I have planned out a DMVPN deployment for use as backup links into our main datacenter if our remote branches were to go down. I am just having some trouble trying to place my DMVPN hub router on our corporate network. We have a T-1 feeding into a T-1 router, and behind that is a PIX 515 firewall, which then in turn plugs into our corporate switch. I know the hub router has to have a public IP address, and I thought about placing our hub router behind the firewall, and do a nat translation to the inside IP address, BUT this is a router and I need to different networks on both sides of the router....any help on this design would be appreciated. Thanks.