Overview
Obtain complete visibility into your network traffic and bandwidth performance in real-time. Identify traffic peaks, top applications, and conversations using different flow technologies so that you can analyze what and by whom your bandwidth is being used.
For NetFlow analysis, you need to configure your devices to export flows to Seceon CCE Device, which is the NetFlow collector. The CCE Device will be listening to the particular port to receive flows.
Note: Use Port 6343 for SFlow, 9995 for NetFlow or flow
We configure NetFlow from the devices and push the Network traffic to our APE via CCE.
Meraki supports NetFlow v9.
These instructions assume:
The date, time, and time zone are correctly set on the device.
You have administration access to the Meraki dashboard.
The IP address of your Seceon collector is known
Steps Of Configuration
Log into the Meraki admin console.
Navigate to Network-wide > Configure > General.
Search for the Reporting header.
Set NetFlow traffic Reporting to Enabled: send netflow traffic statistics.
For the NetFlow collector IP, enter your Seceon Collector IP.
For the NetFlow collector port, select one of the following ports: Use Port 6343 for SFlow, 9995 for NetFlow, or flow
Click Save.
Verification
Using UI
STEP 1:Log in to UI >> SYSTEM
STEP 2: >> Logs and flows collection status
STEP 3: >>To verify the source device IP from the UI:
Log in to the user interface
Navigate to the "SYSTEM" section
Look for the "SOURCE DEVICE IP"
Check the IP address that is displayed
Compare the IP address displayed against the expected source device IP
This will allow you to ensure that the system is properly identifying the source device IP and that it matches the expected IP address..
Verification Through CCE server (Login to CCE Server and run the following command)
Below command should be run on the CCE server to check whether we are getting logs or not d
“sudo tcpdump -i any port (6343 or 9995) and host <IP address of switch>”
Add label