I have a public firewall at site 1 with a private subnet behind it.
I have a public router at site 2 with a public firewall with a private subnet behind it.
I have a site-to-site vpn between the site 1 firewall and the site 2 router.
I currently access one resource behind the site 2 firewall with a static mapping.
I have to access other resources behind the site 2 firewall and don't have the available ips to static them all.
I can see that I can terminate the vpn on the firewalls to resolve the problem. Business reasons may not allow me to do that.
Can I terminate the vpn on the router and then route the private traffic through the site 2 firewall without nat?