UDP packets are all passed to the SWEEP.PORT.UDP engine to see if the packet should be counted toward a sweep. When the Engine looks a the destination port in the UDP Packet itself it seeing a destination port of "0" for the UDP Packet. UDP Packets should not have a destination port of "0" so it is creating this error (i.e. a service can't open a UDP port of 0 so the packet is not valid).
I would suggest using a sniffer and trying to determine if there are perhaps UDP packets on your network whose destination port is set to 0. If you do find some then can you determine what is generating the invalid UDP packets?
If you can not find any with a sniffer then you will likely need to contact the TAC and request engineering assistance. You will need to gather some information for engineering to analyze what the problem might be.
Execute the following steps to get the data that the engineers will need.
1) Stop the sensor
2) Remove the packetd error log
3) Start the sensor, as well as a network sniffer that will log all UDP packets
4) Watch the error log of packetd
5) When the error pops up in the log, stop the sniffer.
6) Have the sniffer log and error log ready when you contact the TAC.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...