CheckPoint 5200 Firewall NetFlow Configuration

This document outlines the steps to configure CheckPoint 5200 Firewall for NetFlow export with ObserveOps Flow Explorer.

Configuration Steps

Navigate to Configuration > Traffic Management > NetFlow in the Check Point UI to access the NetFlow Configuration page.

To configure NetFlow export via CLI, use the following commands:

Set the active flow timeout:

active-timeout 60

Set the NetFlow collector IP and port:

collector ip {MOTADATA_NETFLOW_SERVER_IP} port 2055

Enable ACL metering mode:

enable-acl on

Enable flow metering mode:

enable-flows on

Set the export format:

export-format V5

Set the inactive flow timeout:

inactive-timeout 15

Set the source address to the LAN interface IP of the firewall:

srcaddr {LAN_INTERFACE_IP}

After completing the configuration, navigate to Menu > Flow Explorer and select Explorer to view the active flow data.