![]() Next – Create a class-map for the flow that matches ACL. ASA(config)# flow-export destination ASA(config)# flow-export delay flow-create 15 ASA(config)# flow-export template timeout-rate 1 Next – Setup the flow export syslog server IP address along with port and rate and delay parameters. ASA(Config)# access-list netflow_export_acl extended permit ip any any So let’s get started here step by Step…!!!Īccess the ASA Firewall CLI (SSH or Console)Įnter privileged mode by typing enable and entering your enable password.įirst of all you need to create an ACL in oder to capture all the IP traffic you are interested in. (config-pmap-c)# flow-export event-type all destination 172.16.10.100 (config-pmap)# class netflow-export-class (config-cmap)# match access-list netflow-export (config)# flow-export destination inside 172.16.10.100 9996 (config)# flow-export template timeout-rate 1 (config)# flow-export delay flow-create 60 Netflow Configuration for ASA- (config)# access-list netflow-export extended permit ip any any As well as define which events are going to get exported and where to export (syslog server address and port details). Just follow the couple of steps as below in this article to achieve your goal.The only difference is that you need to set up a service policy, and access rules that allow the export. Netflow configuration on Cisco ASA Firewall and Router using via CLI is an easy task to perform, not that much different that configuring NetFlow on any other Cisco Router, Switch and Firewall. NetFlow Configuration – ASA, Router and Switch ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |