How can we help?

How to enable flow on your Fortinet Fortigate firewall -- AuvikFlow (Kentik)


This sample configuration is based on a Fortinet Fortigate 60D firewall. Other models may have slight configuration variations.

If you're collecting flow from multiple devices sharing the same public IP, you must configure chfagent to send flow to Kentik.

These instructions assume:

Access your router’s CLI

  1. Telnet or SSH into your Fortigate router.
  2. (If necessary) Enter privileged mode by typing enable and entering your enable password.

Next, we’ll be inputting commands that do a few things:

  • Enable the sFlow process on your firewall.
  • Configure the process to send flow packets to the appropriate server and port.
  • Configure the WAN port to generate a flow packet for every 1024 packets that transit the interface.
  • Save and apply our configuration changes.
  • Note: In the example below, port 1 is considered our WAN interface. You’ll need to change this value based on your interface definitions.

On your router, type:

config system sflow
set collector-ip
set collector-port 20013
config system interface
edit "port 1"
set sflow-sampler enable
set sample-rate 1024
set sample-direction both
set polling-interval 30
cfg save

All done.


Was this article helpful?
2 out of 2 found this helpful
Have more questions? Submit a request