Re: pf filter rulesets

[Jolan Luff <jolan_(_at_)_lithely_(_dot_)_net>]

On Mon, May 26, 2003 at 09:21:02AM +0200, Henning Brauer wrote:
> > nat on kue0 inet proto udp from any port = isakmp to any -> (kue0) \
> >         port 500
> 
> no, that will change the source port.

It is adequate if the problem is isakmp being remapped to a random port
on the firewall, which has typically been the case for me when M$ VPN
stuff is involved.