How can we help?

How to enable flow on your Sophos XG firewall


This sample configuration is based on a Sophos XG firewall. Other models may have slight configuration variations.

If you're collecting flow from multiple devices sharing the same public IP, you must configure chfagent to send flow to Kentik.

These instructions assume:

Log into the Sophos web GUI as an administrator with read-write permission.

Configure NetFlow collectors

  1. Go to Logs & Reports > Configuration > Netflow.
  2. Enter an appropriate server name.
  3. Enter for the Netflow server.
  4. Enter port 20013 as the Netflow server port.
  5. Click Apply.

Enable traffic logging from firewall rule

  1. Go to Firewall Netflow > Rule.
  2. Select IPv4.
  3. Expand Advanced Settings.
  4. Enable Log Firewall Traffic.
  5. Click OK.


Have more questions? Submit a request


Powered by Zendesk