I've setup our MX80 to send netflow updates to both PRTG and a ELK stack and both never seem to receive a template update from the MX. I grabbed packets at both endpoints and at the MX and do see netflow packets. I started digging deeper with wireshark and the packets are showing the following even after decoding as cflow:
Has anyone successfully setup netflow with an MX running firmware 13+ ?
I haven't tried myself, but this is the general guide for it.
https://documentation.meraki.com/MX/Monitoring_and_Reporting/NetFlow_Overview
Thanks for the reply.
I did look at that. It only really tells you how to turn it on and troubleshoot the flow. The issue I'm having is everything is working and flowing but the packets from the MX are malformed. I read that there is an issue with 13+ firmware with ingress/egress of netflow and may not work with 'some' collectors but having now tried 2 I'm not convinced it isn't just completely broken.
Yes, we can config netflow on MX to monitor traffic on PRTG. 😄
... but in my case the result is wrong parameters or numbers 😞
Meraki Dashboard: Enable netflow, enter PRTG IP (e.g: a.a.a.a) and netflow port (e.g: 2056) .
PRTG: create a sensor with Receive NetFlow Packets on UDP Port is 2056, sender IP is MX's IP, and time out is 5 mins.
If you have PRTG support, you can open a case and post the solution here.
Hope this help.
natuan
No such luck on support. We are running the free version with <100 SNMP sensors. I was just looking for a more versatile way to look at the data other than the defaults in dashboard. I'd like to be able to look at a more granular view than just 'past 2 hours/day/week/month'
Why don't you try going to the 14.x firmware. It is very solid.