Log Collector Interface Settings
- Panorama > Managed Collectors > Interfaces
By default, Dedicated Log Collectors (M-Series appliances in Log Collector mode) use the management (MGT) interface for management traffic, log collection, and Collector Group communication. However, Palo Alto Networks recommends that you assign separate interfaces for log collection and Collector Group communication to reduce traffic on the MGT interface. You can improve security by defining a separate subnet for the MGT interface that is more private than the subnets for the other interfaces. To use separate interfaces, you must first configure them on the Panorama management server (see Device > Setup > Management). The interfaces that are available for log collection and Collector Group communication vary based on the Log Collector appliance model. For example, the M-500 appliance has the following interfaces: Ethernet1 (1Gbps), Ethernet2 (1Gbps), Ethernet3 (1Gbps), Ethernet4 (10Gbps) Ethernet5 (10Gbps)
To configure an interface, select the link and configure the settings as described in the following table.
To complete the configuration of the MGT interface, you must specify the IP address, netmask (for IPv4) or prefix length (for IPv6), and default gateway. If you commit a partial configuration (for example, you might omit the default gateway), you can only access the firewall or Panorama through the console port for future configuration changes.
Always commit a complete MGT interface configuration. You cannot commit the configurations for other interfaces unless you specify the IP address, netmask (for IPv4) or prefix length (for IPv6), and default gateway.
Log Collector Interface Settings
Eth1 / Eth2 / Eth3 / Eth4 / Eth5
You must enable an interface to configure it. The exception is the MGT interface, which is enabled by default.
Speed and Duplex
Configure a data rate and duplex option for the interface. The choices include 10Mbps, 100Mbps, 1Gbps, and 10Gbps (Eth4 and Eth5 only) at full or half duplex. Use the default auto-negotiate setting to have the Log Collector determine the interface speed.
This setting must match the interface settings on the neighboring network equipment.
IP Address (IPv4)
If your network uses IPv4, assign an IPv4 address to the interface.
If you assigned an IPv4 address to the interface, you must also enter a network mask (such as 255.255.255.0).
Default Gateway (IPv4)
If you assigned an IPv4 address to the interface, you must also assign an IPv4 address to the default gateway (the gateway must be on the same subnet as the MGT interface).
IPv6 Address/Prefix Length
If your network uses IPv6, assign an IPv6 address to the interface. To indicate the netmask, enter an IPv6 prefix length (such as 2001:400:f00::1/64).
Default IPv6 Gateway
If you assigned an IPv6 address to the interface, you must also assign an IPv6 address to the default gateway (the gateway must be on the same subnet as the interface).
Enter the maximum transmission unit (MTU) in bytes for packets sent on this interface (range is 576 to 1,500; default is 1,500).
Device Log Collection
Enable the interface for collecting logs from firewalls. For a deployment with high log traffic, you can enable multiple interfaces to perform this function. This function is enabled by default on the MGT interface.
Collector Group Communication
Enable the interface for Collector Group communication. Only one interface can perform this function (default is MGT interface).
Network Connectivity Services
The Ping service is available on any interface, and enables you to test connectivity between the Log Collector interface and external services.
The following services are available only on the MGT interface:
Permitted IP Addresses
Enter the IP addresses of the client systems that can access the Log Collector through this interface.
An empty list (default) specifies that access is available to any client system.
Palo Alto Networks recommends that you do not leave this list blank; specify the client systems of Panorama administrators to prevent unauthorized access.
Panorama > Setup > Interfaces
Panorama > Setup > Interfaces Select Panorama Setup Interfaces to configure the interfaces that Panorama uses to manage firewalls and Log Collectors, deploy software and ...
Device > Setup > Interfaces
Device > Setup > Interfaces Use this page to configure connection settings, allowed services, and administrative access for the management (MGT) interface on all firewall ...
Configure Panorama for Network Segmentation
Configure Panorama for Network Segmentation To offload Panorama services from the MGT interface to other interfaces, start by configuring the interfaces on the Panorama management ...
Deploy Panorama M-Series Appliances with Local Log Collecto...
Deploy Panorama M-Series Appliances with Local Log Collectors The following figures illustrate Panorama in a centralized log collection deployment. In these examples, the Panorama management ...
Deploy Panorama with Dedicated Log Collectors
Deploy Panorama with Dedicated Log Collectors The following figures illustrate Panorama in a distributed log collection deployment. In these examples, the Panorama management server comprises ...
Perform Initial Configuration of the M-Series Appliance
Perform Initial Configuration of the M-Series Appliance By default, Panorama has an IP address of 192.168.1.1 and a username/password of admin/admin. For security reasons, you ...
Set Up the M-Series Appliance as a Log Collector
Set Up the M-Series Appliance as a Log Collector If you want a dedicated appliance for log collection, configure an M-100, M-200, M-500, M-600 appliance ...
Set Up The Panorama Virtual Appliance as a Log Collector
How to set up a Panorama virtual appliance in AWS or Microsoft Azure as a Dedicated Log Collector. ...
Perform Initial Configuration of the Panorama Virtual Appli...
Perform Initial Configuration of the Panorama Virtual Appliance Based on your Panorama model, use the AWS , Azure , or GCP web interface, KVM Virtual ...