designetwork(EN)

IT technical memo of networking

opFlow does NOT support Cisco ASA NetFlow(NSEL)

Network traffic visualize Network traffic visualize-Opmantek

I'll try to evaluate the NetFlow of opFlow with Cisco ASA, since Opmantek opFlow was installed in this entry.
opFlow:NetFlow Analyzer and Collector

How to configure Cisco ASA's NetFlow is discribed in this entry.
The point of change is UDP Port number, From 2055 to 12345, adjust to Flowd default.

opFlow CANNOT collect ASA FlowRecord

The trouble occurs after starting test of opFlow.
None is displayed although Flow Record is sent...
There are no problems with checking NetFlow packets by tcpdump, NMIS opFlow settings are certain...

NetFlow of Cisco ASA is difference from NetFlow v9

I found the document that NetFlow of ASA is difference from originally NetFlow Version 9.

NSEL:NetFlow Secure Event Logging
It is made from NetFlow v9 but it seems to have stateful mechanism.
I think the difference is came from that ASA is Firewall.

Support Discussion in Opmantek Community

There are discussions of this in Opmantek Community.

Unfortunately, now opFlow does NOT support NSEL (ASA's NetFlow)...

Next Step

I'm going to generate FlowRecord with Cisco CSR1000V.

daichi703n

follow us in feedly
Write a comment

This Blog is English Version of my JP's.

Sorry if my English sentences are incorrect.

designetwork