I have a Cisco PIX on the outside of ISA. The PIX snmp logger is on the inside of ISA. I created a protocol named PFSS which. When the definition of the protocol is TCP - Inbound - Port 1471 everything works just great.
Because of some issues with the PIX, TCP logging is not a good idea (stops passing traffic if it can't reach the logger). So, I changed the definition of the PFSS protocol to UDP- Receive - 65535 and click apply.
The firewall service will not start and the system grinds to a very slow crawl.
1. Is there something wrong with publishing a UDP server? 2. Is there something unique about UDP 65535? 3. If I use a different port should I expect this to work?
Following your suggestion, I tried several different ports between 1 and 1024 (I stayed away from zero) and they each worked fine.
My PIX however required that I use something between 1025 and 65535. I tried only a couple from in there (staying away from 65535) and they also worked fine. My logging is currently online with a published server using UDP Receive 1471.
Not quite sure why 65535 is a no no, and since this is an active server I can not try zero - but, Thanks. I am online.