Configuring Flow Exports on Fortigate Firewall
For NetFlow analysis, you need to configure your devices to export flows to Site24x7 On-Premise Poller, which is the NetFlow collector. The On-Premise Poller will be listening to the particular port to receive flows. Learn how to find the port number of your On-Premise Poller.
Configure flows (sFlow) on Fortigate firewalls using the following commands:
config system sflow
set collector-ip {NETFLOW_SERVER_IP}
set collector-port {NETFLOW_SERVER_LISTENER_PORT}
end
config sys interface
Enter global configuration mode on the router or Multilayer Switch Feature Card (MSFC), and issue the following commands for each interface on which you want to enable flow:
edit {INTERFACE_NAME}
set sflow-sampler enable
set sample-rate 1000
set sample-direction both
set polling-interval 60
next
endconfig system vdom-sflow
set vdom-sflow enable
set collector-ip {NETFLOW_SERVER_IP}
set collector-port {NETFLOW_SERVER_LISTENER_PORT}
end