ntopng not displaying NetFlow data with nProbe #627
Description
Dear Community,
We are using ntopng with nProbe to view NetFlow data from a Checkpoint firewall. The ntopng web interface is accessible, and the nProbe service is running. We can see NetFlow data being sent to the server using tcpdump, but the ntopng web GUI does not show any flow data.
Environment Details:
OS: Rocky Linux release 9.3
ntopng Version: ntopng Enterprise L v.6.2.240821
nProbe Version: v.10.6.240821
We are using ntopng with nProbe to view NetFlow data from a Checkpoint firewall. The ntopng web interface is accessible, and the nProbe service is running. We can see NetFlow data being sent to the server using tcpdump, but the ntopng web GUI does not show any flow data.
ntopng and nprob are running on the same host.
Configurations:
Here are the key configurations:
nprobe.conf:
-i=none
--collector-port=6343
--zmq=tcp://*:5556
-n=none
-T=@NTOPNG@
ntopng.conf:
-i=tcp://127.0.0.1:5556
Question:
How can we configure nProbe and ntopng to properly display NetFlow data?
Thank you for your support!
TCPDump
13:16:46.403637 ens192 In IP 172.17.177.210.33621 > 172.30.200.26.6343: sFlow version 589841 packet not supported
13:16:46.417562 ens192 In IP 172.17.177.210.33628 > 172.30.200.26.6343: sFlow version 589841 packet not supported
13:16:46.463141 ens192 In IP 172.17.177.210.33628 > 172.30.200.26.6343: sFlow version 589841 packet not supported
13:16:46.467064 ens192 In IP 172.30.12.30.11181 > 172.30.200.26.6343: sFlow version 589840 packet not supported
13:16:46.482433 ens192 In IP 172.17.177.210.33628 > 172.30.200.26.6343: sFlow version 589841 packet not supported
13:16:46.488149 ens192 In IP 172.17.177.210.33623 > 172.30.200.26.6343: sFlow version 589841 packet not supported