Skip to main content

How to forward sflow and Netflow from Fortigate Firewall?

Forward sflow from fortigate firewall

First navigate to FortiGate CLI console.

_images/18.png

Click on the CLI console.

note

In FortiGate we can set one IP address at a time to forward flow, so if you want’s to forward flow on any IP you have to remove exiting and set the new one.

Execute the following command.

#config system sflow

Here you can see the list of ip address n which flow is forwarding.

If you want’s to set other IP need to remove the existing one by “unset” command.

#unset collector-ip

Now set the new IP address.

#set collector-ip 172.16.10.115

To verify configurations type “show”

#show

_images/19.png

Type end to exit

#end

Forward Netflow from fortigate firewall

FG100E\_MotaData # config system netflow

FG100E\_MotaData (netflow) # unset collector-ip

FG100E\_MotaData (netflow) # show

config system netflow

set collector-ip 163.172.175.100

end

FG100E\_MotaData (netflow) # set collector-port 4738

FG100E\_MotaData (netflow) # show full-configuration

config system netflow

set collector-ip 163.172.175.100

set collector-port 4738

set source-ip 0.0.0.0

set active-flow-timeout 30

set inactive-flow-timeout 15

set template-tx-timeout 30

set template-tx-counter 20

end

FG100E\_MotaData (netflow) # end

FG100E\_MotaData # config system sflow

FG100E\_MotaData (sflow) # show

config system sflow

set collector-ip 192.168.2.172

set collector-port 4738

end

FG100E\_MotaData (sflow) # unset collector-ip

FG100E\_MotaData (sflow) # set collector-ip 163.172.175.100

FG100E\_MotaData (sflow) # show

config system sflow

set collector-ip 163.172.175.100

set collector-port 4738

end

FG100E\_MotaData (sflow) #