or deleted.
View 1 Replies
View Related
Aug 23, 2011
ACE is configured to point accounting to ACS servers but ACS servers are not seeing all the accounting logs. I can only see accounting logs from ACE for watchdog, start and stop.
View 5 Replies
View Related
May 26, 2013
Following best practices on cisco documentations we did set aaa acounting update periodic 5 with 250 switches in the deployment every single switch is geneating and sending 9.990 acct records this is too much the new testing parameterswe are using is aaa acounting update newinfo periodic 15 and this lowered accts by 2/3 (3500) moreover from switch monitoring the most accts records sent by it are related to the trunk-port any suggestion to mitigate this informations storm rather than raising the 15 min period to higher values?are this records generating from the trunk port normal?
View 1 Replies
View Related
Jan 1, 2012
I am working on cisco ACS 5.0, authentication is working fine on netscreen. Can acs be used for authorization and accounting of netscreen devices. if yes, what will be the configurations.
View 1 Replies
View Related
May 14, 2013
I am setting up reports for tacacs accounting on ACS 5.3. However, accounting only seems to work after entering enable mode on the switch. I would like to see all commands, even the enable command when in privlage 1 mode.
View 2 Replies
View Related
Apr 18, 2012
I have installed DCNM 5.2(2c) on windows box to manage Nexus 7K devices.\ have for the time being one device that i have manage and i see often the following text:Discrepancy in device accounting log,Recommended action: clear the accounting log and discover the device. Device details are not available.How can i delete the accounting log and why do i have this message ?
View 4 Replies
View Related
May 26, 2011
is command accounting for Radius supported on ACS 5.2 ? provided vendor's radius implementation supports this capability.
View 1 Replies
View Related
Apr 10, 2013
i changed from ACS 4 to ACS 5.2. Everything works fine but i have authentication failed in the Radius accouting reports every time when users connect through ASA or Juniper into our network. Juniper amd ASA only send accounting informations to ACS. The users are not configured on the ACS, authentication is done via external LDAP. So my question is why do o see authentication error on ACS because Juniper and ASA only send accounting packets ?
View 2 Replies
View Related
Jun 5, 2013
I have a WLAN configured with 802.1x PEAP pointing to an external RADIUS server. It works fine for the most part, but I'm having problem closing accounting sessions in RADIUS. I've found this is related to the client table in the WLC. The user session does not end in RADIUS unless the WLC officially removes the client from the db, which takes 5-6 minutes from what I can see (probably due to the default idle timeout of 300 seconds).
For example:
1. I connect my tablet to the test WLAN. It associates and authenticates successfully and the WLC sends the accounting info to my RADIUS server, opening up a user session. If I turn off the wifi in the tablet, the client entry stays in the WLC client table until it times out. The WLC removes my tablet from the client table after 5-6 minutes, and then the session closes in the accounting table. I can force the session to close much earlier by manually removing the client from the WLC.
2. Same as #1, but this time instead of turning of the wifi in the tablet, I choose to connect to a different WLAN in the WLC. The user session in the accounting DB never closes. If I reconnect back to the original test WLAN with 802.1x, it opens up yet another user session in RADIUS accounting. Now I have a "dead" user session in accounting that is going to be open forever unless I delete it from SQL.
Is this an issue with the end user client not sending the disassociation frame properly, or a config problem with the WLC? How can I make it so that every time a client drops from an AP or moves to a different WLAN, the WLC would immediately send accounting updates to my RADIUS server and close the user session properly?
View 1 Replies
View Related
Sep 3, 2012
Enabling IP Accounting or capture packets in Cisco ASA 5510 ( 8.2 ).
View 2 Replies
View Related
