Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
0
Replies

Router Cisco send packet with source port of 0

dragonhunt9111
Level 1
Level 1

‎06-19-2023 09:17 PM - edited ‎06-20-2023 02:49 AM

Hi experts and friends,

My topology running is like this
Router ASR1001---------Fw Checkpoint-------Solarwind Server

I configure netflow on Router ASR like this: (for it to push netflow traffic to Solarwind Server)

flow record FLOW-RECORD-1
match ipv4 destination address
match ipv4 source address
match ipv4 protocol
.....(omit)
!
flow exporter EXPORTER-1
destination "IP of solarwind"
source GigabitEthernet0
transport udp 9996
!
flow monitor FLOW-MONITOR-1
exporter EXPORTER-1
cache timeout inactive 10
cache timeout active 60
record FLOW-RECORD-1

...apply to interface...

But on my Checkpoint firewall, it drop traffic from router to solarwind, and it said that Invalid UDP packet - source / destination port 0. Dropped although the protection is disabled

This is packet I capture on my Cisco router

dragonhunt9111_0-1687254530315.png

 

I want to know Why cisco sends packet which has source port is 0, which is a security issue for many firewalls

Thank you!!

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents