Hi, We're using port based ACL in our ASA firewalls for site to site VPNs, it was working fine. However, after upgrading one of the firewalls to 8.4, we started to have issues. We then changed it to IP based and it fixed the problem. Are port based crypto ACLs supported in 8.4 ? Is it recommended ? Thnx Puneesh