It depends on your firewall rules - use the wiki for IPSEC tunnels to find what type of traffic is used, and create rules that allow that kind of traffic to be forwarded to the local network or device. It should work under normal firewall rules, but who is to say what is normal, eh?
Have a fiddle around, and please drop some feedback after. It may help someone else
I just thought - enable uPNP and make sure the interfaces are set correctly for it, before messing with the firewall. It may 'fix itself'.