Try Auvik Free
Try Auvik Free

How can we help?

  1. Auvik Support
  2. Audit and Reporting
  3. Device configuration for Auvik TrafficInsights
  4. How to Configure Netflow

How to Configure NetFlow on SonicWall Gen 7 Firewalls

Avatar
Tasha Roth
Follow

These instructions assume:

  • The SonicWall device is running SonicOS version 7.0 or higher.
  • The date, time and time zone are correctly set on the firewall.
  • You have administrative access to the firewall.
  • The IP address of your Auvik collector is known.

If you are using a shared collector and want TrafficInsights to associate flow data with the correct site, you must add the source IP address as a dedicated /32 network within Auvik.

For example:

192.168.1.10/32

Even if the source IP address is already included in a larger monitored subnet, a dedicated /32 entry is required for TrafficInsights to correctly associate flow records with the appropriate site.

After making this change, it may take several minutes before flow data appears in TrafficInsights.

To access the SonicWall web interface

    • Open a web browser and type in your SonicWall’s  IP address.
    • Log into the web admin console.

Enable  the NetFlow collector

sonicwallappflow.png

    • Navigate to Device
    • Click on AppFlow
    • Click on Flow reporting
    • Click on Settings
    • Check Enable Real-Time Data Collection, if necessary
      Note: You must reboot the device after enabling Real-Time Data Collection
    • (Optional) Enable interface-based reporting if you prefer the flows to be tagged from the interfaces of the firewall
    • Click Accept to save the settings

sonicwallexternalcollector.png

    • Navigate to AppFlow
    • Click on Flow Reporting
    • Click on External Collector
    • Select Send Flows and Real-Time Data to External Collector
    • Under External Flow Reporting Format, select NetFlow Version-9.
    • In the External Collector’s Server Address section, check IP and enter the Auvik collector IP address
    • In the External Collector’s UDP Port Number field, enter the port number you’d like to use. Choose from any of these ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996.
    • Enable Send IPFIX / Netflow Templates At Regular Intervals
    • Enable Report On Connection OPEN
    • Enable Report on a Connection CLOSE
    • Click the Generate ALL Templates button.
    • Click Accept to save the settings.

NetFlow should now be enabled on your SonicWall Gen 7 firewall device.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Auvik System Status

Check system status

Need help?

Submit your question or comment and we'll be in touch.

Send a message

Related articles