> > Hi Darren, > > I have a similar problem, where I need to make all outgoing IKE traffic to > have a source port of 500 (all outgoing port 500 traffic towards a certain > IP must also have the same source port). I have tried the following rule > that you gave with no luck:
That is a bad idea. NAT-T mode of IKE uses 4500. > map lnc0 from any to xx.xx.xx.xx/32 port = 500 -> 0/0 port = 500 udp map lnc0 from any to xx.xx.xx.xx/32 port = 500 -> 0/0 port 500 udp Darren
