Configuring Flow Exports on Fortigate Firewall
Site24x7 supports monitoring traffic from Fortinet FortiGate firewalls using sFlow protocols. This guide explains how to configure flow exports for FortiGate devices across various firmware versions.
Prerequisites
- You need FortiOS version 5.2 or higher.
- You need admin access to FortiGate CLI or GUI.
- Ensure appropriate firewall rules allow UDP traffic to the Site24x7 NetFlow collector port (default: 9996).
NoteInterface-level sampling is supported in FortiOS version 7.6.0 and above. For earlier versions, only NetFlow-based monitoring is supported.
Flow configuration (FortiOS 7.2.8, 7.4.2, or later)
To configure sFlow (recommended for sampling):
config system sflow
set collector-ipset collector-port 9996 set source-ip set sample-rate 512 set polling-interval 20 set interface end
Enter global configuration mode on the router or Multilayer Switch Feature Card (MSFC), and issue the following commands for each interface on which you want to enable flow:edit {INTERFACE_NAME}
set sflow-sampler enable
set sample-rate 1000
set sample-direction both
set polling-interval 60
next
end config system vdom-sflow
set vdom-sflow enable
set collector-ip {NETFLOW_SERVER_IP}
set collector-port {NETFLOW_SERVER_LISTENER_PORT}
end
Troubleshooting tips
- Ensure the collector IP and port are reachable.
- Confirm interface-level NetFlow or sFlow is enabled.
Related links
-
On this page
- Prerequisites
- Flow configuration
- Troubleshooting tips