In section "13.7. VPN over IPsec" it is written that you shall configure the Firewall rule "ipfw add 00204 allow log udp from any 500 to any". This opens the Firewall for all incoming udp packets if the source port 500 is used. I don't have much expirience with the IPSEC configuration, but because if the instructions, which follow for the pf or ipf users I assume the correct rule is "ipfw add 00204 allow log udp from any 500 to any".
The correct rule is probably "ipfw add 00204 allow log udp from any 500 to any 500"