User guide
ManageEngine Firewall Analyzer :: User Guide
222
Zoho Corp.
(config-pmap-c)# flow-export event-type all destination <Firewall
Analyzer Server IP>
•
Option 2
If you wish to create a new policy map named netflow-export-policy
and make this as your global policy follow the below steps:
(config)# policy-map netflow-export-policy
(config-pmap)# class netflow-export-class
(config-pmap-c)# flow-export event-type any destination <Firewall
Analyzer Server IP>
if the above command fails use the one below:
(config-pmap-c)# flow-export event-type all destination <Firewall
Analyzer Server IP>
Make policy map netflow-export-policy as your global policy:
(config)# service-policy netflow-export-policy global
For UI mode configuration using ASDM access, refer the Cisco forum topic:
https://supportforums.cisco.com/docs/DOC-6114
To disable NetFlow on Cisco ASA/ADM execute the following commands:
(config)# flow-export disable
(config)# no flow-export destination inside <Firewall Analyzer Server IP>
1514
To disable NetFlow on Cisco ASA/ADM using ASDM
• Click on Configuration > Firewall
• Click on Service Policy Rules. Look for the policy indicating netflow export
• Check the IP address if the flow is pointing to the machine where you want to
forward syslog.
• If so, delete it and write the configuration in to memory (Save it).
Configure/Enable SNMP Protocol for Cisco ASA Firewall device
Using CLI Console:
To enable the SNMP Manager running in Firewall Analyzer to make queries to SNMP
Agent running in the firewall:
configure terminal
snmp-server enable
snmp-server host <interface name> <hostname | IP address of Firewall Analyzer>
[poll]
Example:
configure terminal
snmp-server enable
snmp-server host inside 192.168.101.155 poll