This sample configuration is based on a Fortinet Fortigate 60D firewall. Other models may have slight configuration variations.
Notes:
- If you're collecting flow from multiple devices sharing the same public IP, these instructions may vary. Contact Auvik Support for assistance.
- These instructions assume:
- You have Telnet / SSH credentials and access to your Fortigate router
- Have your your enable password, if applicable
- The device has already been added to your AuvikFlow (Kentik) integration.
Access your router’s CLI
- Telnet or SSH into your Fortigate router.
- (If necessary) Enter privileged mode by typing enable and entering your enable password.
Next, we’ll be inputting commands that do a few things:
- Enable the sFlow process on your firewall.
- Configure the process to send flow packets to the appropriate server and port.
- Configure the WAN port to generate a flow packet for every 1024 packets that transit the interface.
- Save and apply our configuration changes.
- Note: In the example below, port 1 is considered our WAN interface. You’ll need to change this value based on your interface definitions.
On your router, type:
config system sflow
set collector-ip 208.76.14.247
set collector-port 20013
end
config system interface
edit "port 1"
set sflow-sampler enable
set sample-rate 1024
set sample-direction both
set polling-interval 30
next
end
cfg save
All done.
Comments