What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Do you have any configuration tips for Cisco routers and PRTG?

Votes:

3

I would like to know if you have any tips on how to configure Cisco routers to monitor them with PRTG.

cisco netflow prtg sflow snmp xflow

Created on Feb 4, 2010 3:56:03 PM by Patrick Hutter [Paessler Support] (7,225) 3 3

Last change on Jul 11, 2019 8:42:37 AM by Maike Guba [Paessler Support] (2,404) 2 1



5 Replies

Accepted Answer

Votes:

5

This article applies as of PRTG 22

Configuration tips for Cisco routers and PRTG

This article includes several tips and tricks for your Cisco router configuration when you use PRTG with SNMP or Netflow.

SNMP-based monitoring

The following command makes sure that your Cisco router does not change the numbering of the interfaces when they are added or removed:

snmp-server ifindex persist

Setting up NetFlow v5, v9, or IPFIX on Cisco routers for PRTG

With the NetFlow protocol, you can monitor the bandwidth usage of all packets that go through a router. For each flow of data, the router sends a NetFlow packet with connection and bandwidth information to PRTG. In PRTG, you must create a collector that accepts these packets and does the accounting.

The advantage of NetFlow is that the CPU load is very light on the router and on the PRTG core server system. For example, 10,000 active flows create about 7% additional CPU load, and 45,000 active flows account for about 20% additional CPU load. This is much less than a Packet Sniffer sensor requires.

To enable NetFlow, edit your router's setup and save it as the new startup configuration:

  • Log in to the router.
  • Run the command enable to get admin access.
  • Run the command configure.

Enabling NetFlow for each interface

To enable NetFlow for all interfaces, repeat the following command for all of them. Replace FastEthernet 0/1 with the names of the interfaces on your router:

interface FastEthernet 0/1
ip route-cache flow
exit

Setting NetFlow options

See the code section below. We recommend that you copy the script, edit it with your IP addresses, and paste it into your router telnet session. When you are done and have tested the new configuration, remember to copy the new configuration to the startup configuration.

copy running-config startup-config

Disabling NetFlow

To stop your router from sending NetFlow packets to a specific address, use the following command:

no ip flow-export destination (address) (port)

To disable NetFlow for a specific interface, use these commands:

interface (interface) (interface number)
no ip route-cache flow
Exit

Sample NetFlow code

!
! Step 1: Enable NetFlow
!
! Note: For PRTG, you need NetFlow v5 or v9 or IPFIX.
!       No other NetFlow versions are currently supported.
!
ip flow-export version 5
! or
! ip flow-export version 9
!
! Note: We recommend that you use these values for the timeouts:
!
! timeout active value is in minutes
ip flow-cache timeout active 5
!
! timeout inactive value is in seconds
ip flow-cache timeout inactive 10 
!
! Step 2: Set the target address for NetFlow packets:
!
! Replace 10.0.0.200 with the IP address of the PRTG core server system
! Replace 9991 with another port number of your choice if desired
!
ip flow-export destination 10.0.0.200 9991
!
! Step 3: Optionally, you can also send all NetFlow packets to one other system:
!
ip flow-export destination 10.0.0.201 9991
!
! Step 4: Create a "NetFlow sensor" in PRTG (7 or later) and enter the port number set above.
!

More

Created on Feb 4, 2010 3:58:52 PM by Patrick Hutter [Paessler Support] (7,225) 3 3

Last change on Jan 3, 2023 9:37:44 AM by Brandy Greger [Paessler Support]



Votes:

2

In case you need to send netflows over ipsec tunnels to the collecting probe, you might need to configure Flexible Netflows. This is described pretty well here:

https://supportforums.cisco.com/community/netpro/network-infrastructure/routing/blog/2011/03/17/exporting-netflow-data-over-ipsec

If you have the condition that you see the flows get generated on the cisco device but do not reach the pingable probe machine (check by wireshark) via an ipsec tunnel, try this.

Also check the netflow version of the Cisco device. Some older firmwares seem to uses v9 by default while newer versions seem to use v5.

Created on Oct 30, 2012 4:04:38 PM



Votes:

0

I created a device template for Cisco Routers and, with the exception of one of the items below, all of the following items are preconfigured. I have been able to use this on all IOS devices, irrespective of their model number, which was really nice. The device template was created on Version 13.3.7.3114 as 13.3.6.3110 lacked some functionality for creating device templates. This has worked very well with auto discover using a device template.

Ping Sensor: Send multiple ping requests, ping count = 10
   Channel: Packet Loss, Enable Limits, Warning Upper = 20 (%)
All Interface Sensors: Additional channels, Errors In & Out = True; Connection state handling = Show alarnm when disconnected
   Channel: Total Traffic, Show in charts = disabled, Show in tables = disabled
   Channel: Errors In, Enable Limits, Warning Upper = 0.1
   Channel: Errors Out, Enable Limits, Warning Upper = 0.1
Uptime Sensor:
   Channel: System Uptime, Enable Limits, Warning Lower = 86400 (1 day)
System Health CPU:
   Channel: CPU 1, Enable Limits, Warning Upper = 90

EDIT: I forgot to mention that I manually edited the device template file for a couple of tweaks. Nothing that was rocket science, albeit those files get slightly scary when you really start digging throuhg them.

Created on Nov 18, 2013 6:34:18 PM

Last change on Nov 22, 2013 12:47:45 PM by Patrick Hutter [Paessler Support] (7,225) 3 3



Votes:

2

The solution mentioned from maengling saved my day. Here is the code I used Conf t flow exporter FlowExporter1 destination <PRTG Server IP> source gi0/1 transport udp 9991 export-protocol netflow-v9 output-features flow monitor FlowMonitor1 record netflow ipv4 original-input exporter FlowExporter1 cache timeout active 5 exit int gi0/0 ip flow monitor FlowMonitor1 input int gi0/1 ip flow monitor FlowMonitor1 input exit exit wr mem

Created on Sep 30, 2015 10:32:05 AM

Last change on Oct 9, 2015 11:28:50 AM by Torsten Lindner [Paessler Support]



Votes:

1

Have a look here and see if it helps: https://www.nazaudy.com/index.php/12-technology/cisco/34-enable-netflow-v9-in-cisco-switches-with-prtg

Created on May 15, 2019 5:08:14 AM




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.