Device > Log Forwarding Card
Log Forwarding Card Features and Description
- Device > Log Forwarding Card
The Log Forwarding Card (LFC) is a high-performance log card
that forwards all dataplane logs (traffic and threat for example)
from the firewall to one or more external logging systems, such
as Panorama or a syslog server. Because the dataplane logs are no
longer available on the local firewall, the ACC tab is removed from the
management web interface and Monitor > Logs contain only management
logs (Configuration, System, and Alarms).
You need to configure the ports for the LFC. Configuring the
LFC as lfc1/1 operates the first interface as port 1 at 10G. Configuring
the LFC as lfc1/9 operates the first interface as port 9 at 40G.
The second interface is not used in either configuration.
The LFC does not support LACP or LAG.
Configure the ports in
Device > Log Forwarding Card
. The
firewall uses these ports to forward all dataplane logs to an external
system, such as Panorama or a syslog server.See the PA-7000 Series Hardware Reference Guide for
information about the LFC requirements and components.
For an LFC interface, configure the settings described in the
following table.
LFC Interface Settings | Description |
|---|---|
Name | For an LFC, you must select lfc1/1 or lfc1/9 from
the drop-down menu. |
Comment | Enter an optional description for the interface. |
IPv4 | If your network uses IPv4, define the following:
|
IPv6 | If your network uses IPv6, define the following:
|
Link Speed | Select the interface speed in Mbps ( 10000 or 40000 ),
or select auto (default) to have the firewall
automatically determine the speed based on the connection. The interface
speed available is dependent on the Name used (lfc1/1 or lfc1/9).
For interfaces that have a non-configurable speed, auto is
the only option. |
Link State | Select whether the interface status is enabled ( up ),
disabled (down ), or determined automatically
based on the connection (auto ). The default
is auto . |
LACP Port Priority | LACP is currently not supported on the LFC. |
Subinterfaces are available if you have multi-vsys enabled. To configure an LFC subinterface,
add a subinterface and use the setting described in the following
table.
LFC Subinterface Settings | Description |
|---|---|
Interface Name | Interface Name (read-only)
displays the name of the log card interface you selected. In the
adjacent field, enter a numeric suffix (1-9,999) to identify the
subinterface. |
Comment | Enter an optional description for the interface. |
Tag | Enter the VLAN Tag (0-4,094)
for the subinterface.Make the tag
the same as the subinterface number for ease of use. |
Virtual System | Select the virtual system (vsys) to which
the Log Forwarding Card (LFC) subinterface is assigned. Alternatively,
you can click Virtual Systems to add a new
vsys. Once an LFC subinterface is assigned to a vsys, that interface
is used as the source interface for all services that forward logs
(syslog, email, SNMP) from the log card. |
IPv4 | If your network uses IPv4, define the following:
|
IPv6 | If your network uses IPv6, define the following:
|
Recommended For You
Recommended Videos
Recommended videos not found.
