Juniper SRX Flow Configuration

    Make sure the device is configured as below,

    forwarding-options {
    sampling {
    input {
    family inet {
    rate 1000;
    run-length 9; 
    max-packets-per-second 7000;
    }
    }
    output {
    cflowd <destination address>{
    port ;
    source-address <source address>;
    version <version number>;
    no-local-dump;
    autonomous-system-type origin;
    }
    }
    }
    }

    firewall

    • filter Sample-FILTER {
      • term ALLOW-ANY {
        • then {
          • sample;
          • accept;

    To enable packet sampling on the particular interface(s), from which flow analysis to be done follow the below sample configuration.

    interfaces {
    ge-1/3/0 {
    vlan-tagging;
    unit 101 {
    vlan-id 101;
    family inet {
    sampling {
    input Sample-FILTER;
    output Sample-FILTER;
    }
    address 206.80.253.26/25
    }
    }
    }
    }

    To manage un-managed interfaces and New interfaces for monitoring traffic, please follow below path.

    Click settings-->NetFlow-->License Management-->NetflowInterfaces-->Select the Interface for the juniper device-->Click Manage.

    Thank you for your feedback!

    Was this content helpful?

    We are sorry. Help us improve this page.

    How can we improve this page?
    Do you need assistance with this topic?
    By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.