How can we help?

How to configure NetFlow on Fortinet FortiGate firewalls

Follow

These instructions assume:

  • The date, time and time zone are correctly set on the firewall.
  • You have Telnet or SSH credentials and access to your Fortinet FortiGate firewall.
  • The IP address of your Auvik collector is known.

Access your firewall CLI

  1. Telnet or SSH into your firewall.
  2. Ensure you're logged in as a privileged user.

Enable NetFlow

On your firewall, execute the commands listed below.

Replace <AuvikCollectorIP> with the IP of your Auvik collector, <AuvikPort> with one of the following ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996, and <FW LAN/Mgmt IP> with the IP address of the interface from where the device will be sending Netflow. This last this step is mandatory if the Netflow traffic has to traverse a VPN in order to reach the collector.

In the example below, port 1 represents the interface where you're capturing flows, usually the LAN. Change this value based on which interface you're monitoring with NetFlow.

config system netflow
set collector-ip <AuvikCollectoIP>
set collector-port <AuvikPort>
set source-ip <FW LAN/Mgmt IP> end config system interface edit "port1" set netflow-sampler both end

References:

 

Was this article helpful?
2 out of 7 found this helpful
Have more questions? Submit a request