How can I enable NetFlow on my router?

/ Network, Observability / By

To enable NetFlow on your router, you will need to use the command line interface (CLI) to enter the appropriate commands. You will need to specify the type of NetFlow you want to use, the interfaces you want to monitor, and the version of NetFlow you want to use. Once you have enabled NetFlow, you will need to configure the Flow Exporter settings.

Here are some general steps for configuring NetFlow on a Cisco router²³:

  • Enable NetFlow on the router by using the global configuration command: ip flow-export source <interface>. Replace <interface> with the name of the interface that you want to use as the export source.
  • Specify the destination IP address and port number for the NetFlow collector by using the global configuration command: ip flow-export destination <ip-address> <port-number>. Replace <ip-address> and <port-number> with the values for your collector.
  • Specify the version of NetFlow you want to use by using the global configuration command: ip flow-export version <version-number>. Replace <version-number> with 5 or 9 depending on your collector's compatibility.
  • Set the active and inactive timeout values for NetFlow records by using the global configuration commands: ip flow-cache timeout active <minutes> and ip flow-cache timeout inactive <seconds>. Replace <minutes> and <seconds> with the desired values. The recommended values are 1 minute for active and 15 seconds for inactive timeouts².
  • Enable NetFlow on each layer-3 interface you want to monitor by using the interface configuration command: ip flow ingress. Optionally, you can also use ip flow egress to capture outgoing traffic.
  • You can verify your configuration by using the following show commands²:
    • show ip cache flow
    • show ip flow export
    • show ip flow interface
    • show ip flow export template

I hope this helps. If you need more details, please refer to the official Cisco documentation²³.

Source:
(1) How do I configure NetFlow on a Cisco router?. https://www.cybersecurityhq.io/blog/how-do-i-configure-netflow-on-a-cisco-router.
(2) NetFlow Configuration Guide, Cisco IOS Release 15M&T. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/get-start-cfg-nflow.html.
(3) Cisco NetFlow Configuration. https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/netflow/Cisco_NetFlow_Configuration.pdf.
(4) Configure NetFlow – WatchGuard. https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/basicadmin/netflow_configure.html.