Hi,

We deployed netflow analyzer professional plus and configured cisco ASA and AT swicth to send statistics to it.

But I noticed it displays wrong statistics.
Here's example:
There's a session from internal ip address(10.129.33.124) to external IP address(62.141.94.38).
First screenshot(asa_in) show the statistics of internal interface of inbound traffic. As you can see it's 529 MB.
Second screenshot(asa_out) - shows outbound traffic from internal asa interface. As you can see there's no traffic with source ip address 62.141.94.38.

Third screenshot(switch_out) - shows outbound traffic from switch port 1.0.44 on AT switch. As you can see there's a session from 62.141.94.38 and traffic is 386 MB.

Why statistics of Cisco ASA internal interface(as well as outbound) doesnt show this session(from 62.141.94.38 to 10.129.33.124) statistics??

ASA configuration:
flow-export destination inside 10.129.33.22 9996
flow-export template timeout-rate 1
flow-export delay flow-create 60
class-map flow_export_class
 match any
policy-map global_policy
 class flow_export_class
  flow-export event-type all destination 10.129.33.22

AT x600 switch:
sflow agent ip 10.129.33.23
sflow collector ip 10.129.33.22
sflow enable
interface port1.0.44
 switchport
 switchport mode access
 sflow sampling-rate 256
 sflow polling-interval 60