ASA5505 NetFlow(v9) Settings
Setting the NetFlow Export to Cisco ASA5505 that is used for internet connecting in my home.
License Requirement
ASA5505 has the feature of NetFlow by default, though the additional license does NOT required.
Since it is easy for introduce the NetFlow traffic visualize if you have NetFlow Collector.
ASA5505 NetFlow Export Settings
ASA5505 can send FlowRecord to multiple destination (= Flow Collector).
Settings are simple as below.
You should set port number to listening port of collector.
NetFlow's default UDP port is 2055.
Some option of export are exist but minimum settings are below.
flow-export destination management 192.168.1.26 2055
policy-map global_policy
class class-default
flow-export event-type all destination 192.168.1.26
Difference from ASDM
Cisco ASA originally has ASDM(Appliance Security Device Manager).
With Java GUI, You can config most of ASA.
ASDM is comfortable to manage ASA.
I think that merit of using NetFlow is follows.
- Single monitoring many devices
- Able to analyze independent you needs
- Decrease of ASA load
- Web access without Java
Analyze FlowRecord
It seems that to analyze FlowRecord is better to using FlowCollector, but it is able to be checked with WireShark.
In this case, because of FlowRecord is not set, Port Unreachable come back.
NetFlow Collector Settings
I'll set some FlowCollector to collect and analyze FlowRecord.
