These instructions assume:
- The SonicWall device is running SonicOS version 7.0 or higher.
- The date, time and time zone are correctly set on the firewall.
- You have administrative access to the firewall.
- The IP address of your Auvik collector is known.
To access the SonicWall web interface
- Open a web browser and type in your SonicWall’s IP address.
- Log into the web admin console.
Enable the NetFlow collector
- Navigate to Device
- Click on AppFlow
- Click on Flow reporting
- Click on Settings
Check Enable Real-Time Data Collection, if necessary
Note: You must reboot the device after enabling Real-Time Data Collection
- (Optional) Enable interface-based reporting if you prefer the flows to be tagged from the interfaces of the firewall
- Click Accept to save the settings
- Navigate to AppFlow
- Click on Flow Reporting
- Click on External Collector
- Select Send Flows and Real-Time Data to External Collector
- Under External Flow Reporting Format, select NetFlow Version-9.
- In the External Collector’s Server Address section, check IP and enter the Auvik collector IP address
- In the External Collector’s UDP Port Number field, enter the port number you’d like to use. Choose from any of these ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996.
- Enable Send IPFIX / Netflow Templates At Regular Intervals
- Enable Report On Connection OPEN
- Enable Report on a Connection CLOSE
- Click the Generate ALL Templates button.
- Click Accept to save the settings.
NetFlow should now be enabled on your SonicWall Gen 7 firewall device.