This sample configuration is based on a Fortinet Fortigate 60D firewall. Other models may have slight configuration variations.
- If you're collecting flow from multiple devices sharing the same public IP, these instructions may vary. Contact Auvik Support for assistance.
- These instructions assume:
Access your router’s CLI
- Telnet or SSH into your Fortigate router.
- (If necessary) Enter privileged mode by typing enable and entering your enable password.
Next, we’ll be inputting commands that do a few things:
- Enable the sFlow process on your firewall.
- Configure the process to send flow packets to the appropriate server and port.
- Configure the WAN port to generate a flow packet for every 1024 packets that transit the interface.
- Save and apply our configuration changes.
- Note: In the example below, port 1 is considered our WAN interface. You’ll need to change this value based on your interface definitions.
On your router, type:
config system sflow
set collector-ip 220.127.116.11
set collector-port 20013
config system interface
edit "port 1"
set sflow-sampler enable
set sample-rate 1024
set sample-direction both
set polling-interval 30