I don't think so, it is a bug. You should configure "match not udp port 500" on the safer side bcos, even after a successful VPN connections, I don't see UDP 500 as an open port in "sh control-plane host open-ports"
class-map type port-filter match-all pf match closed-ports match not port udp 500 With regards Kings On Fri, May 20, 2011 at 12:46 PM, Louis van Zyl - Business Connexion < [email protected]> wrote: > I have seen exactly the same thing, somehow it doesn’t realize the port > as open. In another lab I also had to do the same with UDP/500. My guess > is that it must be a bug in the specific IOS version > This e-mail and its contents are subject to the Business Connexion (Pty) > Ltd. E-mail legal notice > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
