Netflow via IPSec using Filter

Netflow via IPSec using Filter

Hi,
I have a router which is connected via an IPSec tunnel towards our network.
For that reason I have to use the "output-features" of flexible network. Otherwise the Netflow packets are unencrypted and they won't reach the collector.

flow exporter FlowExporter1

 destination  10.66.66.1

 source FastEthernet0

 output-features

 transport udp 9996

!

flow monitor FlowMonitor1

 record netflow ipv4 original-output

 exporter FlowExporter1

 cache timeout active 60



Furthermore I want to filter the traffic  reported to the collector. Usually I do this with an Policy-Map. But in this case I have to use the normal netflow export function which doesn't offer the ouptut feature.

flow-sampler-map FLOW-FILTER

 mode random one-out-of 1

 

class-map match-all C-FL-FILTER

 match access-group name FL_FILTER

 

ip access-list extended FL_FILTER

 deny   ip host 1.1.1.120 any

 deny   ip any host 1.1.1.120

 permit ip any any

 

policy-map P-FL-FILTER

 class C-FL-FILTER

   netflow-sampler FLOW-FILTER


ip flow-export version 9

ip flow-export interface-names

ip flow-export destination 10.66.66.1 9996

Has anyone an idea hwo to combine both ?



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products