Solved

Configure Cisco 2621 for netflow

Posted on 2008-10-14
15
1,320 Views
Last Modified: 2008-10-15
I just got an old Cisco 2621 Routers to get neflow traffic to my SolarWinds Orion Server with Netflow.  Here is the current config. Could someone give me some help in configuring it for Netflow. I will place it in between a C3560 switch and a PIX501.

Router#write t
Building configuration...

Current configuration : 586 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
ip classless
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
0
Comment
Question by:Bill Warren
  • 8
  • 7
15 Comments
 

Author Comment

by:Bill Warren
ID: 22715907
one problem that I have run into is that I am trying to set interface FastEthernet 0/0 to IP 10.10.10.230 and interface FastEthernet 0/1 to 10.10.10.231. I'm okay with the fist interface but when I try to set the ip for interface FastEthernet 0/1 to 10.10.10.231 I get

rtr-afshb1(config-if)#ip address 10.10.10.231 255.255.255.0
% 10.10.10.0 overlaps with FastEthernet0/0

So I'm guessing that you cannot have both interfaces on the same subnet. However I just want this as a passthrough from my switch to the pix which are both on the same subnet. where to go from here?
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22717120
router-2621(config)#interface FastEthernet 0/1 (use your int)
router-2621(config-if)#ip route-cache flow (enables netflow in the interfacE)
router-2621(config-if)#exit
router-2621(config)#ip flow-export destination 192.168.9.101 9996 (This is the box running orion)
router-2621(config)#ip flow-export source FastEthernet 0/1 (What address is listed in orion
router-2621(config)#ip flow-export version 5 (optional: sets flow version)
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22717139
Why are you trying to passthrough to the switch? Why even put the router then? It's not possible (as far as I know) to do this without changing an address on either the switch or pix
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Bill Warren
ID: 22721828
The reason is that (for now) I just want to use it for the netflow
0
 

Author Comment

by:Bill Warren
ID: 22723391
So If I set the pix inside IP from 10.10.10.254 to 10.10.9.254 and the connected interface on the 2621 to 10.10.9.230 and the other interface (connected to the 3560 switch) to 10.10.10.230 should all traffic be able to passthrough the 2621 to the pix? I have the 10.10.10.230 interface on the 2621 sending the netflow traffic and I am receiving it on the orion netflow server. So I know that that is working. Now putting it in between the pix and switch is my situation.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22723515
well, what's the address of your inside interface on your pix and what's the address of the interface connect to the pix on your switch?
0
 

Author Comment

by:Bill Warren
ID: 22723535
Currently

Pix inside - 10.10.10.254
3560 - 10.10.10.2
all inside ip's are on the 10.10.10.0 subnet
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22723551
Does the PIX inside need to be 10.10.10.254?
0
 

Author Comment

by:Bill Warren
ID: 22723616
well I believe so... it is the gateway for the LAN. I have not tested it as a different address. But I'm not sure exactly as i am not very knowledgable about routing.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22723642
I personally don't think there is a way without changing an ip address somewhere. say if you changed your inside PIX then you could do the following:

PIX (10.10.9.1) > Router (10.10.9.2) (10.10.10.254) > Switch (10.10.10.2)



But in all seriousness, I may be completly wrong.
0
 

Author Comment

by:Bill Warren
ID: 22723710
so there isn't any further conguration to the 2621 required to pass traffic through the 2621?
0
 
LVL 12

Accepted Solution

by:
jjmartineziii earned 500 total points
ID: 22723746
well besides that, you'd have to enable static routes or a routing protocol which would route between the two subnets.

you could also to the opposite:
PIX (10.10.10.254) > Router (10.10.10.2) (10.10.11.1) > Switch (10.10.11.2)
0
 

Author Comment

by:Bill Warren
ID: 22723855
would I have to change all of the IPs on my lan to 10.10.11.0 as well?
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22723945
yes. If you had dhcp, it should be simple.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 22724656
Let me know if you have any more questions!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question