I've read thru the lists & emails and it sounds like the possibility of
having more than one vpn user behind monowall is slim & or none.

I'm new to *BSD, but have worked on linux for some time now, and this
issue seems to be a common one to netfilter.

Both the Cisco PIX & newer versions of linksys allow multiple simultaenous
 ipsec vpn sessions, but they are proprietary.

I'm under the impression that this is the port 500 udp issue in which
iptables does not assign an alternate port when 500 is occupied.

Has anyone found a work around for this?

thanks