Juniper SRX Flow Configuration

    Make sure the device is configured as below,

    forwarding-options {
    sampling {
    input {
    family inet {
    rate 1000;
    run-length 9; 
    max-packets-per-second 7000;
    }
    }
    output {
    cflowd <destination address>{
    port ;
    source-address <source address>;
    version <version number>;
    no-local-dump;
    autonomous-system-type origin;
    }
    }
    }
    }

    firewall

    • filter Sample-FILTER {
      • term ALLOW-ANY {
        • then {
          • sample;
          • accept;

    To enable packet sampling on the particular interface(s), from which flow analysis to be done follow the below sample configuration.

    interfaces {
    ge-1/3/0 {
    vlan-tagging;
    unit 101 {
    vlan-id 101;
    family inet {
    sampling {
    input Sample-FILTER;
    output Sample-FILTER;
    }
    address 206.80.253.26/25
    }
    }
    }
    }

    To manage un-managed interfaces and New interfaces for monitoring traffic, please follow below path.

    Click settings-->NetFlow-->License Management-->NetflowInterfaces-->Select the Interface for the juniper device-->Click Manage.