lot of session clash port 0

Hi,

I've got a lot of message of session clash on my forti like this :

<190>date=2017-11-24 time=13:44:08 devname=MyForti devid=XXXXXXXXXXX logid=0100020085 type=event subtype=system level=information vd="[style="background-color: #ffff00;"]Myvdom[/style]" logdesc="session clash" status="clash" proto=41 msg="session clash"

new_status="state=00030204 tuple-num=2 policyid=12 dir=0 act=1 hook=4 11.14.17.10:0->11.201.17.19:0(217.69.23.163:0) dir=1 act=2 hook=0 11.201.17.19:0->217.69.23.163:0(11.14.17.10:0)"

old_status="state=00010204 tuple-num=2 policyid=12 dir=0 act=1 hook=4 11.106.16.48:0->11.201.17.19:0(217.69.23.163:0) dir=1 act=2 hook=0 11.201.17.19:0->217.69.23.163:0(11.106.16.48:0)"

Session stat shows

misc info:     session_count=19559 setup_rate=341 exp_count=55 clash=[style="background-color: #ffff00;"]104818[/style]     memory_tension_drop=37850 ephemeral=0/589824 removeable=0 delete=0, flush=0, dev_down=0/0 TCP sessions:      55 in NONE state      4142 in ESTABLISHED state      58 in SYN_SENT state      2 in SYN_RECV state      29 in FIN_WAIT state      213 in TIME_WAIT state      225 in CLOSE state      467 in CLOSE_WAIT state

it's strange that the traffic show 0 and both source/destination port. I see on the web that it's something to do with IP fragmentation (maybe  a network scan). I've tried to create a policy to denied  all traffic to the wan with a TCP/UDP port 0, but it doesn't effect.

Is there a solution to avoid this issue ? Thanks for the help.