I have a RB2011UAS on v6.36.2 and I’m having trouble getting Netflow to work properly.
I have a fairly simple config with my WAN port on ether10 and my connection to my LAN on ether1. If I enable ip traffic-flow on ether10 I can immediately see its forwarding flows to my Netflow collector and everything looks fine. But I want the flows to be sent from the LAN so that I can get visibility into which internal IPs are responsible for the traffic. But if I set ip traffic-flow to be on ether1 it won’t send any flows at all. I’ve tried this every possible way I can think of and can only get it to work on ether10.
I’ve seen some discussion about the order of processing requiring the data to flow through the firewall in order to send Netflow data, but I can’t seem to confirm that or find any relevant commands on my router to try it.
Anyone have any ideas for me?