On Tue, 2 Aug 2005, Jacco de Leeuw wrote: > Paul Wouters wrote: > >> 50 is PROTOcol 50, not PORT 50 >> And for l2tp (ipsec in transport mode) it is 51. > > No, protocol 51 is AH (Authentication Header) which is not used > by L2TP/IPsec. So it does not have to be allowed in. Oops. Thanks for correcting me on that. Paul