https://supportforums.cisco.com/document/30476/configuring-netflow-asa-asdm
ASDM steps
Device Management > Logging > Netflow
Click Add
Fill in netflow collector server interface and port (usually 2055)
Firewall > Service Policy Rules.
Click Add
Global - applies to all interfaces
Check source and destination IP address (uses ACL)
next
source: any, user: any, destination: any, service: ip, description: netflow
next
Select flow event all, check the send box beside the ip address of the netflow collecter
Finish
Apply
CLI config
access-list global_mpc extended permit ip any any
!
flow-export destination inside 192.168.1.13 2055
!
class-map global_class
match access-list global_mpc
!
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect icmp
class global_class
flow-export event-type all destination 192.168.1.13
No comments:
Post a Comment