Group, I have a new Cisco 1811 that I am trying to get configured in 1 of two ways.1) 2 Vlan's (vlan 10 employee / vlan 20 vendor) FastEth0 connected to the internet with a Public IP (X.Y.X.5). IPSec tunnel brought up to main office and all of vlan 10 routed over it with no NAT. Vlan20 needs to be prevented from accessing the VPN tunnel, but does need direct internet access over FastEth0 via NAT.
2) Second solution same as first, however the FastEth1 interface is also configured with a second public IP (X.Y.X.10) on the same subnet as FastEth0. Thus vlan 20 should be NATed for internet access on FastEth1 while FastEth0 is used for VPN traffic only.
Will either of these configs work and if so are there any example configs. I have the Vlans and VPN working, but can not get the NATing working either way. I'm concerned that one of my ACL's from the VPN config may be interfering with solution 1 which is my ideal config.