CheckPoint Firewall NetFlow Configuration

This document outlines the steps to configure CheckPoint Firewall for NetFlow export with ObserveOps Flow Explorer.

Configuration Steps

To configure NetFlow export via CLI, use the following commands:

Set the active flow timeout:

active-timeout 60

Set the NetFlow collector IP and port:

collector ip {MOTADATA_SERVER_IP} port 2055

Enable ACL metering mode:

enable-acl on

Enable flow metering mode:

enable-flows on

Set the export format:

export-format V5|V9

Set the inactive flow timeout:

inactive-timeout 15

Set the source address to the LAN interface IP of the firewall:

srcaddr {LAN_INTERFACE_IP}

After completing the configuration, navigate to Menu > Flow Explorer and select Explorer to view the active flow data.