I have searched for a long time to find a solution to force a VPN to use UDP Port 4500 (vs. ESP) traffic. I have run into a few times ESP traffic being blocked internationally, whereas UDP 4500 seems fine.
With no software tool to make this happened, I figured out what I think is a workaround.
Here is my setup:
Port 15 = public IP / 30 to ISP, zone untrust
Port 13 = 192.168.1.1/30, zone trust
Port 12 = 192.168.1.2/30, zone nat_t, virtual-router nat_t
I add a virtual router (nat_t) with a static default route to 192.168.1.1 and set the external interface for my ike gateway to be port 12. This worked like a charm since the SRX is NAT'ing 192.168.1.2 to the public and forcing UDP 4500 for ESP.
I've searched for a solution for 2+ years and thought I would post it here in case anyone else is looking for this.