How can we help?

How to configure NetFlow on Palo Alto firewalls

Follow

These instructions assume:

Access the Palo Alto web interface

  1. Open a web browser and type in the IP address of the Palo Alto firewall.
  2. Log into your firewall.

Create a NetFlow server profile

  1. Select Device > Server Profiles > NetFlow and click Add.
  2. Enter TrafficInsights as the name for the profile.
  3. Set the default Template Refresh Rate to 5 minutes and 20 packets.
  4. For the Active Timeout, set the value at 1 minute.
  5. Select the checkbox for the PAN-OS Field Types.
  6. For each NetFlow collector section, click Add.
    1. Name: TrafficInsights
    2. Server: <Auvik Collector IP>
    3. Port: <2055, 2056, 4432, 4739, 6343, 9995 or 9996>
  7. Click Okay.

Assign the NetFlow server profile

The steps below specify a LAN interface for collecting NetFlow data. For a different interface, choose your desired interface in step 2.

  1. Select Network > Interfaces > Ethernet.
  2. Click a LAN interface to edit it.
  3. In the NetFlow Profile drop-down, select the TrafficInsights server profile.
  4. Click Okay.
Was this article helpful?
3 out of 3 found this helpful
Have more questions? Submit a request