Configure sFlow - Fortinet / FortiGate

This area will help fast track you in planning, setting up and managing NetFlow in your environment. NetFlow is an embedded instrumentation within Cisco IOS Software to characterize network operation.

Network specialists of various levels within an organization need to be able to report on traffic traversing sites, key links and data centers without deploying probes. They use CySight powered by unique NetFlow Auditor methods of scalable collection, retention and Predictive AI Baslining to capture and analyze every NetFlow record with aggregation options and small footprint real-time and long-term storage. From Telco to SME you will recognize the superior reliability and performance of the CySight NetFlow Auditing solutions, as well as the management benefits offered.

Configure sFlow - Fortinet / FortiGate

How to configure sFlow on a FortiGate

sFlow agents can be added to any FortiGate interface, including physical interfaces, VLAN interfaces, and aggregate interfaces. However, sFlow agent/client is not supported on some virtual interfaces such as VDOM link, IPSec, gre, and ssl.<vdom>.

sFlow configuration is available only from the CLI.

Configuration steps include:

1. Set sFlow collector/server IP on the FortiGate.

config system sflow
set collector-ip <NetFlow-Auditor-IP-Address>
set collector-port xxxx (default udp/6343)
end

To configure it per VDOM.

config system vdom-sflow
set vdom-sflow [disable*|enable]
set collector-ip <NetFlow-Auditor-IP-Address>
set collector-port xxxx (default udp/6343)
end

2. Configure sFlow agents per interface.

config sys interface
edit
set sflow-sampler [disable*|enable]
set sample-rate xxxx //sample ever xxxx packets
set sample-direction [tx|rx|both*]
set polling-interval xx //in secs
next
end
Top

Return to “NetFlow”