Hello,
There could be different designs to achive this.
The simplest way to do this is by implementing ACLs where appropriate.
1. Of course, you need to allocate a separate L3 subnet for the Company B employee at Company A location.
2. On Wan interfaces you put ACL to allow:
- Company A to reach Company B resources;
- Company B employee at Company A location to reach Company B resources;
3. On L3 interface at Company A location towards Company B employee put ACL to allow:
- him to reach Company B resources;
- him to reach Company A resource;
4. Type of routing does not matter. Even static will do, if there are only a few subnets. But any dynamic routing is better (e.g. OSPF or EIGRP), since networks tend to grow and dynamic routing provides resilience;
5. No need for NAT, as NAT is needed if network ranges overlap or you need to change/hide IP addresses.
6. L3 devices are needed, of course at both locations;
7. IP addresses and DNS are provided via DHCP, so you would need a DHCP server (could be configured on Cisco routers);
8. Not sure about VPN access - there are too many ways it could be organazed.
Thanks,
Igor