I have PRTG 8.2 installed and trying to collect netflow data from a Sonicwall NSA 2400 running Firmware SonicOS Enhanced 5.8.0.1-31o. I ran the netflow tester and I am seeing packets, but nothing shows up in PRTG.
Article Comments
The Sonicwall is exporting "Netflow version-5" It does have the ability to use either version 5 or 9, and I have tried both. It appeared to export once with version 5 and then stopped. It returned about 5 minutes of flow data and have gotten nothing since then.
Jan, 2011 - Permalink
I'm sure you are aware that only one application can listen on the incoming port, either the Tester or PRTG, so just to check is the Active Flow Timeout in PRTG set higher then it is set in the Sonicwall?
Jan, 2011 - Permalink
I have found an active flow timeout of 9 minutes within a netflow V9 sensor will work well with a Sonicwall 2400 running SonicOS Enhanced 5.8.0.3-40o and set to send periodic updates every 10 seconds.
The default mode of realtime with bulk sends all the data collected which can be several weeks worth of data which the gives you the dropped data message.
I will be updating an NSA 4500 Sonicwall later today and will report back on whether this is suitable for this device as well.
Jul, 2011 - Permalink
Dear Dan,
can you please provide more details? Which version of Netflow is exported by the Sonicwall?
Best Regards.
Jan, 2011 - Permalink