I will be using a Cisco 2801 router and I would like to use NAT with a pool for a site. We will have to support outbound VPN connections of every possible variety (we have no control over what type of VPN our clients will be using). We also need to be able to support as many concurrent VPN connections as we can with the available pool of public IP addresses. It is not unreasonable to expect 300 users all connecting to the same VPN endpoint (although I will try to setup a hardware VPN endpoint onsite for most of those situations).
So, my question is, will I run into any VPNs that will not work if I do setup NAT on the 2801? Normally we simply handout public IP addresses to every user but in this case I want to offer a bit more security using VLANs. To do that I will need to be able to define many subnets for different areas of the property.
Any thoughts are greatly appreciated.