Skip to main content

Cisco ASA 5515x Configuration

This document outlines the steps to configure Motadata NetFlow export on the Cisco ASA 5515x using ASDM. Follow the instructions to set up your flow collector and enable Motadata NetFlow information extraction.

Configuring Flow Collector

  1. In ASDM, navigate to Configuration > Device Management > Logging > MOTADATA_NETFLOW.
  2. Set the following parameters:
    • ObserveOps (formerly known as AIOps) Flow Explorer server IP address
    • ASA interface through which MOTADATA_NETFLOW packets will be exported
    • MOTADATA_NETFLOW listener port (default is 2055)
  3. Select the interface that connects to the server where ObserveOps Flow Explorer is installed.
  4. Set the template packet send frequency and disable syslogs that are redundant after MOTADATA_NETFLOW information extraction.
  5. Configure the template timeout rate to 1 minute and set the delay transmission of flow creation events for short-lived flows to 60 seconds.
  6. Click Apply to write the commands on the ASA.

Configuring MOTADATA_NETFLOW Information Extraction

  1. Go to Firewall > Service Policy Rules in ASDM.
  2. Create a new service policy that should be applied globally.
  3. Define the collector to which the statistics for the traffic will be sent (this was defined initially).
  4. Once the service policy is created, click Apply to write the commands on the ASA.

After completing the configuration, navigate to Menu > Flow Explorer and select Explorer to view the active flow data.