How to forward sflow and Netflow from Fortigate Firewall?¶
Forward sflow from fortigate firewall
First navigate to FortiGate CLI console.
Click on the CLI console.
Note: In FortiGate we can set one IP address at a time to forward flow, so if you want’s to forward flow on any IP you have to remove exiting and set the new one.
Execute the following command.
#config system sflow
Here you can see the list of ip address n which flow is forwarding.
If you want’s to set other IP need to remove the existing one by “unset” command.
#unset collector-ip
Now set the new IP address.
#set collector-ip 172.16.10.115
To verify configurations type “show”
#show
Type end to exit
#end
Forward Netflow from fortigate firewall
FG100E_MotaData # config system netflow
FG100E_MotaData (netflow) # unset collector-ip
FG100E_MotaData (netflow) # show
config system netflow
set collector-ip 163.172.175.100
end
FG100E_MotaData (netflow) # set collector-port 4738
FG100E_MotaData (netflow) # show full-configuration
config system netflow
set collector-ip 163.172.175.100
set collector-port 4738
set source-ip 0.0.0.0
set active-flow-timeout 30
set inactive-flow-timeout 15
set template-tx-timeout 30
set template-tx-counter 20
end
FG100E_MotaData (netflow) # end
FG100E_MotaData # config system sflow
FG100E_MotaData (sflow) # show
config system sflow
set collector-ip 192.168.2.172
set collector-port 4738
end
FG100E_MotaData (sflow) # unset collector-ip
FG100E_MotaData (sflow) # set collector-ip 163.172.175.100
FG100E_MotaData (sflow) # show
config system sflow
set collector-ip 163.172.175.100
set collector-port 4738
end
FG100E_MotaData (sflow) #