WildFire Registration Details

by Phoenix on ‎10-03-2012 09:49 AM - edited on ‎09-09-2015 06:58 PM by (8,025 Views)

Registering the Palo Alto firewall to the WildFire cloud is a 3-step process, with details in the varrcvr.log log file.

 

  1. Firewall sends its details to WildFire, including serial number, PAN-OS version, and the hardware model.

    received sigal to execute <operations type="union" handler="varrcvr_test_fbd_reg"><test type="union"><wildfire type="union"><registration type="sequence"/></wildfire></test></operations>

    Oct 03 18:36:26 pan_fbd_cloud_register(pan_fbd_fwd.c:765): fb fwd register: https://ca-s1.wildfire.paloaltonetworks.com/api/1.0/box/register/device_id=0011C101845&panos_version...


    Example of successful registration message:

    pan_fbd_cloud_register(pan_fbd_fwd.c:775): cloud response code: 200, curl return No error

     

  2. The firewall gets the list of servers from the cloud and makes a note of all servers available for WildFire.
  3. The firewall then calculates which server is the closest to respond (based on response time).

    pan_fbd_cloud_select_best_server(pan_fbd_fwd.c:1168): probe server ca-s1.wildfire.paloaltonetworks.com took 0.713590 usec (from 1349282187.494708 to 1349282188.208298)

Note: Make sure port 443 is allowed in the network upstream devices to reach the internet as this is used for device registration to WildFire. Also allow the app paloalto-wildfire-cloud in security policies.

 

owner: ssunku

Ignite 2018, Amsterdam, Netherlands
Ask Questions Get Answers Join the Live Community
Contributors