09-04-2025 07:14 PM
Good evening,
Working with one of the top Microsoft engineers today who performed numerous wireshark traces regarding huge concerns that Palo Alto Firewall 5250 firewall was dropping packets. Identified exact time and sequence as well as size of packets and sequence being lost in transit. Noticed over tens of thousands of these re-transmits issues occurring with certain sequence packets being lost.
Microsoft seen this problem and recommended enabling DSRI Disable Server Respponse Inspection). Once implemented, performance was fantastic. File uploads and downloads changed from 2.5 minutes down to 13 - 15 seconds. However, after about 4-5 hours, the issue came back.
Was doing research on SMB file transfers and saw that older Windows Server OS often stems fro firewall's security inspections interering with outdated SMB versions or unexpected traffic patterns.
Decided to also include an exception rule whereby we added all different versions of ms-ds-smb but still the issue continues. Totally open to any additional changes that could alleviate the SMB issue. Entire agency uses Azure commercial to upload files via VDI on-premise to NetApp virtual servers via Expressroute in the cloud and can't migrate because latency is killing performance.
Any advice and or recommendations would be enormously appreciated!!!!
Thanks in advance.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
