Registering the Palo Alto firewall to the WildFire cloud is a 3-step process, with details in the varrcvr.log log file.
Firewall sends its details to WildFire, including serial number, PAN-OS version, and the hardware model.
received sigal to execute <operations type="union" handler="varrcvr_test_fbd_reg"><test type="union"><wildfire type="union"><registration type="sequence"/></wildfire></test></operations>
pan_fbd_cloud_register(pan_fbd_fwd.c:775): cloud response code: 200, curl return No error
The firewall gets the list of servers from the cloud and makes a note of all servers available for WildFire.
The firewall then calculates which server is the closest to respond (based on response time).
pan_fbd_cloud_select_best_server(pan_fbd_fwd.c:1168): probe server ca-s1.wildfire.paloaltonetworks.com took 0.713590 usec (from 1349282187.494708 to 1349282188.208298)
Note: Make sure port 443 is allowed in the network upstream devices to reach the internet as this is used for device registration to WildFire. Also allow the app paloalto-wildfire-cloud in security policies.