I have a Windows server running Solarwinds Netflow Traffic Analyzer (NTA) and I'm attempting to switch to PRTG for netflow and other function.s Solarwinds NTA successfully receives the netflow from my Cisco switch on port 2055 and it's working fine. I can't seem to get the PRTG Netflow sensor to receive this data. I have stopped all the Solarwinds services on the server, I have ran the PRTG Netflow Tester without any luck. The PRTG main page for the device sending the netflow data (v5) has the netflow sensor activated. Yet it says 'No data received yet' or 'No data since startup'. Can someone help me troubleshoot this further?

Many thanks Wayne Hann

Article Comments

Hi Wayne,

Are you able to do a WireShark to make sure you actually send the NetFlow data to your PRTG server?

Is PRTG holding the port for the NetFlow data open (NETSTAT -a -o -b)

If your "removed" Solarwinds, was it by any chance on the same server? If so, did you use different ports for PRTG and Solarwinds and did you restart the server, services etc.?

Regards

Florian Rossmark

www.it-admins.com


Sep, 2018 - Permalink

I see the PID using port 2055 which is the UDP port of the netflow sender.When I look at TaskManager I see that the PID is actually PRTG Probe so that seems to be as predicted. The PRTG netflow servers seems to start where I see data then it stops. I have yet to be able to get the PRTG Netflow Tester to work. All very puzzling. It's the correct port since Solarwinds netflow correctly listens on that port. I have completely stopped all the Solarwinds services so I am sure Solarwinds is not listening on port 2055.

What I'm looking for with netflow is how many mb/s or kb/s each user is consuming. At the moment the top connections displays the AMOUNT of data consumed. Although useful I'm more interested in how much of the bandwidth is being used and not so much how MUCH data is being transmitted.

Any feedback is appreciated.


Sep, 2018 - Permalink

Hello Wayne,

Ok, two things:

  1. The current 18.x.43 version of PRTG has a bug where the flow sensors turn green for a short while and then into "unknown" state. The upcoming 18.x.44 update this week will fix this or you could update to the preview version that also contains the fix.
  2. When trying to verify with NetFlow Tester, make sure to pause the flow sensors, otherwise flow tester cannot listen on the port configured in the sensors.

Kind regards,

Erhard


Sep, 2018 - Permalink