Configure a PA-7000 Series LFC for Logging per Virtual System
Focus
Focus

Configure a PA-7000 Series LFC for Logging per Virtual System

Table of Contents
End-of-Life (EoL)

Configure a PA-7000 Series LFC for Logging per Virtual System

Create and configure an LFC subinterface for logging on multi-vsys.
If you have enabled multiple virtual system (multi-vsys) capability on a PA-7000 Series firewall with a Log Forwarding Card (LFC) installed, you can configure logging for different virtual systems. The LFC can then forward logs to a Panorama Log Collector or syslog server.
You can choose to configure only the physical interface. Because syslog forwarding via subinterfaces is not yet supported on LFCs, each virtual system uses the single untagged physical interface.
If you configure an LFC subinterface to forward logs externally, the interfaces will no longer work as expected.
To configure a separate subinterface for each virtual system, add subinterfaces to the physical interface and assign the necessary tag to segment the subinterface traffic.
For a PA-7000 Series firewall managed by a Panorama management server, you cannot override or revert the LFC configuration locally on the firewall if the LFC configuration is pushed from Panorama. To override the LFC configuration pushed from Panorama, you must log in to the firewall CLI and delete the Panorama pushed configuration.
admin> configure
admin# delete deviceconfig log-fwd-card
admin# commit