What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

ASA Netflow 9 not populating data

Votes:

0

I have a cisco ASA configured to export flow data to the PRTG server every 10 seconds. I have the port open on the server and I can see the flow data coming in to the server in wireshark. I have the ASA setup in PRTG with a Netflow 9 sensor configured to listen on the correct port and Ip. I have been waiting 4 hours and no flow data. what should I check to verify this is configured correctly?

asa netflow-v9 prtg

Created on Nov 7, 2012 7:51:23 PM



10 Replies

Votes:

0

Hi, please use the our Netflow 9 Tester to check whether flow data is sent correctly to the PRTG Server.
What are the results?
Best regards

Created on Nov 7, 2012 8:58:16 PM by Konstantin Wolff [Paessler Support]

Last change on Nov 7, 2012 8:58:31 PM by Konstantin Wolff [Paessler Support]



Votes:

0

I'm having the same issue.. Netflow 9 Tester shows NetFlow traffic/templates are being accepted but PRTG says there's no new data. We recently made a code change from 8.4(2) to 8.4(5).. after the reboot, PRTG stated it was no longer receiving data.

Any help you could send along would be great...

Thanks!

Created on Feb 27, 2013 10:39:19 AM



Votes:

0

Apparently Cisco has dropped support for the "'Traffic Volume" data field in the NetFlow data sets with one of the last update 8.4 Updates of the ASA Firmware.

We will need to update our own ASAs in order to analyze the new format and then adapt PRTG to it. If everything runs smoothly we should have a solution within the next couple of weeks.

Currently I can't offer you any other solution from our side, sorry. But we also had a customer reporting, that actually with the ASA being on Firmware version 9.1.(1), the Netflow 9 Sensor was working fine.

So, if it is possible for you, you could try the update on your ASA. I know, that's not necessarily something one does every day, just wanted to let you know, and ask to please send us a follow up, should you perform the update.

Created on Feb 27, 2013 10:49:05 AM by Torsten Lindner [Paessler Support]



Votes:

0

Thanks much! Appreciate the quick response. At this time, an adhoc move to 9.x code on our ASA's probably won't happen without thorough testing. Lotsa changes between 8 and 9 code..

Again.. thanks for the quick response. We'll most likely head back to 8.4(2) until there's a fix in PRTG.

Cheers! Bob

Created on Feb 27, 2013 3:27:40 PM



Votes:

0

Since updating 3 of our to ASA's to 9.1, PRTG has stopped receiving traffic. No changes made to any of the device probes. I have downloaded the NetFlow 9 Tester and (upon stopping the PRTG services) NF9 packets are received from all 3 device IPs, all listed as active. The decoded flows are ID's 260, 263, 265, 266, & 267.

Any thoughts? Thanks~

Created on Sep 19, 2013 8:18:13 AM



Votes:

0

May I ask, which exact version (number) of PRTG you are using?

Created on Sep 19, 2013 2:44:04 PM by Torsten Lindner [Paessler Support]



Votes:

0

v13.3.5

Created on Sep 19, 2013 7:58:45 PM



Votes:

0

Can you please update to 13.3.6? Does it then persist?

Created on Sep 20, 2013 7:15:07 AM by Torsten Lindner [Paessler Support]



Votes:

0

Updated to 13.3.6.3109 and they're flowing again; also tried the ASAs at both 9.1.2 and 9.1.3. Thanks for the help.

Is this a known issue in PRTG <13.3.6 or some other config change on the Cisco ASA implementation?

Thanks again for your help~

Created on Sep 23, 2013 4:52:24 AM



Votes:

0

PRTG Versions before 13.3.6 had problems with the changed Netflow 9 of certain versions of the ASA firmware, but that was improved then with PRTG 13.3.6

Created on Sep 23, 2013 8:55:24 AM by Torsten Lindner [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.