Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

The NetFlow platform brings useful features such as IP data flow recording. This article explains how to configure this feature on UISP.

Table of Contents-

Introduction

The UISP supports recording IP data flows thanks to the NetFlow protocol. NetFlow versions 5 and 9 are supported. Any router that supports NetFlow data analysis may be used for this, but it is recommended to use the router that is functioning as the gateway from your network to the Internet. The plan is to gradually increment the use of data collected from NetFlow in a whole range of UISP features. It is possible to enable NetFlow on UISP-branded gateway devices (ex. UISP Console, UISP Router) or EdgeRouter devices with one click, in order to provide data for the CRM plugin. 

Configuration

In UISP settings there is a section for UISP Gateways. Those are devices on the edge of a network and therefore well suited for measurement of data throughput. It is preferable to use a UISP-branded gateway device (ex. UISP Console, UISP Router) or Ubiquiti EdgeRouter devices in order to fully utilize UISP capabilities in this regard. To add a Gateway, go to Settings -> Network and press the button "+ Add new gateway". 

After that, a pop up will appear where a specific device has to be selected. Once the selection is made a WAN interface needs to be selected from a list of all interfaces found on that device.

Make sure the "Allow NetFlow" is turned ON in order to enable it.

Verification of configuration

Verification can be done in 2 ways  either on CCE or on UI 

  • VERIFICATION THROUGH UI

1.Open UI >>Systems

2. Dropdown systems and go inside -logs and flows collection status.

3. Under -Source device IP address section the device configured will reflect.

  • Verification Through CCE server

sudo tcpdump -i any host 9995 and host <IP address> -AAA” command should be ran on CCE server to check wheather or not we are getting logs .

  • No labels

Seceon Inc. All rights reserved. https://www.seceon.com