(edit: the text of my reply didn't get posted, only the attachment)
Hi Danne, thanks for the reply.
The ISP is cable-modem. As mentioned, the change from a run-of-the-mill Linksys to the m0n0wall (after many different configuration and version attempts) is now preventing access to this VPN connection.
I have not modified the default MTU setting. All LAN traffic is allowed (LAN -> any). At this time, no additional firewall rules beyond the LAN->any rule. I did at one point add a whole series of rules to explicitly allow the required ports and protocols to/from the VPN endpoint IP ranges (even opened up rules allowing any traffic to/from those IP ranges), to no avail.
At this point, I have basically a fresh-install of 1.3b2, except for the setting to turn on NAT-T.
I have also tried Manuel Kasper's suggestion posted here http://m0n0.ch/wall/list/showmsg.php?id=253/51
to turn off the portmap rule temporarily. This also appears to have no effect on my ability to connect to this VPN.
Thanks for the offer to look through my status output (attached).
Willing to try lots of things, just need more suggestions. I also think that with the default level of configuration I have here and the many times I've seen this type of inquiry, and the NAT-T changes being made, there must be some type of problem with the way m0n0 is passing IPSEC packets...
So, if you tried two different versions of m0n0wall, including one that supposedly fixes this exact problem, yet continue to have problems...I would look at other factors.
What is your ISP type? As mentioned earlier, MTU problems can prevent VPN tunnels from coming up easily. Are you allowing all LAN traffic outward, or do you have any funny firewall rules?
Best way to see if something is configured wrong is to look at http://your-m0n0wall/status.php
and post the relevant info here.