Problems on Netflow analyzer displaying " out" direction for Fortigate SFlow

Problems on Netflow analyzer displaying " out" direction for Fortigate SFlow

Dear all,

did anyone successfully use Manageengine Netflow Anlayzer 8.5/8.6 to monitor Fortigate via sFlow?

I have version 8.6 running and a Fortigate 200B and 80C, i configured the fortigate with something like below:
config system interface
 edit "dmz"
        set vdom "root"
        set ip 10.10.10.1 255.255.255.0
        set allowaccess ping https
        set type physical
        set sample-rate 40
        set polling-interval 10
        set sflow-sampler enable
        set sflow-sample-direction both
    next
config system sflow
    set collector-ip 10.239.187.138
    set collector-port 9996
end

The analyzer is able to receive sFlow pactet from the fortigate but only input direction info can be shown, in addtion, it seems the statistic displayed is not correct. For example, i perfomed a ftp over the interface which have over 100Mbyte and around 8Mbps thoughput. But analyzer can show only a 300k throughput and 5M traffic transferred.

I opened a TAC case in Fortigate and they said there is a header problem in FortiOS 4.0 patch2 and the problem is fixed in patch 3. However, upgrading the Fortgate to patch 3 still have this problem.

Thanks

Bong So



























      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products