I can establish a VPN L2L between my PIX 515 and checkpoint NG, when i have the cryptomaps set to IP. When i restrict the cryptomaps to ftp. The connection fails. On debug as part of phase 2 i cannot see any port set in the packet being received. The techy working on the NG does not know of a way of setting which ports are specified as part of the phase 2 setup. Does anybody know how to specify this?
I have this problem too.