Hi PA community,
We have two 5060 appliances in active-passive HA mode.
We also have WF-500 as private cloud and "Cloudwildfire.paloaltonetworks.com" as public cloud.
We have a problem in one of the appliances (Whether she is active or passive):
test wildfire registration This test may take a few minutes to finish. Do you want to continue? (y or n) Test wildfire Public Cloud Testing cloud server wildfire.paloaltonetworks.com ... wildfire registration: failed Test wildfire Private Cloud Testing cloud server ********** ... wildfire registration: failed
*******= Our private ip for WF-500.
show wildfire status Connection info: Signature verification: enable Server selection: enable File cache: enable WildFire Public Cloud: Server address: wildfire.paloaltonetworks.com Status: Disabled due to configuration Best server: Device registered: no Through a proxy: no Valid wildfire license: yes Service route IP address: WildFire Private Cloud: Server address: ************ Status: Disabled due to configuration Best server: Device registered: no Through a proxy: no Valid wildfire license: yes Service route IP address:
In the second appliance everything is ok.
(We have at least 20 rules with wildfire profile)
Got the same issue and the same article that @TranceforLife shared solved it but the only difference is that instead of file blocking profile I assigned a wildfire analysis profile to the security policy cause I'm running PANOS 7.1.x.
Thank you but we already have a 17 rules in the security policy that assignd to wildfire analysis profiles :(
And The problem is only in one machine in the cluster. the second machine works fine and they have the same rules (it's active passive mode)
Let's check with the service route as well. Make sure that is correct. If the active device is working but passive is not, that'd be it. Passive can only use management interface in this state. Active can use both mgt and data ports.
have you tried pushing a #commit force ?
if for some reason the config isn't pushed properly on the dataplane, this could happen
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!