Configuring Fortigate FortiOS

Fortigate FortiOS support netflow flow export from the version 5.2 and above. Please configure the device as mentioned below to export netflow packets to the NetFlow Analyzer installed server:

config system netflow 

set collector-ip {NFA ServerIP} 

set collector-port 9996 

set source-ip {IP address of Device} 

set active-flow-timeout 1 

set inactive-flow-timeout 15 

end

Please follow the below steps on each interface:

config system interface 

edit <interface name> 

set netflow-sampler tx 

end

If it is a VDOM environment, configure the device as follows:

config system vdom–netflow 

set vdom–netflow enable 

set collector-ip {NFA ServerIP} 

set collector-port 9996 

set source-ip loopback1 

end

Please follow the below steps on each interface:

config system interface 

edit <interface name> 

set netflow-sampler tx 

end

To review the NetFlow configuration, use the following commands in the CLI mode:

diagnose test application sflowd 3

diagnose test application sflowd 4

After the configuration is complete, NetFlow data will be exported, and you will start seeing results in the NetFlow Analyzer UI.