I need to make a this VPN on my firewall (outside interface of my firewall is the gateway)

IP distant Endpoint - Ip distant Gateway)---(My Router-My firewall-Ip of my server wish is the my endpoint.

My router has very simple config: it is 2 ports, one port on the internet, another one also with real IP, connected to the firewall. basically there is a default route that forward all the packets to the next hop on the internet (the provider gateway)

i possess 5 ethernet interfaces on my firewall, 3 of them are working: (1 outside with real IP), (1 inside with local ips (PAT) )and (1 intf3 with my second range of real IPs wish i created just for my VPN). I possess 2 ranges of real ips of 6 real ips each.

outside security: 0, inside 100, intf3 6

I already have 1 VPN established between one host on my inside interface and a distant host.

My first problem is that i can't access internet using hosts related to intf3.I don't understand why. The Ips on intf3 are all reals. on the firewall there is default route to my router. on the router a default route to my provider... The internet works fine for my natted interface.

Do i need to use natting to make connection to the outside ?! I mean firewall can be used to isolate networks.

If anyone intersted in helping me, i could provide my config in private.

Thanks