These instructions assume:
- The date, time and time zone are correctly set on the firewall.
- You have Telnet or SSH credentials and access to your Fortinet FortiGate firewall.
- The IP address of your Auvik collector is known.
Access your firewall CLI
- Telnet or SSH into your firewall.
- Ensure you're logged in as a privileged user.
On your firewall, execute the commands listed below.
Replace <AuvikCollectorIP> with the IP of your Auvik collector, <AuvikPort> with one of the following ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996, and <FW LAN/Mgmt IP> with the IP address of the interface from where the device will be sending Netflow. This last this step is mandatory if the Netflow traffic has to traverse a VPN in order to reach the collector.
In the example below, port 1 represents the interface where you're capturing flows, usually the LAN. Change this value based on which interface you're monitoring with NetFlow.
config system netflow set collector-ip <AuvikCollectoIP>
set collector-port <AuvikPort>
set source-ip <FW LAN/Mgmt IP> end config system interface edit "port1" set netflow-sampler both end