IPSec NAT

Last time i got an issue from my client about VPN in monowall, can the network design put monowall vpn behind a firewall. Can it be NAT? Can it be forward? I know VPN can be NAT but i'm not sure if IPSec in monowall can be NAT or not. After reading and searching the google for the answer. I think i found the answer that i need.

Yes, it can be NAT. The documentation inside monowall homepage also said that it can be NAT but only using ESP protocol not AH protocol.



Read here.

ESP protocol will use port 500/UDP for ISAKMP, Internet Security Association and Key Management Protocol. Read here and here and here.

p/s: I hope that i can get the budjet earlier from my company for me to buy Advantech FWA-660 to test the IPSec NAT.