Cisco ASA 5505 Configuration Manual page 1638
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Configuring NSEL
Additional Guidelines and Limitations
•
•
Configuring NSEL
This section describes how to configure NSEL, and includes the following topics:
•
•
Using NetFlow
The NetFlow pane lets you enable the transmission of data about a flow of packets. To access this pane,
choose Configuration > Device Management > Logging > NetFlow.
IP address and hostname assignments should be unique throughout the NetFlow configuration.
Note
To use NetFlow, perform the following steps:
Enter the template timeout rate, which is the interval (in minutes) at which template records are sent to
Step 1
all configured collectors. The default value is 30 minutes.
To delay the export of flow-creation events and process a single flow-teardown event instead of a
Step 2
flow-creation event and a flow-teardown event, check the Delay export of flow creation events for
short-lived flows check box, and then enter the number of seconds for the delay in the Delay By field.
Step 3
Specify the collector(s) to which NetFlow packets will be sent. You can configure a maximum of five
collectors. To configure a collector, click Add to display the Add NetFlow Collector dialog box, and
perform the following steps:
a.
b.
c.
To configure more collectors, repeat
Step 4
Step 5
To change collector configuration details, select a collector and click Edit. To remove a configured
collector, select it and click Delete.
Cisco ASA 5500 Series Configuration Guide using ASDM
72-4
If you previously configured flow-export actions using the flow-export enable command, and you
upgrade to a later version, then your configuration will be automatically converted to the new
Modular Policy Framework flow-export event-type command, described under the policy-map
command. For more information, see the Release Notes for the Cisco ASA 5500 Series for Version
8.1(2).
Flow-export actions are not supported in interface-based policies. You can configure flow-export
actions in a class-map only with the match access-list, match any, or class-default commands. You
can only apply flow-export actions in a global service policy.
Using NetFlow, page 72-4
Matching NetFlow Events to Configured Collectors, page 72-5
Choose the interface to which NetFlow packets will be sent from the drop-down list.
Enter the IP address or hostname and the UDP port number in the associated fields.
Click OK.
Chapter 72
Configuring NetFlow Secure Event Logging (NSEL)
Step 2
for each additional collector.
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
