search
Ctrlk

Palo Alto

To configure NetFlow on a Palo Alto firewall, follow these steps:

hashtag
1. Define a NetFlow Profile

  1. Go to Device → Server Profiles → NetFlow.

  2. Click Add.

  3. Give the profile a name.

  4. Configure:

    • Collector IP address (your flow collector).

    • Port (default 2055 for NetFlow, or whatever your collector expects).

    • Protocol: UDP.

    • Active Timeout: Typically 1 minute (controls how often long-lived sessions are reported).

    • Inactive Timeout: Usually 15 seconds (when a session has been idle).

    • Select Template Refresh Rate (number of flows before resending template).

hashtag
2. Attach NetFlow Profile to Interfaces

  1. Go to Network → Interfaces.

  2. Select the interface(s) you want to export flows for (e.g., WAN, LAN, DMZ).

  3. Under the Advanced → NetFlow tab:

    • Enable NetFlow.

    • Choose the NetFlow profile you just created.

hashtag
3. Commit the Configuration

  • Click Commit to push changes to the running config.

hashtag
4. Verify

  • On the collector, you should start seeing flows.

  • On the firewall itself, you can check via CLI:

    These confirm templates and exports are active.

PreviousSetting up Azure Flow LogsNextArista

Last updated

Was this helpful?