WildFire Registration Details

Registering the Palo Alto firewall to the WildFire cloud is a 3-step process, with details in the varrcvr.log log file.

1. Firewall sends its details to WildFire, including serial number, PAN-OS version, and the hardware model.

   received sigal to execute <operations type="union" handler="varrcvr_test_fbd_reg"><test type="union"><wildfire type="union"><registration type="sequence"/></wildfire></test></operations>

   Oct 03 18:36:26 pan_fbd_cloud_register(pan_fbd_fwd.c:765): fb fwd register: https://ca-s1.wildfire.paloaltonetworks.com/api/1.0/box/register/device_id=0011C101845&panos_version=4.1.8&fb_version=1.0&hardware_model=PA-5020

   
   

   Example of successful registration message:

   pan_fbd_cloud_register(pan_fbd_fwd.c:775): cloud response code: 200, curl return No error

    

2. The firewall gets the list of servers from the cloud and makes a note of all servers available for WildFire.
3. The firewall then calculates which server is the closest to respond (based on response time).

   pan_fbd_cloud_select_best_server(pan_fbd_fwd.c:1168): probe server ca-s1.wildfire.paloaltonetworks.com took 0.713590 usec (from 1349282187.494708 to 1349282188.208298)

Note: Make sure port 443 is allowed in the network upstream devices to reach the internet as this is used for device registration to WildFire. Also allow the app paloalto-wildfire-cloud in security policies.

owner: ssunku