We are having great problems getting IPSec to work via the Watchguard Mobile User VPN (MUVPN) and I believe it is because it can not handle two NATs. We have a Netgear DG834PN ADSL router which feed into a Watchguard Firebox Edge X20e-W firewall which then feeds the internal network.
We have a Demon ADSL broadband and the whole thing is set up as follows:-
ADSL --- (PIP) Netgear (192.168.0.1) ------ (192.168.0.2) Firebox (IIP)
where PIP is my abbreviation fot Public IP address and IIP is our internal subnet.
What I think we need to do is to somehow expose the PIP to the firebox in order to cut out one of the NATs. This worked before in a previous ADSL router by what they called port forwarding (I thinik of it more as address forwarding). We have tried turning off the NAT in the Netgear box but still cannot get anything to work. The above setup works fine for ordinary Internet access and indeed for standard Microsoft PPTP VPN.
Has anyone got any experience of the Netgear unit and any ideas about how we can get round this problem?