On Mon, 15 Jan 2001, Pervaiz Rizvi wrote: > Do you mean IPsec implementations silently > ignore the configured policy to protect > udp/500 with IPsec? A configured policy which does not include an exception for UDP/500 (perhaps subject to other constraints) is erroneous and should be reported as such. Henry Spencer henry@spsystems.net