Good day,
I am very new to Netflow, so you will have to forgive my "entry-level" questions. I have setup Netflow v5 on my Cisco 1811 Router and the associated sensor on my trial install of PRTG v13.1.2.1462. This router is the "hub" of a VPN network comprising of several remote offices, each with a Cisco firewall creating a VPN tunnel over the internet and back to my 1811. This router's "FastEthernet0" interface is facing the internet with a publicly accessable IP address. Interface "Vlan1" is the virtual interface to the local LAN with an RFC1918 private address, with the physical interface connected to the local LAN being "FastEthernet2".
I would like to monitor incoming and outgoing traffic and be able to distinguish the traffic into it's various types (ie: http, smtp, rdp, etc). I would also like to be able to see the source and destination IP addresses of both incoming and outgoing traffic. This ability would be an incredible tool for me to be able to pinpoint frequent slow-downs in our system access for our remote locations.
Currently I can see traffic in and out, but no IP address info. I know there are filtering rules I can apply, but won't that just remove all but the filtered data? I would like to be able to see all the traffic, but broken out into its various data types as well as source and destination IP, etc.
Is this possible, and if so, can you provide details info on how to accomplish it - as I stated earlier I am very new to the netflow world!
Thanks so much for any help/guidance you can provide!
- Joe
Add comment