On 3/14/06, Polus, Tomasz <tomek at polvision dot com dot pl> wrote:
> Come on guys, I don't believe m0n0wall working as a NAT gateway cannot
> pass returning UDP 500 packets....
Of course it can. That's not the problem. The problem is most likely
that you don't have NAT-T enabled on the Linksys you're connecting to.
The process of NAT breaks IPsec unless the terminating device
supports and has NAT-T enabled. Previously, you may have had ESP
forwarded to your machine, but ipfilter doesn't support anything but
TCP and UDP on non-1:1 forwards.