Wildfire file-size-limit

cancel
Showing results for 
Search instead for 
Did you mean: 

Wildfire file-size-limit

L4 Transporter

Just installed PANOS6 on a PA200 platform.

Did a change at the configuration and tried to commit. While commit I get the message:

  • Validation Error:
  • deviceconfig -> setting -> wildfire -> file-size-limit unexpected
    here
  • deviceconfig -> setting -> wildfire -> file-size-limit is
    invalid

Tried to change the values at device -> setting -> wildfire -> general settings but not possible. Same error message.

Also via cli not possible:

# set deviceconfig setting wildfire file-size-limit apk 10

Server error : file-size-limit unexpected here

Beta tester: Any idea how to fix?

1 ACCEPTED SOLUTION

Accepted Solutions

L4 Transporter

problem solved by myself.

first I downgrade to version 5.0.9, then revert the Panorama-Template config at the wildfire tab. After the commit I reinstalled PANOS6. Now everything looks great. Thanks anyway.

View solution in original post

10 REPLIES 10

L4 Transporter

Am I the only one who has the problem???

With PAN-OS 6.0, this area of the configuration changed.  In 5.0 in the configuration file the file-size-limit parameter looks like this (under deviceconfig setting wildfire) :

file-size-limit 10;

But in 6.0 this has changed to (for the different Wildfire supported file types):

file-size-limit  {

    pe 10;

    jar 2;

    apk 5;

}

My guess is that you just need to delete the old "file-size-limit 10" setting.  In the CLI try this:

admin@pa0(active)# delete deviceconfig setting wildfire file-size-limit

Once that's done, you should be able to make changes to the various file types. 

Thank you for your reply...

tried your command and also tried to set new values. same error.

# delete deviceconfig setting wildfire file-size-limit

# commit

...

Validation Error:

deviceconfig -> setting -> wildfire -> file-size-limit unexpected here

deviceconfig -> setting -> wildfire -> file-size-limit is invalid

[edit]

(tried to set new values afterwards and to commit - same result)

Curiously, at the running config I cannot find anything with "file-size-limit"....

> show config running | match file-size

> show config running | match file-size-limit

I saw this problem during the beta.  When I ran into it, here's what I did to fix the problem:

1.) revert to "running configuration" (in the GUI it is Device / Setup / Operations / Revert)

2.) change the WildFire server to something different

From there, it took my file size changes without complaining.  I then changed the WildFire server back to the original setting.

If that doesn't help, then I'd recommend opening a case with TAC.   

doesn't work for me....

1-23-2014 8-37-22 AM.png

1-22-2014 11-39-29 AM.png

Already opened a ticket. Thank you anyway.

can you do me a favor? Please export your running config and copy the complete part of the file-size-limit...


in the section <deviceconfig> my running config at PANOS 6 looks like:

      <wildfire>

            <session-info-select>

              <exclude-username>yes</exclude-username>

              <exclude-filename>no</exclude-filename>

            </session-info-select>

      </wildfire>

The section of file-size-limit is missing.

L4 Transporter

problem solved by myself.

first I downgrade to version 5.0.9, then revert the Panorama-Template config at the wildfire tab. After the commit I reinstalled PANOS6. Now everything looks great. Thanks anyway.

L0 Member

Guys I had the same problem and I got it working.

I had to change the size one file at a time.

example... change JAR file from 1MB to 10MB and hit the okay button.

go back and change exe file size from 1MB to 10MB and hit the okay button.

Hope that helps!

-JC

This worked for me, but had to reboot the firewall first. Reverting to running config still produced an error for me.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!