Config Netflow on Cisco ASA to Send to your Netflow collector:
conf t
access-list ACCESS-LIST-NAME line 1 extended permit ip any any ( capture all IP source/destination for Netflow)
flow-export destination INSIDE 10.2.2.2 2055 (ENTER your IP address to send netflow data and port number. Default netflow port is 2055)
class-map global-class1 (Create a global class name to apply to all interfaces on the ASA)
match access-list ACCESS-LIST-NAME ( The Access-list named above)
policy-map global_policy
class global-class1 (the same global-class1 created above.)
flow-export event-type all destination 10.2.2.2 (To send all netflow events to the Destination IP)
Config SNMP traps on the ASA to send to your SNMP SERVER:
snmp-server host <ASA Interface name> <SNMP SERVER IP> poll community <community string>
snmp-server enable traps
Config SYSLOG on ASA to send to your syslog server:
There are many freeware syslog servers out there to use as your syslog server, ie. kiwi syslog or WhatsUpGold. I like WhatsUpGold better as a syslog server.
logging enable
logging timestamp
logging buffer-size 20000
logging buffered critical
logging trap critical
logging history critical
logging asdm critical
logging host INSIDE <IP address of your Syslog Server>
logging class auth trap informational
No comments:
Post a Comment