VPN to public network

Archived from groups: comp.dcom.vpn (More info?)

Not sure if that subject line says what I really want to do.
I've got a remote office location (currently behind NAT) that I want to extend
a class C subnet to for Active Directory Authentication. Ideally I'd stick a
Domain Controller there and connect it up via VPN, but for various reasons I
can't do this.
So my second thought was simply extend the net to allow the clients in the
remote location to connect to the DC back on the public network (the connection
will be at least a T1).
What I can't figure out is how to get the VPN configured to do this.
Essentially the DCs on are on a public class c network and I'm unsure how to
configure the VPN to route the encrypted stuff to the public net.

Can I set both the public and private IPs to numbers on the same subnet (I'm
guessing this would confuse the routing tables on the VPN box)
Or do I need to configure a single interface (I'm guessing the private one) to
use a public address on the subnet?
Or will this just not work? If that is the case, I'm wondering what
alternatives there are to accomplish this.

After reading several dozen pages of documentation from Cisco, I suspect that
what I'm trying to do is 'remote bridging' but I haven't been able to decipher
if this is possible when one of the VPN tunnel endpoints is a public class C
network. Or if something like the 3000 series concentrator will do what I
want.

--
Brian Heil (319) 335-0675 | Stay Alert! | Technology Services
Systems Administrator/Programmer | Trust No One! | University of Iowa
brian-heil@uiowa.edu | Keep Your Laser Handy | College of Business