Cisco CCNP and CCIE Study Notes

Consider two routers connected via their serial interfaces and configured for IPSec with the following config

Router1

crypto isakmp policy 1
 authentication pre-share
 group 2
 lifetime 28000
crypto isakmp key cisco address 172.16.1.2
!
crypto ipsec transform-set myset ah-sha-hmac esp-des 
!
crypto map mymap 1 ipsec-isakmp 
 set peer 172.16.1.2
 set transform-set myset 
 match address 101
!
interface Ethernet0
 ip address 10.1.1.254 255.255.255.0
 no keepalive
 no clns route-cache
!         
interface Serial2
 ip address 172.16.1.1 255.255.0.0
 no keepalive
 serial restart-delay 0
 no clns route-cache
 crypto map mymap
!
access-list 101 permit icmp 10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255

Router2

crypto isakmp policy 1
 authentication pre-share
 group 2
 lifetime 28000
crypto isakmp key cisco address 172.16.1.1
!
crypto ipsec transform-set myset ah-sha-hmac esp-des 
!
crypto map mymap 1 ipsec-isakmp 
 set peer 172.16.1.1
 set transform-set myset 
 match address 101
!
interface Ethernet0
 ip address 192.168.1.254 255.255.255.0
 no keepalive
 no clns route-cache
!         
interface Serial2
 ip address 172.16.1.2 255.255.0.0
 no keepalive
 serial restart-delay 0
 no clns route-cache
 crypto map mymap
!
access-list 101 permit icmp 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

Will the following ping command issued on Router1 succeed?

ping 192.168.1.254 source 10.1.1.254

Will the fact that UDP (which is used by IKE for key negotiation) is being denied by the ACL in the crypto map cause a problem?