OT: IPsec Site to Site Tunnel behind NAT

Hello All,
Sorry for the OT, but been having issues setting up IPsec Site to Site
VPN behind a router configured for NAT. Below is the setup;

LAN---->Cyberoam---->Router>>>internet>>>>SonicWall

IPsec is terminated on the Cyberoam UTM as well as the SonicWall but
the VPN fails to connect and i get the following error below on the
Cyberoam UTM;

Jun 05 19:07:57 packet from 31.221.21.170:500: ignoring unknown Vendor
ID payload [5b362bc820f60007]
    Jun 05 19:07:57 packet from 31.221.21.170:500: received Vendor ID
payload [RFC 3947] method set to=110
    Jun 05 19:07:57 packet from 31.221.21.170:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using
method 110
    Jun 05 19:07:57 packet from 31.221.21.170:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using
method 110
    Jun 05 19:07:57 packet from 31.221.21.170:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-00]
    Jun 05 19:07:57 "Septa_VPN_London-7" #346: responding to Main Mode
    Jun 05 19:07:57 "Septa_VPN_London-7" #346: transition from state
STATE_MAIN_R0 to state STATE_MAIN_R1
    Jun 05 19:07:57 "Septa_VPN_London-7" #346: STATE_MAIN_R1: sent
MR1, expecting MI2

and on checking on the internet seems to be an issue with NAT behind a
device terminating the IPsec VPN, and of which i have excluded the
IPsec VPN traffic from been NATed on the router on UDP port 500 and
port 4500 but yet still getting thesame error.
Router Config:-
int g0/1
ip add 192.168.1.1 255.255.255.0
ip add 197.x.x.x 255.255.255.248 sec
ip nat inside

CR:-
Port C
ip add 197.x.x.y 255.255.255.248

Any pointers to what could be the issue will very much appreciated.

Thanks in advance.

Blogs and organic groups at http://www.ccie.net
Received on Sat Jun 07 2014 - 15:33:27 ART