I have been trying to set up a VPN connection between two networks using 2 WRV200 routers. Both routers are behind an ADSL modem using NAT. I was hoping to get this working by using port forwarding of UDP ports 500 and 4500 from the ADSL modem to the WRV200, but it fails. During tunnel setup, the initial IKE messages are exchanged correctly, but the next messages fail, because the initiating router expects that the responder identifies itself with its WAN address. However, the responder identifies itself with its local LAN address. Does anybode know how this can be solved? Another worry is whether the routers will use NAT-T traversal. If I switch it on explicitly in the interface, I can no longer use an explicit WAN address for the other end of the tunnel, so the router can no longer initiate the VPN.