WIldFire status: Disabled due to configuration

Erez · ‎05-24-2017

Hi PA community,

We have two 5060 appliances in active-passive HA mode.

We also have WF-500 as private cloud and "Cloudwildfire.paloaltonetworks.com" as public cloud.

We have a problem in one of the appliances (Whether she is active or passive):

test wildfire registration
This test may take a few minutes to finish. Do you want to continue? (y or n)

Test wildfire Public Cloud

        Testing cloud server wildfire.paloaltonetworks.com ...
        wildfire registration:         failed

Test wildfire Private Cloud

        Testing cloud server ********** ...
        wildfire registration:         failed

*******= Our private ip for WF-500.

show wildfire status

Connection info:
  Signature verification:        enable
  Server selection:              enable
  File cache:                    enable

WildFire Public Cloud:
  Server address:                wildfire.paloaltonetworks.com
  Status:                        Disabled due to configuration
  Best server:
  Device registered:             no
  Through a proxy:               no
  Valid wildfire license:        yes
  Service route IP address:

WildFire Private Cloud:
  Server address:                ************
  Status:                        Disabled due to configuration
  Best server:
  Device registered:             no
  Through a proxy:               no
  Valid wildfire license:        yes
  Service route IP address:

In the second appliance everything is ok.

(We have at least 20 rules with wildfire profile)

Any ideas?

TranceforLife · ‎05-25-2017

Not sure if this can help you:

https://live.paloaltonetworks.com/t5/Management-Articles/WildFire-Registration-Failed-With-Error-Dis...

MohamedSharief · ‎05-25-2017

Got the same issue and the same article that @TranceforLife shared solved it but the only difference is that instead of file blocking profile I assigned a wildfire analysis profile to the security policy cause I'm running PANOS 7.1.x.

Regards,

Sharief

Regards,
Sharief

Erez · ‎05-25-2017

Thank you but we already have a 17 rules in the security policy that assignd to wildfire analysis profiles :(

And The problem is only in one machine in the cluster. the second machine works fine and they have the same rules (it's active passive mode)

MohamedSharief · ‎05-25-2017

By any chance is it the Passive FW that have this issue?

Regards,

Sharief

Regards,
Sharief

MohamedSharief · ‎05-25-2017

You may get more info by running the below command then try to register again:

>tail follow yes mp-log varrcvr.log

Regards,

Sharief

Regards,
Sharief

ansharma · ‎05-25-2017

@Erez

Let's check with the service route as well. Make sure that is correct. If the active device is working but passive is not, that'd be it. Passive can only use management interface in this state. Active can use both mgt and data ports.

Regards,

Anurag

================================================================
ACE 7.0, 8.0, PCNSE 7

Erez · ‎05-28-2017

Thank you all guys.

The working appliance working whether it is active or passive.

The other aapliance doesn't work whether it is active or passive.

reaper · ‎05-28-2017

have you tried pushing a #commit force ?

if for some reason the config isn't pushed properly on the dataplane, this could happen

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374

Erez · ‎05-28-2017

Sure. I've tried commit force and no luck :(

Strata

Prisma

Cortex

WIldFire status: Disabled due to configuration

WIldFire status: Disabled due to configuration

Show your appreciation!