同一局域网内多台PC如何能够同时与防火墙建立L2TP over IPSec隧道？

Comware V7防火墙作为LNS设备，局域网内有多台PC，PC与防火墙中间有NAT设备，PC通过自带的客户端无法同时与防火墙建立L2TP over IPSec隧道。

Windows自带的客户端IPSec使用的是传输模式，前面有NAT设备，保护的数据流一样。

Windows*2（192.168.1.0/24）---------------NAT（PAT方式 1.1.1.2）----------------（1.1.1.1）FW

dis ipsec sa
-------------------------------
Interface: GigabitEthernet1/0/0
-------------------------------

  -----------------------------
  IPsec policy: 1
  Sequence number: 1
  Mode: Template
  -----------------------------
    Tunnel id: 1
    Encapsulation mode: transport
    Perfect Forward Secrecy:
    Inside VPN:
    Extended Sequence Numbers enable: N
    Traffic Flow Confidentiality enable: N
    Path MTU: 1440
    Tunnel:
        local  address: 1.1.1.1
        remote address: 1.1.1.2
    Flow:
        sour addr: 1.1.1.1/255.255.255.255  port: 1701  protocol: udp
        dest addr: 1.1.1.2/255.255.255.255  port: 1701  protocol: udp

    [Inbound ESP SAs]
      SPI: 3578415966 (0xd54a4b5e)
      Connection ID: 219043332098
      Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
      SA duration (kilobytes/sec): 250000/3600
      SA remaining duration (kilobytes/sec): 249789/3145
      Max received sequence-number: 1901
      Anti-replay check enable: Y
      Anti-replay window size: 64
      UDP encapsulation used for NAT traversal: Y
      Status: Active

    [Outbound ESP SAs]
      SPI: 1413542712 (0x5440f338)
      Connection ID: 210453397507
      Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
      SA duration (kilobytes/sec): 250000/3600
      SA remaining duration (kilobytes/sec): 249997/3145
      Max sent sequence-number: 65
      UDP encapsulation used for NAT traversal: Y
      Status: Active

PC使用iNode，修改为隧道模式。