we have two GWs which having site to site vpn.
they located in different geographic location, but they have Layer 2 line, so they basically see each other by arp.
so let's say 192.168.1.2/29 and 192.168.1.6/29 (and by these addresses they know each other as peers)
for some reason, instead of using ESP over proto:50, they are deciding to use NAT-T
i can't figure out why. and i was hoping to fix it, to save the double encapsulation. is there a way to understand what is behind this decision?
gws are single gws with r80.40 latest take. managed by the same mgmt, share the same vpn community.