hi all!

I'm trying to setup a VPN connection between 2 monowalls : 1 is directly
connected to the internet, and the other one is connected behind a NAT router.
Here's what it looks like :

remote----monowall----NAT-----(internet)------monowall---local
subnet                                                   subnet

the NAT router get's his ip address dynamicaly. "Ipsec passthrough" as been
checked.

I managed to get a VPN connection up, using the "normal" site-to-site way (the
two networks appeared in the ipsec logs on SAD), knowing that it wasn't the
best solution when one connects through dynamic ip.  however, eventhough it
was up, I couldn't ping the remote monowall's LAN ip address.

so I decided to look for another way

I looked in the mailing list archive, on mail pointed to a tutorial of pfsense
when one of the routers uses dynamic ip
(ftp://reflection.ncsa.uiuc.edu/pub/pfSense/tutorials/mobile_ipsec/index.html).
I tried it but I couldn't get the VPN up, logs says :

racoon: DEBUG: pfkey X_SPDDUMP failed: No such file or directory

I'm kinda lost, I don't know how I can successfully setup this ipsec tunnel...
can anybody point me where I've been wrong ? why can't I ping the remote
monowall's LAN ip even with VPN up ? what those "pfkey X_SPDDUMP" means? is
this a problem because of the NAT router ?

thanks for your help!!!