I have a setup similar to the following...
ADSL Router (Vigor 2600) (WANIP: Public_IP, INT_IP: 18.104.22.168)
Symantec VPN100 (WAN IP: 22.214.171.124)
(LAN IP: 192.168.0.1)
This configuration works, as the vigor 2600 does the adsl dialing (and as I only have 1 public IP) i have setup the firewall as the DMZ device.
The problem is this, can the symantec100 create IPSEC site-site tunnels if I have 2 sites using this configuration (ie natted DMZ host-nattedDMZ host) ? I do no understand the symantec's particulary well so this is the area I need advice.
Also, is this the best way to skin this cat ?, ie only 1 IP, using an ADSL router with a beefy firewall behind it ?