I noticed when I turn on capturing unmonitored traffic that I am not currently collecting the ESP traffic from my firewalls vpn connections. The question is it appears I removed application with ID 5114 so I have no clue what port its attempting to talk on. I can't create an application that allows all ports on protocol ESP since ESP isnt an option. I must have removed whatever application would have collected this data...anyone know?
Here is what the conversation looks like: