Assuming that I have the following:
-------------------Router--------------PIX--------------LAN
(Public Outside) (Private Inside)
And the router on the outside has a static translation for the PIX outside interface. Assuming I am building a VPN between the PIX outside interface and a destination network somewhere on the Internet, I assume I would need to account for NAT-T.
A colleague of mine was tasked to get this working for a customer and his IKE phase 1 negotiation was unsuccessfull. We thought initially that the Phase 1 parameters were inconsistent, however, something tells me NAT-T may also be a possibility.
Regards
Darren