Juniper SSG320M Teardrop Attack

Teardrop attacks occur when fragmented IP packets overlap and cause the host attempting to reassemble the packets to crash. The teardrop option directs the device to drop any packets that have such a discrepancy.

Since Teardrop is related to the reassembly of fragmented packet, possibly check the complete path from the src ssg to dest ssg5 for any fragmentation.
 
Also, the below link might be helpful for you.
http://www.juniper.net/techpubs/software/junos-es/junos-es93/junos-es-swconfig-security/understanding-teardrop-attacks.html

Just a slight note, Tear Drop attacks are not errors on the firewall. They are what the firewall thinks is an attack and is being dropped by the firewalls basic built in IDP functionality (aka screens). Screens do basic signature matching looking for canned attacks, Tear Drop included. This can be likely a false positive (assuming you know the source/dest IP).

Dor the case of trigger it stated proto 50 which is juniper ipsec vpn tunnel if I am nit wrong..hopefully not some vpn related.  If can test without vpn to also see if alert still happen

Thanks for your replay, I understand what a Teardrop is I do not understand why it is occurring and how I prevent it from occurring. I also understand that it has to be happening because of the VPN connection from our home office to our colo, we have never had issues in the past this is something new and I would like to eliminate the problem. Thanks

Thanks for the advice updating to the latest firmware has resolved the issue.