I have a 1711 router which provides internet and VPN connections for a customer. The problem I'm having is that I want to forward the traffic from a terminated VPN tunnel only out a particular VLan interface and for it not to be routed within the router. ACL's cannot be used as the traffic may need to find it's way via the private networks gateway (ISA server) back to the routers real world ip.
--VLAN 1 10.10.10.1----|
--VLAN 2 220.127.116.11---|--Tunnel 0---