DHCP duplicate addresses

PA-500, PANOS 4.0.5, DHCP set to "auto", lease time all zeros, one IP pool (192.168.2.2-192.168.2.126) .

Recently I noticed that I was getting duplicate IP messages from Windows computers on my network. I found that certain devices were geting the sam

qos or what?

hi everybody,how can i configure the bandwith for specific applications , for specific user subnets?

App Filter doenst work

Hello,

after updating to 4.1.1 it seems to be that filtering applications doesnt work any more. We have several security policies, where only ssl and web-browsing is allowed, but I can open eg youtube, netviewer, flash, google-video and other aps...

He

How to resize SSD

Hi

I Configured RAID with 120GB and 240GB HDD.

Aftar that,booted up a device with single 240GB.

It seem available diskc space is 120GB.a Device recognize inserted SSD is 240GB.

Do you know resize SSD to 240GB?

admin@PA-5020> show system disk-space
Filesy

Migration help from Fortigate to Palo Alto Firewall

Hello Team ,

Any tool for migration from Fortigate to Palo Alto Firewall.

I want to work via command line of PA .Any link for pa 2020 and 2050 would be helpfull

Thanks

HSharma

PAN OS Packet Capture

I know where and how to start a packet capture on the device.  I would like to know if the capture can be configured to capture only specific parameters (ie src ip, dst ip, src port, dst port).  I don't see those options on the web GUI.

block by Domain Suffix (.xxx)

Looking for a way to block the domain suffix of .xxx

I've created a custom URL catagory with *.xxx (and I also tried *.xxx/) and that works....however It will also block a URL string with.xxx anywhere in the URL (i.e. www.google.com/news/foobar.xxxds

need to forward log to Panorama and do not save logs on Pan

For some reasons, I need to manage all logs using Panorama and the logs can not save on Pan. How can I do to config ? Or the request againsts Pan policy.

How perform a packet capture with a filter for subnet or a vlan-id

Hi,

I need capture some traffic for a specific subnet ( or vlan tag) .

With "debug dataplane packet-diag set filter match" I can only put a single ip's but not subnet.
Neither a vlan-tag can be added in a filter.

Is there any way to do this ?

Tx.

HTTP Tunneling

Wondering how the Palo Alto detects HTTP tunneling and how would a security policy be configured to detect/prevent this situation.

SSL VPN

I just started using PAN 2050 in production and confiuring ssl vpn.  Issue is that after client computer connect to vpn, client computer loses all internet access.  What makes ssl vpn to work so that client computer doesn't lose internet access local