I would like to know if you have any tips on how to configure Cisco routers to monitor them with PRTG.
Created on Feb 4, 2010 3:56:03 PM by
Last change on Jul 11, 2019 8:42:37 AM by
5 Replies
Accepted Answer
This article applies as of PRTG 22
Configuration tips for Cisco routers and PRTG
This article includes several tips and tricks for your Cisco router configuration when you use PRTG with SNMP or Netflow.
SNMP-based monitoring
The following command makes sure that your Cisco router does not change the numbering of the interfaces when they are added or removed:
snmp-server ifindex persist
Setting up NetFlow v5, v9, or IPFIX on Cisco routers for PRTG
With the NetFlow protocol, you can monitor the bandwidth usage of all packets that go through a router. For each flow of data, the router sends a NetFlow packet with connection and bandwidth information to PRTG. In PRTG, you must create a collector that accepts these packets and does the accounting.
The advantage of NetFlow is that the CPU load is very light on the router and on the PRTG core server system. For example, 10,000 active flows create about 7% additional CPU load, and 45,000 active flows account for about 20% additional CPU load. This is much less than a Packet Sniffer sensor requires.
To enable NetFlow, edit your router's setup and save it as the new startup configuration:
- Log in to the router.
- Run the command enable to get admin access.
- Run the command configure.
Enabling NetFlow for each interface
To enable NetFlow for all interfaces, repeat the following command for all of them. Replace FastEthernet 0/1 with the names of the interfaces on your router:
interface FastEthernet 0/1 ip route-cache flow exit
Setting NetFlow options
See the code section below. We recommend that you copy the script, edit it with your IP addresses, and paste it into your router telnet session. When you are done and have tested the new configuration, remember to copy the new configuration to the startup configuration.
copy running-config startup-config
Disabling NetFlow
To stop your router from sending NetFlow packets to a specific address, use the following command:
no ip flow-export destination (address) (port)
To disable NetFlow for a specific interface, use these commands:
interface (interface) (interface number) no ip route-cache flow Exit
Sample NetFlow code
! ! Step 1: Enable NetFlow ! ! Note: For PRTG, you need NetFlow v5 or v9 or IPFIX. ! No other NetFlow versions are currently supported. ! ip flow-export version 5 ! or ! ip flow-export version 9 ! ! Note: We recommend that you use these values for the timeouts: ! ! timeout active value is in minutes ip flow-cache timeout active 5 ! ! timeout inactive value is in seconds ip flow-cache timeout inactive 10 ! ! Step 2: Set the target address for NetFlow packets: ! ! Replace 10.0.0.200 with the IP address of the PRTG core server system ! Replace 9991 with another port number of your choice if desired ! ip flow-export destination 10.0.0.200 9991 ! ! Step 3: Optionally, you can also send all NetFlow packets to one other system: ! ip flow-export destination 10.0.0.201 9991 ! ! Step 4: Create a "NetFlow sensor" in PRTG (7 or later) and enter the port number set above. !
More
Created on Feb 4, 2010 3:58:52 PM by
Last change on Jun 2, 2022 8:02:24 AM by
In case you need to send netflows over ipsec tunnels to the collecting probe, you might need to configure Flexible Netflows. This is described pretty well here:
If you have the condition that you see the flows get generated on the cisco device but do not reach the pingable probe machine (check by wireshark) via an ipsec tunnel, try this.
Also check the netflow version of the Cisco device. Some older firmwares seem to uses v9 by default while newer versions seem to use v5.
I created a device template for Cisco Routers and, with the exception of one of the items below, all of the following items are preconfigured. I have been able to use this on all IOS devices, irrespective of their model number, which was really nice. The device template was created on Version 13.3.7.3114 as 13.3.6.3110 lacked some functionality for creating device templates. This has worked very well with auto discover using a device template.
Ping Sensor: Send multiple ping requests, ping count = 10 Channel: Packet Loss, Enable Limits, Warning Upper = 20 (%) All Interface Sensors: Additional channels, Errors In & Out = True; Connection state handling = Show alarnm when disconnected Channel: Total Traffic, Show in charts = disabled, Show in tables = disabled Channel: Errors In, Enable Limits, Warning Upper = 0.1 Channel: Errors Out, Enable Limits, Warning Upper = 0.1 Uptime Sensor: Channel: System Uptime, Enable Limits, Warning Lower = 86400 (1 day) System Health CPU: Channel: CPU 1, Enable Limits, Warning Upper = 90
EDIT: I forgot to mention that I manually edited the device template file for a couple of tweaks. Nothing that was rocket science, albeit those files get slightly scary when you really start digging throuhg them.
Created on Nov 18, 2013 6:34:18 PM by
Last change on Nov 22, 2013 12:47:45 PM by
The solution mentioned from maengling saved my day.
Here is the code I used
Conf t
flow exporter FlowExporter1
destination <PRTG Server IP>
source gi0/1
transport udp 9991
export-protocol netflow-v9
output-features
flow monitor FlowMonitor1
record netflow ipv4 original-input
exporter FlowExporter1
cache timeout active 5
exit
int gi0/0
ip flow monitor FlowMonitor1 input
int gi0/1
ip flow monitor FlowMonitor1 input
exit
exit
wr mem
Created on Sep 30, 2015 10:32:05 AM by
Last change on Oct 9, 2015 11:28:50 AM by
Have a look here and see if it helps: https://www.nazaudy.com/index.php/12-technology/cisco/34-enable-netflow-v9-in-cisco-switches-with-prtg
Created on May 15, 2019 5:08:14 AM by
Please log in or register to enter your reply.
Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
Add comment