I need to enable our BM 3.8 to pass thru VPN traffic to a Cisco device that
is NAT'ed to a private address on our network.

I've done a lot of searching, but haven't found a decent how-to. The Cisco
box is supplied by another organization and I don't have any access to its

They assure me that I "only" need to allow ISAKMP and ESP traffic through
BM, but I haven't been able to get it to work yet.

BM isn't part of my normal responsibilities, so just imagine you're
explaining it to your 2-year old child... :)

Thanks, MJ