Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

How to configure NetFlow on Meraki devices

Owned by Customer Success & Engineering (Unlicensed)
Last updated: Apr 10, 2023
2 min read

Overview

Obtain complete visibility into your network traffic and bandwidth performance in real-time. Identify traffic peaks, top applications, and conversations using different flow technologies so that you can analyze what and by whom your bandwidth is being used.

For NetFlow analysis, you need to configure your devices to export flows to Seceon CCE Device, which is the NetFlow collector. The CCE Device will be listening to the particular port to receive flows.

Note: Use Port 6343 for SFlow, 9995 for NetFlow or flow

We configure NetFlow from the devices and push the Network traffic to our APE via CCE.

Prerequisite

Meraki supports NetFlow v9

  • The date, time, and time zone are correctly set on the device.

  • You have administration access to the Meraki dashboard.

  • The IP address of your Seceon collector is known

Steps Of Configuration

  1. Log into the Meraki admin console.

  2. Navigate to Network-wide > Configure > General.

  3. Search for the Reporting header.

  4. Set NetFlow traffic Reporting to Enabled: send netflow traffic statistics.

  5. For the NetFlow collector IP, enter your Seceon Collector IP.

  6. For the NetFlow collector port, select one of the following ports: Use Port 6343 for SFlow, 9995 for NetFlow, or flow

  7. Click Save.

Verification

Using UI

STEP 1: Log in to UI >> SYSTEM

STEP 2: Logs and flows collection status

STEP 3: To verify the source device IP from the UI:

  • Log in to the user interface

  • Navigate to the "SYSTEM" section

  • Look for the "SOURCE DEVICE IP"

  • Check the IP address that is displayed

  • Compare the IP address displayed against the expected source device IP

This will allow you to ensure that the system is properly identifying the source device IP and that it matches the expected IP address..

Verification Through CCE server (Login to CCE Server and run the following command)

Below command should be run on the CCE server to check whether we are getting logs or not d

“sudo tcpdump -i any port (6343 or 9995) and host <IP address of switch>”

Add label

Seceon Inc. All rights reserved. https://www.seceon.com