I have a vendor that requires us to use public IP's across our VPN tunnel. I have two ranges of public IP's one that I can use for this tunnel and one that is used for our connection to the ISP.
I currently have an ASA setup with and interal network using 192.168.1.0/24 and an outside interface to the ISP.
When a user needs to get to the vendor website, they need to be NAT'd to a public IP and then diverted through the VPN tunnel.
I was going to assign the second IP range to a DMZ and then create the tunnel on the outside interface and use some tricky routing, but I haven't found a good way to do this. Does anyone have a good example of this?