I am hoping to get ntop to help me understand bandwidth in 40 remote
offices connecting to our VPN using Cisco ASA 5505.
I am having trouble understanding exactly how I should configure ntop to
handle netflow data from the ASAs.
The ntop server is at our head office, connected to the core-switching
via one ethernet NIC. It is on the same subnet as our head office ASA
5510s. I have one 5510 at head office, and one in a remote office,
configured to send netflow data to the ntop server ip address
172.16.9.124.
Each remote office has its own subnet, with the ASA 5505 in that subnet
(e.g. Nairobi is 10.6.128.0/24 with ASA at 10.6.128.200)
I have created one Netflow Device in ntop. I configured the Local
Collector UDP port to be 2055. I am not clear whether the Virtual
Network Interface Network Address is a separate IP address for the
Netflow Device, or whether this should be a Network Address (e.g.
172.16.9.0/24), and if it is a network address, should this be the
network in which a device I am sending netflow from is (e.g. one of the
remote office subnets).
Do I need a Netflow Device per probe (i.e. one for each of my ASA 5505
and ASA 5510s)?
I can see that Netflow data is reaching ntop - the statistics under
Plugins > Netflow > Statistics are increasing, including the number of
V9 templates received. However, the Summary > Traffic view for
Netflow-device.2 is not showing any details at all.
Statistics relating to broadcast traffic on the local subnet of the ntop
server are showing up fine under the summary traffic view for eth0.
So I think the ASA side of the configuration is all working correctly,
but I haven't got ntop configured right for netflow. I've read the docs,
but not finding them clear enough for me.
Can anyone give any pointers?
Many thanks,
Duncan
--
Duncan Drury
International Operations Manager
Christian Aid - www.christian-aid.org
T: +44 20 7523 2068
E: [email protected] <mailto:[email protected]>
Skype: caid-ddrury
--
---------
Christian Aid - East Africa Emergency Appeal
Help us respond to the food crisis in east Africa. Donate via our website
http://www.christianaid.org.uk/east-africa-appeal or give £5 by texting AFRICA
to 70800
---------
Save paper, save trees and only print this email if you have to.
---------
Christian Aid is a charity and company limited by guarantee registered in
England and Wales: 35 Lower Marsh, London SE1 7RL. UK registered charity no.
1105851. Company no. 5171525.
Christian Aid also operates in Scotland: Registered Office: 41 George IV
Bridge, Edinburgh, EH1 1EL. Charity no. SC039150
Christian Aid Ireland is a charity and company limited by guarantee registered
in Northern Ireland: Unit 6 Linden House, Beechill Business Park, Belfast, BT8
7QN. Northern Ireland charity no: XR94639. Company no. NI059154.
Christian Aid Ireland is a registered charity and registered company limited by
guarantee: 17 Clanwilliam Terrace, Dublin 2. Republic of Ireland charity no.
CHY 6998. Company no. 426928.
Christian Aid Trading Limited is a company limited by guarantee registered in
England and Wales: 35 Lower Marsh, London SE1 7RL. Company no. 1001742.
---------
This e-mail has been scanned for viruses by Webroot.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
