| NetFlow Configured on multiple VDOMs: FortiGate-60E (global) # diagnose test application sflowd 3 ===== Netflow Vdom Configuration =====
Global collector:10.99.99.254:[2055] source ip: 10.1.1.99 active-timeout(seconds):1800 inactive-timeout(seconds):15 ____ vdom: root, index=0, is master, collector: disabled (use global config) (mgmt vdom)
|_ coll_ip:10.99.99.254:2055,src_ip:10.1.1.99
|_ seq_num:26 pkts/time to next template: 14/1407
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 3
|____ interface:wan1 sample_direction:both device_index:5 snmp_index:1
|____ interface:wan2 sample_direction:both device_index:6 snmp_index:2
|____ interface:dmz sample_direction:both device_index:7 snmp_index:3 ____ vdom: Security, index=3, is master, collector: enabled
|_ coll_ip:10.99.99.254:2055,src_ip:10.20.20.99
|_ seq_num:9 pkts/time to next template: 11/1407
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 1
|____ interface:internal1 sample_direction:both device_index:8 snmp_index:4 ____ vdom: Sales, index=4, is master, collector: enabled
|_ coll_ip:10.99.99.254:2055,src_ip:10.30.30.99
|_ seq_num:2 pkts/time to next template: 18/1407
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 1
|____ interface:internal3 sample_direction:both device_index:10 snmp_index:6 As seen in the above output, each VDOM has a unique collector and source IP address. By unsetting each VDOMs NetFlow configuration they will take on the Global VDOM configuration: FortiGate-60E # config vdom FortiGate-60E (vdom) # edit Security
current vf=Security:3 FortiGate-60E (Security) # config system vdom-netflow FortiGate-60E (vdom-netflow) # unset vdom-netflow FortiGate-60E (vdom-netflow) # end
vdom netflow collector is disabled, global netflow collector will be used. FortiGate-60E (Security) # next FortiGate-60E (vdom) # edit Sales
current vf=Sales:4 FortiGate-60E (Sales) # config system vdom-netflow FortiGate-60E (vdom-netflow) # unset vdom-netflow FortiGate-60E (vdom-netflow) # end
vdom netflow collector is disabled, global netflow collector will be used. FortiGate-60E (Sales) # end FortiGate-60E # config global FortiGate-60E (global) # diagnose test application sflowd 3 ===== Netflow Vdom Configuration =====
Global collector:10.99.99.254:[2055] source ip: 10.1.1.99 active-timeout(seconds):1800 inactive-timeout(seconds):15 ____ vdom: root, index=0, is master, collector: disabled (use global config) (mgmt vdom)
|_ coll_ip:10.99.99.254:2055,src_ip:10.1.1.99
|_ seq_num:42 pkts/time to next template: 18/1173
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 3
|____ interface:wan1 sample_direction:both device_index:5 snmp_index:1
|____ interface:wan2 sample_direction:both device_index:6 snmp_index:2
|____ interface:dmz sample_direction:both device_index:7 snmp_index:3 ____ vdom: Security, index=3, is master, collector: disabled (use global config)
|_ coll_ip:10.99.99.254:2055,src_ip:10.1.1.99
|_ seq_num:4 pkts/time to next template: 16/1173
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 1
|____ interface:internal1 sample_direction:both device_index:8 snmp_index:4 ____ vdom: Sales, index=4, is master, collector: disabled (use global config)
|_ coll_ip:10.99.99.254:2055,src_ip:10.1.1.99
|_ seq_num:1 pkts/time to next template: 19/1173
|_ exported: Bytes:0, Packets:0, Sessions:0 Flows:0
|_ active_intf: 1
|____ interface:internal3 sample_direction:both device_index:10 snmp_index:6 | 
