It seems if you set up a rule allowing ESP out with an SPI of 256:65536 and UDP 500 on Beta 2.1 your ESP connections will fail and any attempts to connect Nortel VPN clients to an external Contivity box succeeds but encrypted traffic fails. On a 2.012 installation the same rule set allows Nortel VPN clients to access the external Contivity box and enrypted traffic flows properly. In the packet filter log you can see ESP packets are be blocked. Anyone experience the same issues with Beta 2.1?
