Currently, we have a business internet account (via AT&T) with a Netopia router bridged to a CradlePoint MBR1200 to provide for EVDO failover capability. We are looking to open the CradlePoint up totally (i.e., no NAT, DHCP, Firewall) etc.., and have it connect directly to the WAN port of our Cisco SA 540. The private IP of the MBR1200 is currently 192.168.1.1 (which we would like to leave at). Provided that the MBR1200 is serving basically as a switch from the Netopia/Internet, is it feasible to set the Cisco SA540's IP to 192.168.1.3, enable VPN, DHCP, NAT, etc...to provide for our LAN. If so, what should our gateway and dns be set to (currently both are set to 192.168.1.1). If there's a better solution (given the hardware that we have), please share your thoughts. Also, as we are running a Windows 2008 Server/AD, what would be the benefit of using RADIUS for VPN as opposed to just Active Directory combined with VPNSSL (local accounts). I'm in a bit of a pickle, as I cannot test (24/7 uptime required) prior to implementation...and even then, I have only a two hour window to accomplish this task. Any and all suggestions/hints/ideas are both welcome and appreciated.
p.s., FWIW, I have a block of public IP addresses for use as needed...thanks again.