Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Device Config: Cisco - Flow Forwarding from Catalyst switch 4500

Owned by Customer Success & Engineering
Last updated: Jan 10, 2023
1 min read

Overview

Below is an example of how to modify the configuration to enable NetFlow switching. It also shows how to export the flow statistics for further processing to UDP port9995 on a workstation with the IP address of40.0.0.2. 

Notes

In our example, we are considering "40.0.0.2" is the CCE IP. Users need to change it during implementation. 

Steps Of Configuration

Step 1: Open cli and enter the following command:

Switch# config t

Step 2: Enter configuration commands, one per line. End with CNTL/Z.


Switch(config)# ip route-cache flow


Switch(config)# ip flow-export destination 40.0.0.2 9995



Switch(config)# ip flow-export version 5



Switch(config)# end


Switch# show ip flow export


One can also refer to :https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/nfswitch.html


Verification

Verification can be done either from CCE Server or from UI

Using CCE

Run the command : sudo tcpdump -i any port 9995 and host <IP address> to check if flows are coming on CCE server

Using UI

  • Go on UI >> Systems

  • Go to Logs and Flows collection Status

  • Inside Source device IP the IP will reflect.

Seceon Inc. All rights reserved. https://www.seceon.com