Looks like the reason is as shown for NFA Enterprise. I'm having to
change run.bat and wrapper.conf. Now I've got to redo the
certificate I believe to match the hostname or provide the parameter to
tell Java to ignore it.
↧
Re : SSL: Self-Signed Certificate problems...
↧
Apply license for opmanager netflow plugin
I want to apply the license for my trial version Netflow plugin, but
when I navigate to the 'License Management' page under
'Admin'. There is no option for me to Apply license. Please
advise. Thank.
↧
↧
License OPmanager netflow plugin
I currently using a trial version of netflow plugin, but our Opmanager
license includes 10 netflow analyzer lic. When I go to 'License
Management' under 'Admin' tab, there is no option for
applying license. Can you please advise? Thanks.
↧
Re : SSL: Self-Signed Certificate problems...
Hi,
Yes, you are right. Follow the same document and Let us know if
issue persists, send an e-mail to nfs@manageengine.com, we will assist you.
Regards,
Senthil.N
↧
Re : Apply license for opmanager netflow plugin
Hi,
Thank you for visiting our forums. As you are using netflow plug-in
for Opmanager, Netflow plugin should be included with Opmanager
License. You need to reapply the Opmanager License in Opmanager User
Interface.
E-mail us to nfs@manageengine.com with your license file, if it is
for NetFlow analyzer standalone edition, we will provide you a
consolidated license.
Regards,
Senthil.N
↧
↧
Re : License OPmanager netflow plugin
Hi,
Thank you for visiting our forums. As
you are using netflow plug-in for Opmanager, Netflow plugin should
be included with Opmanager License. You need to reapply the
Opmanager License in Opmanager User Interface.
Please follow the below steps and
update us the status.
- Restart the Opmanager service.
- Download the license file to your desktop.
- Apply the downloaded license in the Opmanager UI.
- In Opmanager Admin, navigate to NetFlow settings and click sync NetFlow.
- Wait for it to complete and check the issue.
Regards,
Senthil.N
↧
Re : SSL: Self-Signed Certificate problems...
Well to update here's what I did if it helps anyone.
1. wrapper.conf has to be configured as shown in the forum post in
the "On Collector Side" section However what is shown in the
article didn't work right for me. I had to either use one the
full path name.
This is what's shown and didn't work. I got errors in
the log file saying couldn't find the keystore
wrapper.java.additional.18=-Djavax.net.ssl.trustStore=
../conf/silvertip.keystore
This worked
wrapper.java.additional.18=-Djavax.net.ssl.trustStore=E:/ManageEngine/NetFlow/conf/silvertip.keystore
2. If your certificate is for a DNS name that does not match your
hostname Java will complain and give errors as I listed above. To
solve this I created a certificate again this time with a CN matching
the hostname and with alternative names for the DNS names I wanted to
go to the site with. In this case NFA.
↧
Re : SSL: Self-Signed Certificate problems...
Can you confirm that as the article mentions that in the run.bat file
(not sure what this does) that the keystore should use backslashes on
Windows? That article shows yes but I don't understand why it
doesn't use forward slashes for Java just like wrapper.conf
↧
Re : SSL: Self-Signed Certificate problems...
Hi ,
Thank you for your update. Regarding the run.bat file, this file is used to start the NetFlow Analyzer as an application through the command prompt and the wrapper.conf file is used to start the NetFlow Analyzer as a service.
Please use the backslash as mentioned in the article. You can test if it working fine or not by stooping the ManageEngine NetFlow Analyzer service from the services window and start the application from the command prompt, navigate to Netflow_Home/bin and execute run.bat and check if the changes are working fine or not.
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
Thank you for your update. Regarding the run.bat file, this file is used to start the NetFlow Analyzer as an application through the command prompt and the wrapper.conf file is used to start the NetFlow Analyzer as a service.
Please use the backslash as mentioned in the article. You can test if it working fine or not by stooping the ManageEngine NetFlow Analyzer service from the services window and start the application from the command prompt, navigate to Netflow_Home/bin and execute run.bat and check if the changes are working fine or not.
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
↧
↧
Issue with Conversation OUT Report
Hi All,
we don't understand what we see with
Conversation OUT Report with NetFlow Analyzer v. 9.5
we configured sFlow on switch HP Procurve as below:
sflow 1 destination X.X.X.X 9996
sflow 1 polling A1-A24,B1-B24,C1-C24,D1-D24 30
sflow 1 sampling A1-A24,B1-B24,C1-C24,D1-D24 500
On port A2 there is connect only one Server (we see only one
mac-address); when we generate a Conversation IN Report and Group By
Source IP we see only IP address (this is correct), but when we
generate a Conversation OUT Report and Group by Destination IP we see
more IP in addition Source IP.
Do you know if this Conversation OUT Report is correct?
Thank you.
Regards,
Marco
↧
Re : SSL: Self-Signed Certificate problems...
Thanks now I understand. I tested run.bat and forward or blackslashes
both work. And you have to either use the full path or the SERVER_HOME
variable. Anyways everything works now.
I am curious why for EventLog Analyzer why these changes aren't
needed. Is there something different in NetFlow Analyzer requiring this?
↧
Re : Issue with Conversation OUT Report
Hi
Thank you for writing to us. NetFlow Analyzer show the Conversation Information on the in both Direction. If you are trying to monitor a device with 2 interfaces say A and B, if the traffic is flowing in the direction from A to B, in that case the traffic will be accounted as IN traffic for the interface A and the out for the interface B. In the same way if the traffic is flowing in a direction from B to A, the traffic will be accounted as in traffic for the interface B and out traffic for the interface A.
Please refer the below link for more information:
http://blogs.manageengine.com/netflowanalyzer/2009/02/24/in-and-out-reports-with-netflow-analyzer.html
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
Thank you for writing to us. NetFlow Analyzer show the Conversation Information on the in both Direction. If you are trying to monitor a device with 2 interfaces say A and B, if the traffic is flowing in the direction from A to B, in that case the traffic will be accounted as IN traffic for the interface A and the out for the interface B. In the same way if the traffic is flowing in a direction from B to A, the traffic will be accounted as in traffic for the interface B and out traffic for the interface A.
Please refer the below link for more information:
http://blogs.manageengine.com/netflowanalyzer/2009/02/24/in-and-out-reports-with-netflow-analyzer.html
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
↧
Re : SSL: Self-Signed Certificate problems...
Hi ,
Thank you for your update. This is a default design in NetFlow Analyzer product and need the following changes to work with the SSL certificate with the FQDN.
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
Thank you for your update. This is a default design in NetFlow Analyzer product and need the following changes to work with the SSL certificate with the FQDN.
Thanks & Regards,
Aravind Lenin
Technical Support Engg- Netflow Analyzer
↧
↧
Re : SSL: Self-Signed Certificate problems...
OK. In my case, for internal systems, I usually use a friendly name such as nfa for the URL. It seems to work ok.
↧
Re : License OPmanager netflow plugin
Hi Senthil,
I have followed your instruction to apply the license, but it takes quite a long time to initializing modules, is it normal? I have restarted the Opmanager service twice, still not bring up netflow analyzer page yet. Any idea? Thanks.
Alex
↧
Re : License OPmanager netflow plugin
Hi there,
After I reboot the server, Netflow plugin page can show up now, but
the license type still showing 'Trial'. I have registered the
license twice & sync netflow, nothing changes.
↧
Re : License OPmanager netflow plugin
Hi,
Thank you for the update. Kindly mail us at netflowanalyzer-support@manageengine.com, we'll assist you to apply the license file and that should fix the issue for sure.
Regards,
Karthik.K
Netflow Analyzer TAC
Thank you for the update. Kindly mail us at netflowanalyzer-support@manageengine.com, we'll assist you to apply the license file and that should fix the issue for sure.
Regards,
Karthik.K
Netflow Analyzer TAC
↧
↧
No OUT traffic appearing
Hey Everyone,
I am evaluating NetFlow Analyzer in conjunction with a Fortigate setup in order to track the bandwidth usage on both the upload and download of each port of the Fortigate. I have enabled Netflow support on the fortigate inline with the documentation on your site and NetFlow Analyzer has been very accurate in tracking the download usage (ie IN traffic) but no OUT traffic has been registered whatsoever. I have enabled Netflow on all the ports (WAN and LAN) and still no OUT traffic.
Any help please in how this might be an issue so we can finalize on whether we are able to use Netflow analyzer in our setup or not.
I am evaluating NetFlow Analyzer in conjunction with a Fortigate setup in order to track the bandwidth usage on both the upload and download of each port of the Fortigate. I have enabled Netflow support on the fortigate inline with the documentation on your site and NetFlow Analyzer has been very accurate in tracking the download usage (ie IN traffic) but no OUT traffic has been registered whatsoever. I have enabled Netflow on all the ports (WAN and LAN) and still no OUT traffic.
Any help please in how this might be an issue so we can finalize on whether we are able to use Netflow analyzer in our setup or not.
↧
Re : No OUT traffic appearing
Hi,
Thank you for writing to us. Kindly ensure that the device is configured per the commands listed below -
config system sflow
set collector-ip %NetFlowIP%
set collector-port 9996
end
config sys interface // For Interface
edit % Interface Name %
set sflow-sampler enable
set sample-rate 1000
set sample-direction both
set polling-interval 60
next
end
config system vdom-sflow // For VDOM
set vdom-sflow enable
set collector-ip %NetFlowIP%
set collector-port 9996
end
If that still doesn't work, and if your device has FortiOS 5.2.1 or above, enable Netflow export on it -
http://docs-legacy.fortinet.com/fos50hlp/52/FortiOS%205.2%20Help/HB_intro.html
http://docs-legacy.fortinet.com/fos50hlp/52/index.html#page/FortiOS%25205.2%2520Help/system.004.13.html
Regards,
Karthik.K
Netflow Analyzer TAC
Thank you for writing to us. Kindly ensure that the device is configured per the commands listed below -
config system sflow
set collector-ip %NetFlowIP%
set collector-port 9996
end
config sys interface // For Interface
edit % Interface Name %
set sflow-sampler enable
set sample-rate 1000
set sample-direction both
set polling-interval 60
next
end
config system vdom-sflow // For VDOM
set vdom-sflow enable
set collector-ip %NetFlowIP%
set collector-port 9996
end
If that still doesn't work, and if your device has FortiOS 5.2.1 or above, enable Netflow export on it -
http://docs-legacy.fortinet.com/fos50hlp/52/FortiOS%205.2%20Help/HB_intro.html
http://docs-legacy.fortinet.com/fos50hlp/52/index.html#page/FortiOS%25205.2%2520Help/system.004.13.html
Regards,
Karthik.K
Netflow Analyzer TAC
↧
Re : No OUT traffic appearing
Hey,
Thanks for the quick reply. Actually we are running Fortigate OS 5.2.2 and we have netflow setup as descriped in your documentation.
Mainly we have done
config system netflow
set collector-ip 192.168.200.2
set collector-port 9996
set source-ip 192.168.200.1
set active-flow-timeout 1
set inactive-flow-timeout 15
end
Then we did
config sys interface
edit <interface name>
set netflow-sampler both
next
end
Even with all the above we are still seeing the problem that we have mentioned
PS below is a print out from our fortigate diagnosis
Thanks for the quick reply. Actually we are running Fortigate OS 5.2.2 and we have netflow setup as descriped in your documentation.
Mainly we have done
config system netflow
set collector-ip 192.168.200.2
set collector-port 9996
set source-ip 192.168.200.1
set active-flow-timeout 1
set inactive-flow-timeout 15
end
Then we did
config sys interface
edit <interface name>
set netflow-sampler both
next
end
Even with all the above we are still seeing the problem that we have mentioned
PS below is a print out from our fortigate diagnosis
____ vdom: root, index=0, is master, collector: disabled (use global config) (mgmt vdom) |
|_ coll_ip:192.168.200.2[9996],src_ip:192.168.200.1,seq_num:14618,pkts/time to next template: 10/245 |
|_ exported: Bytes:710521580, Packets:872427, Sessions:6682 Flows:9543 |
|____ interface:wan1 sample_direction:both |
|____ interface:port5 sample_direction:both |
|____ interface:port6 sample_direction:both |
|____ interface:virt1 sample_direction:both |
|____ interface:virt2 sample_direction:both |
|____ interface:virt3 sample_direction:both |
|____ interface:virt4 sample_direction:both |
|____ interface:virt5 sample_direction:both |
|____ interface:virt6 sample_direction:both |
↧