How can we help?

How to enable flow on your Fortinet Fortigate firewall

Follow

This sample configuration is based on a Fortinet Fortigate 60D firewall. Other models may have slight configuration variations.

Notes:

Access your router’s CLI

  1. Telnet or SSH into your Fortigate router.
  2. (If necessary) Enter privileged mode by typing enable and entering your enable password.

Next, we’ll be inputting commands that do a few things:

  • Enable the sFlow process on your firewall.
  • Configure the process to send flow packets to the appropriate server and port.
  • Configure the WAN port to generate a flow packet for every 1024 packets that transit the interface.
  • Save and apply our configuration changes.
  • Note: In the example below, port 1 is considered our WAN interface. You’ll need to change this value based on your interface definitions.

On your router, type:

config system sflow
set collector-ip 208.76.14.247
set collector-port 20013
end
config system interface
edit "port 1"
set sflow-sampler enable
set sample-rate 1024
set sample-direction both
set polling-interval 30
next
end
cfg save

All done.

 

Have more questions? Submit a request

Comments

Powered by Zendesk