FIXME - In some cases you have a firewall or router with layer 2 routing (protocol ACLs) sitting in front of your m0n0wall. If this is the case you will need to port forward ESP or AH (depending on which one you chose) to the m0n0wall. (NOTE: if you are running NAT on that firewall AH will not be an option.)
