The postoffice port on 45000 is a UDP port and not a TCP port.
We have our own protocol based on UDP that will do basic authentication based on hostid and orgid.
So until the connection is authenticated there won't be any data packets.
So first thing to verify is that you have entered the correct hostid and orgid information.
On the sensor use sysconfig-sensor option 6 to verify that the information match what was originally typed in for the CSPM machine during installation, and what is being typed in CSPM's Add Sensor wizard.
In the snoop output that you saw, were there UDP packets on port 45000 coming from the sensor going to the CSPM box, as well as port 45000 packets coming from the CSPM box going to the sensor.
If not, then either postoffice is not running or is not completely configured on one of the 2 machines. Or a Firewall is blocking the UDP packets.
If the sensor is a separate network then trying moving it to the same network and see if the communication works. If it does then it maybe a network device in between causing the problem.
Are you seeing fragmented UDP packets? These have been known to cause communication problems with CSIDS in some circumstances.