Ipswitch WhatsUp Gold User Guide - Ipswitch Documentation Server
16.01.2013 Views
Share Embed Flag

Ipswitch WhatsUp Gold User Guide - Ipswitch Documentation Server

Ipswitch WhatsUp Gold User Guide - Ipswitch Documentation Server

Ipswitch WhatsUp Gold User Guide - Ipswitch Documentation Server

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
docs.ipswitch.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Ipswitch</strong> <strong>WhatsUp</strong> <strong>Gold</strong> <strong>User</strong> <strong>Guide</strong><br />

If the device is outside the firewall, the exported flow data aggregates all traffic to<br />

and from internal devices and reports it as belonging to a single public address<br />

belonging to the device performing the address translation. In this case, you can only<br />

determine that an internal device originated or received traffic, but you cannot<br />

pinpoint the traffic as belonging to a specific internal device.<br />

If the device exporting flows is also performing NAT, you can configure the device to<br />

export the flow data using either the private or the public translated address,<br />

mimicking either of the above scenarios. To see internal IP addresses, configure the<br />

device to export data on ingress and egress for the internal interface. To see all<br />

traffic reported using the external translated IP address, configure the device to<br />

export data on ingress and egress for external interfaces. For more information,<br />

see Manually configuring network devices to export flow data to Flow Monitor (on page<br />

973).<br />

Other conditions that may also change the nature of the data reported by Flow Monitor<br />

include:<br />

When address translation occurs anywhere in the path between the source and the<br />

destination, IP addresses reported are altered to include the translated address. In<br />

most cases, this does not present a problem, but it may require monitoring multiple<br />

flow-enabled devices to track traffic in complex network environments.<br />

Virtual private networks and other tunneling technology (such as ESP or SSH) can<br />

appear to distort reports. In these cases, Flow Monitor reports large amounts of traffic<br />

sent over a small number of flows. This is expected behavior, as VPNs and other<br />

tunnels aggregate traffic from multiple connections and funnel it through a single<br />

connection.<br />

Manually configuring devices to export flow data to Flow Monitor<br />

Network devices must be configured to generate and send NetFlow data to Flow Monitor.<br />

This is accomplished manually using the device's command line interface (CLI), or<br />

automatically through the Source configuration dialog (Flow Monitor > Configuration) for<br />

devices that are NetFlow enabled and have the Cisco NetFlow MIB (OID: 1.3.6.1.4.1.9.9.387).<br />

973

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!