2 of 2 people found this helpful
Yes, it is possible.
You'll have to enable netflow in the CLI, define your collector node (NTA box), and enable per-interface.
Taken from Fortinet KB:
Configuring the Netflow collector IP:
config system netflow
set collector-ip <ipv4_addr>
set collector-port <port_int>
Enabling Netflow on the Interface:
config system interface
edit <interface name>
set netflow-sampler both
Hmmm... We've had problems getting actual usage out of Fortinets using Netflow. When I opened a ticket with them about this in Dec 2015, the response I got was below. This was after a couple weeks of being persistent with them about the traffic I was seeing being wrong. There aren't many systems, esp. low end, that use the NP6 processor BTW. Good luck!
"Notice that the netflow for offloaded traffic may be only support on architectures using NP6. So, when using Netflow it will disable the offloading for the interface, which may affect you performance.
Also, for encrypted traffic you may not see all the information about the flow, since the traffic is actually encrypted.
If you want to account bandwidth usage, the SNMP may be a better option for you. "
Weird...I haven't seen that issue. Sorry to hear you're having problems - kind of a drag.
Well, if the appliances you have either have an NP6 or are set up in a very specific way, then it will probably work. But I was noticing that far less traffic was being classified than was actually transiting the interface. The device on the other end supported Netflow, so it was pretty apparent to us, not to mention the SNMP traffic graphs were pretty far off too.
I've found Fortinet's tech support highly lacking. It took me about 2 weeks to get around to that answer, asked to have it escalated, but it never was. I think there was a language gap also, which is frustrating.
Agreed on the tech support piece....I'm grateful we don't have to reach out to them too often. It's painful and protracted. The only good luck I've had is getting on the phone and soldiering through wait times.