IPSEC Tunnel behind NAT
Hopefully someone can help a newbie out. We have several linux firewalls (Redhat -IPTABLES) connected to our corporate headquaters using IPSEC (freeswan). Everything is working great, except I think I might have a problem with our newest office in Hong Kong.
The Hong Kong internet connection is a DSL with a static address. The setup is a DSL modem with a netopia router behind the DSL modem which provides the connection information the the modem, and provides NAT and DHCP to the inside network. The ISP also created a DMZ address on the Netopia router that passes traffic through to an NAT IP address. The ISP also refuses to change this configuration, so what I need to do (if possible) is setup a linux firewall to use an NAT'd address on it's external interface and create a 2nd NAT network for the network behind the firewall. I'm sure this will work for general purposes, but will I be able to create the IPSEC tunnel through this double NAT configuration?
Thanks for any help!