Ok the story so far.
Started off with 2 routers behind a firewall. The firewall separates them from the 192.168.1.0 local LAN.
Both routers have external internet ip addresses on their LAN and WAN interfaces.
One router is for internet access. all hosts on the local LAN have the firewall as their default gateway.
The firewall in turn points to the first router for its gateway to the internet.
The 2nd router terminates 2 vpn's from the routers of 2 very small branch offices.
What I have done.
replaced the 2nd router with an 877.
copied the config across from the 837.
moved it so that is no longer behind the firewall,and is now directly connected to the LAN, and has a 192.168.1.15 LAN address.
I have updated the vlan1 interface ip and subnet settings to reflect this.
Do I need to do anything else?
Do I need to do anything to the NAT or PAT configuration?
Inspections for the internal LAN?
The 877 is just there to terminate the 2 VPNs.
host on the local 192.168.1.0 netowrk need to be able to get to the hosts on the 2 vpn networks. (192.168.8.0, and 192.168.64.0)
hosts from the 2 VPN netowrks need to be able to get to host on the local LAN.
Have attached a sanitised copy of the config so far...
Can someone have a read through and tell me what I have missed?