ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

No data in NFA from Cisco Meraki MX or Z1 devices

book

Article ID: 37988

calendar_today

Updated On:

Products

CA Network Flow Analysis (NetQos / NFA)

Issue/Introduction

Problem: 

Cisco Meraki MX and Z1 devices are discovered by NFA, but do not report any NetFlow data.  

 

Cause:

The NetFlow exported by the Cisco Meraki device does not include all of the necessary fields for reporting in NFA.  Below are the required fields for NetFlow data to be displayed in NFA:

1 - IN_BYTES or 85 – IN_PERMANENT_BYTES
4 - PROTOCOL
7 - L4_SRC_PORT
8 - IPV4_SRC_ADDR
10 - INPUT_SNMP
11 - L4_DST_PORT
12 - IPV4_DST_ADDR
14 - OUTPUT_SNMP

 

Analysis of a packet capture shows that the NetFlow template exported by the device is missing the INPUT_SNMP and OUTPUT_SNMP fields:

 

<Please see attached file for image>

template.jpg

Resolution:

As of this date (9-Feb-2016), the Cisco Meraki documentation on NetFlow states:

"Support for exporting an SNMP ingress or egress interface index via NetFlow is available in beta. Please contact Cisco Meraki support if you wish to receive the update."  

 

Additional Information:

https://documentation.meraki.com/MX-Z/Monitoring_and_Reporting/NetFlow_Overview

TEC597610

Environment

Release: RAIB1H99000-9.3-Network Flow Analysis-Interface Bundle-Hardware
Component:

Attachments

1558723788560000037988_sktwi1f5rjvs16x06.jpeg get_app
Powered by Wolken Software