>From: "Jason J. Ellingson" <jason at ellingson dot com>
>To: "'Chris Breish'" <cbreish at pchelpservice dot com>
>CC: <m0n0wall at lists dot m0n0 dot ch>
>Subject: RE: [m0n0wall] m0n0wall to m0n0wall IPSec Issues
>Date: Mon, 15 Nov 2004 17:48:13 -0600
>
>
>Also, don't forget to open the set a rule to allow ESP (also check the
>"allow fragments" for that ESP rule) to your m0n0 IP.
>------------------------------------------------------------

I have several IPSEC connections working fine without the above rule.  Also, 
I haven't had any luck with "Main" but "Aggressive" works just fine.

Roy...