Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1366
  • Last Modified:

Configure Cisco 2621 for netflow

I just got an old Cisco 2621 Routers to get neflow traffic to my SolarWinds Orion Server with Netflow.  Here is the current config. Could someone give me some help in configuring it for Netflow. I will place it in between a C3560 switch and a PIX501.

Router#write t
Building configuration...

Current configuration : 586 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
ip classless
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
0
Bill Warren
Asked:
Bill Warren
  • 8
  • 7
1 Solution
 
Bill WarrenIT ManagerAuthor Commented:
one problem that I have run into is that I am trying to set interface FastEthernet 0/0 to IP 10.10.10.230 and interface FastEthernet 0/1 to 10.10.10.231. I'm okay with the fist interface but when I try to set the ip for interface FastEthernet 0/1 to 10.10.10.231 I get

rtr-afshb1(config-if)#ip address 10.10.10.231 255.255.255.0
% 10.10.10.0 overlaps with FastEthernet0/0

So I'm guessing that you cannot have both interfaces on the same subnet. However I just want this as a passthrough from my switch to the pix which are both on the same subnet. where to go from here?
0
 
jjmartineziiiCommented:
router-2621(config)#interface FastEthernet 0/1 (use your int)
router-2621(config-if)#ip route-cache flow (enables netflow in the interfacE)
router-2621(config-if)#exit
router-2621(config)#ip flow-export destination 192.168.9.101 9996 (This is the box running orion)
router-2621(config)#ip flow-export source FastEthernet 0/1 (What address is listed in orion
router-2621(config)#ip flow-export version 5 (optional: sets flow version)
0
 
jjmartineziiiCommented:
Why are you trying to passthrough to the switch? Why even put the router then? It's not possible (as far as I know) to do this without changing an address on either the switch or pix
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
Bill WarrenIT ManagerAuthor Commented:
The reason is that (for now) I just want to use it for the netflow
0
 
Bill WarrenIT ManagerAuthor Commented:
So If I set the pix inside IP from 10.10.10.254 to 10.10.9.254 and the connected interface on the 2621 to 10.10.9.230 and the other interface (connected to the 3560 switch) to 10.10.10.230 should all traffic be able to passthrough the 2621 to the pix? I have the 10.10.10.230 interface on the 2621 sending the netflow traffic and I am receiving it on the orion netflow server. So I know that that is working. Now putting it in between the pix and switch is my situation.
0
 
jjmartineziiiCommented:
well, what's the address of your inside interface on your pix and what's the address of the interface connect to the pix on your switch?
0
 
Bill WarrenIT ManagerAuthor Commented:
Currently

Pix inside - 10.10.10.254
3560 - 10.10.10.2
all inside ip's are on the 10.10.10.0 subnet
0
 
jjmartineziiiCommented:
Does the PIX inside need to be 10.10.10.254?
0
 
Bill WarrenIT ManagerAuthor Commented:
well I believe so... it is the gateway for the LAN. I have not tested it as a different address. But I'm not sure exactly as i am not very knowledgable about routing.
0
 
jjmartineziiiCommented:
I personally don't think there is a way without changing an ip address somewhere. say if you changed your inside PIX then you could do the following:

PIX (10.10.9.1) > Router (10.10.9.2) (10.10.10.254) > Switch (10.10.10.2)



But in all seriousness, I may be completly wrong.
0
 
Bill WarrenIT ManagerAuthor Commented:
so there isn't any further conguration to the 2621 required to pass traffic through the 2621?
0
 
jjmartineziiiCommented:
well besides that, you'd have to enable static routes or a routing protocol which would route between the two subnets.

you could also to the opposite:
PIX (10.10.10.254) > Router (10.10.10.2) (10.10.11.1) > Switch (10.10.11.2)
0
 
Bill WarrenIT ManagerAuthor Commented:
would I have to change all of the IPs on my lan to 10.10.11.0 as well?
0
 
jjmartineziiiCommented:
yes. If you had dhcp, it should be simple.
0
 
jjmartineziiiCommented:
Let me know if you have any more questions!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now