I found a few threads in the archive that dealt with this, but with no resolution.

I have 3 locations, 1, 2 & 3, both 2 & 3 connect via IPSEC to 1.  All locations have Mono 1.1. 
location #1 has an IPSEC connection to an outside company that has equipment at each of our
locations.

They are trying to pass SNMP traffic from their equipment back to their office -- but it is failing
from all 3 . . . . all other traffic works fine.

I looked at the firewall logs on each Monowall and it shows the following is blocked:
Source = local IP, port 161; Destination = remote IP, port 162

NOTE: both local IP and remote IP are in the range of IPs being sent over IPSEC and these entries
show that the return traffic is being blocked at the local Monowalls, not at the central
location(#1) - and all other traffic to/from these IPs are being routed properly.

Any ideas?  workarounds?  explanations?  does Mono 1.21 fix (change log shows SNMP fixed for
monitoring Mono, but for this application?) 

Thanks for any input,

Dave Z