How to forward sflow and Netflow from Fortigate Firewall?

Forward sflow from fortigate firewall

First navigate to FortiGate CLI console.

Click on the CLI console.

Note: In FortiGate we can set one IP address at a time to forward flow, so if you want’s to forward flow on any IP you have to remove exiting and set the new one.

Execute the following command.

#config system sflow

Here you can see the list of ip address n which flow is forwarding.

If you want’s to set other IP need to remove the existing one by “unset” command.

#unset collector-ip

Now set the new IP address.

#set collector-ip 172.16.10.115

To verify configurations type “show”

#show

Type end to exit

#end

Forward Netflow from fortigate firewall

FG100E_MotaData # config system netflow

FG100E_MotaData (netflow) # unset collector-ip

FG100E_MotaData (netflow) # show

config system netflow
set collector-ip 163.172.175.100
end

FG100E_MotaData (netflow) # set collector-port 4738

FG100E_MotaData (netflow) # show full-configuration
config system netflow
set collector-ip 163.172.175.100
set collector-port 4738
set source-ip 0.0.0.0
set active-flow-timeout 30
set inactive-flow-timeout 15
set template-tx-timeout 30
set template-tx-counter 20
end

FG100E_MotaData (netflow) # end

FG100E_MotaData # config system sflow

FG100E_MotaData (sflow) # show
config system sflow
set collector-ip 192.168.2.172
set collector-port 4738
end

FG100E_MotaData (sflow) # unset collector-ip

FG100E_MotaData (sflow) # set collector-ip 163.172.175.100

FG100E_MotaData (sflow) # show
config system sflow
set collector-ip 163.172.175.100
set collector-port 4738
end

FG100E_MotaData (sflow) #