Powered by Zoomin Software. For more details please contactZoomin

Flowmon User Guide

Table of Contents

Setup and Configuration

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: April 5, 2026
  • 6 minute read
    • Flowmon Products
    • Flowmon
    • Documentation

The Flowmon Probe installation consists of five steps:

  1. Mount the device to the rack (recommended).

  2. Plug in the power cord.

  3. Connect the management port to the local network.

  4. Connect the monitored link(s).

  5. Turn on the device and configure the management port IP address.

Complete these steps in the above order.

Access to the device console

On some specific occasions, Flowmon may need to perform a service task by connecting to a device console. The console can be accessed either by connecting a monitor and keyboard or using a serial link RS-232. Connect the serial cable to the Serial RS232 connector (see the figures below). To successfully connect, it is necessary to configure your serial terminal in the following way: 57 600 bauds, 8 data bits, no parity, 1 stop bit, and no flow control. To access the command line, enter the login flowmon and the password inv3a-t3ch.

Back panel (2U model PRO)
Back panel (2U model PRO)

Connection to the Local Network

The device is equipped with two management ports (RJ-45) for local network connection (this does not apply to the IFP-1000-CU - this only has one management port). Management ports are used for appliance management and NetFlow/IPFIX data exports. For management port connections, use common UTP cables. Ethernet 10/100/1000 is supported. The IP address of the management port can be configured in two ways - using the web Graphical User Interface (GUI) or using the console.

IP address configuration using the web GUI

Connect your computer to the administration interface (see figure below) using the Ethernet cable. Set your computer up with a static IP address 192.168.1.10 and mask 255.255.255.0. Start a web browser and enter IP address 192.168.1.1.

Device GUI connection
Device GUI connection

Click Configuration Center and enter the user login admin and password admin. Navigate to the System > Interface Settings > Management Interface 1, and perform the IP address configuration (see the figure Management IP configuration with GUI).

After configuring the IP address and clicking Save, the device will be unavailable due to the IP address change. Wait approximately 10 seconds, disconnect it from the computer, and connect the management interface to your LAN network. If you configured the IP address to be set up by DHCP, press the power button shortly and wait until the device turns off. Then turn on the device again. After a few minutes, it acquires the IP address from the DHCP protocol. If you have configured the IP address statically, you do not need to turn off the device.

Now, check the connection to your device. If it stays unavailable, check your network configuration (look at your routers and check if the path to your device is correctly set up, and so on). If you still cannot connect to the device, repeat the IP address configuration using a sysconfig application (see the following section IP address configuration using console).

Management IP configuration with GUI
Management IP configuration with GUI

NOTE:

The web GUI only uses FIPS 140-2 compliant ciphers. The list of ciphers allowed for web GUI access is as follows:

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA

IP address configuration using the console

Connect to the device console (refer to the Access to the device console section for further details) and run the sysconfig application. In the application menu, choose the Management port item, enter the proper values and press the Save button if you want to configure the IP address statically. If you want to use DHCP, press the Use DHCP & Save button. Then see the console output to check if the IP configuration was successful.

Management IP configuration with sysconfig application
Management IP configuration with sysconfig application

NOTE:

SSH connections only use FIPS 140-2 compliant cryptography algorithms:

Key exchange:
diffie-hellman-group18-sha512
diffie-hellman-group16-sha512
diffie-hellman-group-exchange-sha256

Host key algorithm (Client authentication):
ssh-rsa
rsa-sha2-512
rsa-sha2-256
ssh-ed25519

Encryption algorithm:
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com

Message Authentication Code:
hmac-sha2-512-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-256

Connection to the Monitored Link - Probe only

The location of the probe and connection point of the monitoring interface should be determined by the network administrator. The Flowmon Probe is mostly used to monitor the traffic on central network switches/routers, on the output and input points of the network, critical points (data storage, server farms), saturated links, firewalls, or VPN access points. To connect the monitoring interface, use appropriate network cables according to the link speed and medium in use. Flowmon probes support both copper and fiber medium and they can monitor multiple fully saturated links up to 10 Gbps.

There are several ways to connect your probe into the existing infrastructure with minimal need to change anything in it. The probe monitoring interfaces can be connected in two ways:

  1. using the mirror port of the router or switch (SPAN port)

  2. connect directly to the monitored link using Ethernet TAP or splitter

Connection of the Flowmon Probe monitoring interfaces

The connection using the mirror port is shown in the figure Connection of the Flowmon Probe monitoring interfaces - 1. Mirror / SPAN port. This solution is completely non-invasive and only requires configuring the particular router or switch to mirror demanded traffic. This solution brings the best benefits if the switch or router can mirror multiple interfaces. This enables the probe to monitor all the traffic passing through the router/switch. The disadvantage of this approach comes from the limits of the mirroring appliance as the amount of mirrored data can exceed the mirroring link capacity and cause data sampling to degrade the results of probe monitoring.

The best monitoring results on a saturated link can be achieved using Ethernet TAP or splitter. TAP is a passive, high-reliable appliance able to replicate full-duplex traffic into two monitoring ports. It is simply inserted into the monitored link and does not influence the passing data. This situation is shown in the figure Connection of the Flowmon Probe monitoring interfaces - 2. Copper TAP, splitter and 3. Fiber TAP, splitter. The main advantage of this approach is that it can be used at any point of your network and the point can be easily changed according to your needs. The monitored link stays uninterrupted even in case of the TAP power failure or probe malfunction.

Turning on the Device

Turn on the device by pressing the turn on/off button on the front side. The LED above/behind the button will light up. Wait approximately 2 minutes until the device starts. The proper function can be verified by accessing the web interface of the device using a web browser. Use the IP address configured in the section Connection to the Local Network. If the main page of the device web interface appears, the device installation has been successful. To log in, use a default user name “admin” and password “admin”. Change the login password as soon as possible to avoid unauthorized access (refer to the section User and Roles Settings for further details).

TitleResults for “How to create a CRG?”Also Available inAlert