Problems with inbound or outbound traffic
Hello, i�m running netflow analyzer 6 in 2801 cisco router, and only shows me the inbound or the outbound traffic of any itnerface. this is an example. 21023_SM001@DISCO Direcci�n IP del enrutador: 10.21.1.254 Paquetes NetFlow recibidos: 226 NBAR MIB Support: Yes Nombre de la interfaz Estado ENTRADA Tr�fico SALIDA Tr�fico Alertas FastEthernet0/0.1 0% 0.00 0% 10.38 Kbps - Virtual-Access3 4% 10.55 Kbps 0% 0.00
Ifindex
Hi, I'm testing the 6.0 version of NFA for windows.The problem is that NFA shows the name of the primary tunnels (Tunnel100034 lets say) and for the backup tunnel interfaces it shows only IfIndex122 and so on.I don't think it's a SNMP prob because the primary tunnels work - the problem is with the secondary( backup) interfaces? Thank you very much!
Also no outbound traffic
I am running netflow analyzer 6.. and it wont show the outbound traffic from my 2851 cisco router ( IOS 12.4 (3g) ) .. this is the result from my ip cache flow.. show ip cache flow IP packet size distribution (2922758 total packets): 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 .000 .184 .106 .023 .068 .040 .478 .004 .004 .001 .008 .005 .001 .001 .001 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 .000 .000 .002 .009 .054 .000 .000 .000 .000 .000 .000 IP Flow Switching Cache,
Application distribution diagram on 6.1
Hi Support, I am currently using the Netflow Analyzer 5.5. Since there is some features that will be useful for us on the version 6.1, we are now evaluating this new version. When I go to the online demo of the Version 6.1, I found that I can no longer display the application distribution diagram any more. Instead, I can only find the "Protocol distribution diagram" which is not informative enough. Would you please advise how can I display the application distribution diagram again? Is the new version
Source and Destination Tabs
Hello, When I'm inside of an IP Group and I go to the Source and Destination Tabs I see a lot of my IPs but all other IPs are listed under unaccounted. Is there a way to get more info about the unaccounted IPs. We want to have more then the 5 hosts listed and would like to see more info. Thanks, Jeremy
Netflow IP Group Data Correlation
I have an IP group with a single IP address. However, when viewing data in this group I have noticed that it captures traffic flows from other NAT addresses that are physically on the same device as the IP address from the IP group. I'm wondering how this is possible. Does it correlate the traffic since the source MAC address would be the same?
Customize Report emails
First off, I am very impressed with the Netflow Analyzer program. I was wondering if there was a way to customize or add text to the email reports either in the email or PDF versions. Thank you,
Unable to Install
2 Different Machines, 2 different NFA packages. root@ubuntu:~# ./ManageEngine_NetFlowAnalyzer_CentralServer_5410_linux64.bin InstallShield Wizard Initializing InstallShield Wizard... Searching for Java(tm) Virtual Machine... . Preparing Java(tm) Virtual Machine... .................................. ................................... ................................... ................................... ................................... ................................... ...................................
Measure Volume Of Traffic Between two IP Addresses?
Hi I am trying to measure the traffic over a given period between two devices over a specific link. When i try and create a custom report adnd add these two IP`s as Source And Destination and choose the interface in question, i also then get numerous other IP addresess in the list under IN & OUT traffic. Basically all i want to do is measure the traffic from User A to Server B. Any help would be greatful. Cheers, RH
DOS Attack locks up server
About a week ago we encountered a denial of service attack. The attack consisted of 85MB of continous traffic hitting two of our DS3s that we monitor. In doing this, the server went to a stand still and the mysql process was 100% as it was pushing all this data into the fields. The GUI interface stopped responding during this and for some time after the attack. This lead me to a problem of not being able to find what IP Address they were attempting to DOS. We ended up having to call our ISP for them
DOS attack, prevent server from freezing
About a week ago we encountered a denial of service attack. The attack consisted of 85MB of continous traffic hitting two of our DS3s that we monitor. In doing this, the server went to a stand still and the mysql process was 100% as it was pushing all this data into the fields. The GUI interface stopped responding during this and for some time after the attack. This lead me to a problem of not being able to find what IP Address they were attempting to DOS. We ended up having to call our ISP for them
Alerting based on anomalous traffic
We currently have offices connected via a service providers MPLS network, lately we have been seeing anomalous traffic coming into our network. Is there a way to configure Netflow Analyzer to alert me when traffic from an unexpected IP comes into an interface. Under Alert profiles, traffic can be defined based on Port or Application. What I need to be able to do is setup alerting based on traffic from IP's outside a defined list.
Google Map - Multipe Devices of One Location
Maybe I overlook but how can I add muliple devices to one location? I can add the devices one by one with the same location name but it shows only one device when I "on over" the pin of the location. Please let me know. Thanks JC
SNMPv3
Is SNMPv3 support a planned feature?
Can Windows XP Professional SNMP be setup to send to Netflow
I have looked under the supported devices and naturally Windows is not listed. However, I have been playing with alot of the settings on the workstation but cant help but think just because it isnt listed, doesnt mean it isnt supported. Has anyone configured a Windows XP Professional Workstation to send traps to Netflow? Thankyou Kelly R.
no out traffic
Hi, anyone help please.. I install netflow6 to monitor branch office traffic...... branch office several using frame relay and others using MPLS.... I enabled netflow both on serial and fastethernet port... at NFA 6 webclient fast ethernet port give in and out information but the serial only give in information...no out traffic recorded how is it can happenned?? we can aside traffic issue since netflow server can receive in and out traffic record from fast ethernet (NFA 6 web client give perfect
Importing
Hi, have been loking at your product for a while now and so far think it is excellent, I have one question, we are able to get netflow info from our provider as well as our own router, our router is fine because we set it to which ever collecter we install, our provider stores the netflow for us and we can donload them and look at them but we were wondering if there is a way to import them into the database and view them in the analyzer interface? Thanks in advance
No results to display In Conversation for Ip Groups
When i set a custom time interval of to see the last past 5 minutes, I get the "No results to display" under conversation for my custome IP groups. When i do the same for my interface, i do get data returned, which includes IP addresses in my custom IP group. Why is this?
No OUT traffic being reported?
WAN Uplink 19% IN: 1.51 Mbps 0% OUT: 0.00 - Is this something I am missing in the software configuration, or is this a problem in the router that is sending Netflow data?
Service Pack for 6.1
Hello, I'm looking forward to some of the fixes in 6.1 and I'm wondering if there is an ETA for the service pack to upgrade from 6.0 (6001) to 6.1? Thanks, Jeremy
Google Maps
Is there any way of stopping the Google Map View option from being displayed on particular users? Is there a way of stopping it displaying for all users? I do not wish it to be used by anyone.
Cannot telnet to Netflow port
I've installed the NetFlow Analyzer and configured the router to export netflow traffic. But i don't see any interface in the NFA dashboard, then we try to telnet from the router to NFA using the 9996 (as configured in NFA) but fail, and then I try telnet from the NFA itself but also fail. I've disabled the Windows Firewall (running on WinXP Pro) on the NFA, but still don't work, I can access the NFA web interface via another computer (port 8080). Why i can telnet to the netflow port? is it normal?
in/out traffic
question about in/out traffic... i put ip route-cache flow on the vlan interface...that vlan interface has incoming and outgoing traffic...why does the netflow analyzer put traffic only on the in traffic?...does the NFA know the different b/w in and out traffic? thanks
Ligne commande sur le routeur
Bonjour, Je n'ai pas de r�sultat dans netflow. Je pense qu'il faut mettre une ligne de commande dans le routeur. Mais laquel ? Merci
TCP_App shown for FTP traffic
We have some passive ftp transfers and they are being resolved as TCP_App, we believe that this is due to the port not being shown as 20. Is this happening at the netflow analyzer end or the information received from the router? Regards Mark
NFA and temp files on /tmp
Hello Guys, Seems NFA is creating and NOT deleting a lot of files on my /tmp. I'm seeing a LOT of myChart*png files and sometimes somes pieChart*png and *pdf as well. [root@correio tmp]# ls *png myChart11930548412137858.png myChart11931234928818037.png myChart11931738497088252.png myChart11932266930178510.png myChart11930548826777859.png myChart11931237981998038.png myChart11931741556398263.png myChart11932269971028511.png myChart11930550120877860.png myChart11931241021188039.png myChart11931744620768274.png
NAT & Source/Destination IP
Testing and successfully configured NetFlow Analyzer to collect NetFlow and NBAR from our 2611XM. My goal is to get in depth info re internet traffic of LAN IPs <-> internet source/destinations. However, because of NAT on our PIX 515e, packets show only our public IPs, which in the case of workstations is a single [gobal outside] IP address, making the accounting useless for my goal. I was hoping that by monitoring both the outside interface and inside interface, we would be able to see the full
No results to display for IP Groups
I'm in All Devices and select I my router and view Conversations, then I set a custom time selection for the past 5 minutes. I see conversations. But when i click my IP Group with the same time parameters i get the No Results to Display error even though i see the results from the All Device's Conversation.
isServerAlreadyRunning
Hi, We have NA 6 installed. I configured https access, but serverout0.txt is full of this error messages: [05:08:46:384]|[10-26-2007]|[SYSOUT]|[INFO]|[24]|: isServerAlreadyRunning false while testing http://localhost:8443| Where can I change this setting? regards
Bandwidth speed/utilization clculation
Hi, I'm just wondering how the bandwidth speed/utilization values are calculated by NetFlow Analyzer? Any comments on that? Thanks and regards, Stephan
Professional Edition 6.1 General Release - Available now !
We are glad to announce the immediate availability of NetFlow Analyzer 6.1 (build 6100) NetFlow Analyzer 6.1 (Build 6100) includes the following: Major Features 1. Network Snapshot View brought in 2. Global Comparison Report feature added 3. QoS reporting brought in 4. Alerting for IP group added Minor Features 1. DSCP Group brought in 2. Distribution Graph for Conversation added 3. Support for mail in HTML format Bug Fixes 1. Issue in average calculation and monthly report drilldown to 1 min code
netflow 6 not show last week, month, also application
i upgrade from netflow 5 to 6, and the data for last week , month , year not show and also data for application, source, destination not show too
Extreme x450 xos - only showing data in
Hi, I have an Extreme x450 running sflow and NFA 6 Unfortunatley it is only showing data in on all interfaces. Can you tell me how to configure to see both data in and out ? Thanks
netflow export on catalysts
Hello Guys, I have exported netflow, so far, only from cisco routers. But I know cisco switches (catalyst) are also capable of exporting netflow. I would like you to help me with some primary questions on that. 1) are ALL cisco switches capable of exporting netflow, including the old ones ? 2) if not all switches are compatible with netflow, can you point me starting in which models i can have netflow ? 3) i know cisco switches have a command-line configuration system very similar to routers. Do
RE:Installation Steps
Dear Sir, iam using 24 port Switch, i want to view my bandwidth usage, so i downloaded trial version of netflow but i cant able to load my network, so kindly guide me proper product for monitoring and installation Steps Note; Presently iam using netflow analyser 6001 ,isit correct plz guide me, thanks in advance. regards Narayana Moorthy.V Deployment Engineer Chennai. Mail id: devstudio.2007@yahoo.co.in.
Net Flow 6
I am just getting started with Net Flow 6 and want to set it up with my Cisco 2811 router. Will it work with 2811 and if so, how do I do this on the router. Our traffic is slow on our PTP Multilink T1's. Cpu usage is never pegged nor is the memory usage. Thanks, Jay
Percentages Over 100%
After the upgrade for build 4010. I get info like this: Traffic IN 373.85 MB 255,10% 20,93% 86,54% Traffic OUT 69.63 MB 73,81% 6,82% 16,12% Traffic In = 255,10%. This is happening on several interfaces, and this problem did not exist before the upgrade.
Database Structure for NetFlow
Can anyone give me the specifics on the database stucture ? I do know that MetaTable table has the lookup information of the tables that are out there. What is the Srclf_1H - are these average hourly data ? I am really looking for 5 minute samples. Are the samples taken on NetFlow average or snapshot ?
DNS Lookup hosts file list
Where can I edit the list of name servers so that netflow will resolve all IP addresses across our network. At the moment I get some gaps but when I run nslookup it resolves. Thanks
NO LISTEN 9996
I just installed NetFlow Analyzer on Red Hat EL4, but no listen 9996 port
Next Page