• Devices are stuck in a RebootRefresh state in the NFA database.
• Flow packets are reaching the Harvester (confirmed in Wireshark), but are not being processed into reports.
• Netflow data is not appearing.

All Supported versions of NFA 

The NFA Harvester places devices in a RebootRefresh state when it detects non-sequential FlowSequence numbers in the incoming Netflow packets. This often occurs due to Sequence Gaps: NFA expects sequence numbers to increment by a specific threshold (default 3000). If the difference exceeds this, the device is flagged.

Explanation on RebootRefresh is available in Why are my routers in a RebootRefresh poll state and what does that mean?

Updating pollstate to 'initialpoll' does not help, device is placed again in 'RebootRefresh'

To fix the sequence gap, follow below:

1. Login to Mysql in the Harvester server as mysql -unetqos -p
2. Provide password when prompted.
3. Change to HarvesterDB and run select * from parameter_descriptions; to find current value set for 'sequenceNumberFudge'
4. Update this value to max FlowSequence observed in Wireshark as

   update parameter_descriptions set defaultvalue='<value from wireshark>' where parameter='sequenceNumberFudge';

5. Restart mysql service in NFA harvester server. 
6. Do SNMP Refresh on the device, verify that flows are processed.