These instructions assume:
- The device is on version 6.5 or higher.
- The date, time and time zone are correctly set on the firewall.
- You have administrative access to the firewall.
- The IP address of your Auvik collector is known.
Access the SonicWALL web interface
- Open a web browser and type in your SonicWALL IP address.
- Log into the web admin console.
Set up the external collector
- Navigate to Manage > Logs & Reporting > Flow reporting > Settings.
- Check Enable Real-Time Data Collection.
- (Optional) Enable interface-based reporting if you prefer the flows to be tagged from the interfaces of the firewall.
- Click Accept to save the settings.
- Navigate to External Collector.
- Select Send Flows and Real-Time Data to External Collector.
- Navigate to AppFlow Settings > Flow Reporting > External Collector.
- In External Flow Reporting Format, select Netflow Version-9
- In the External Collector’s IP address field, enter the Auvik collector IP address.
- In the External Collector’s UDP Port Number field, enter the port number you’d like to use. Choose from any of these ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996.
- Check Send IPFIX / Netflow Templates At Regular Intervals.
- Continue scrolling down to configure connection events:
- Check Report On Connection OPEN.
- Check Report on a Connection CLOSE.
- Click the Generate ALL Templates button
- Click Accept to save the settings
NetFlow is now enabled on your SonicWall firewall.
You must reboot the device for these changes to take effect.