IPsec between Strongswan on AWS and Cisco IOS behind a NAT