Thursday, April 29, 2010

Configuring FortiGate appliances

The recent FortiOS 4.0 MR2 release adds sFlow support to Fortinet's FortiGate® appliances.

The following commands configure a FortiGate appliance to sample packets at 1-in-512, poll counters every 30 seconds and send sFlow to an analyzer (10.0.0.50) over UDP using the default sFlow port (6343):

config system sflow
   set collector-ip 10.0.0.50
   set collector-port 6343
end


Then for each interface:

config sys interface
    edit
       set sflow-sampler enable
       set sample-rate 512
       set sample-direction both
       set polling-interval 30
    next
end


A previous posting discussed the selection of sampling rates. Additional information can be found on the Fortinet web site.

See Trying out sFlow for suggestions on getting started with sFlow monitoring and reporting.

No comments:

Post a Comment