If I have some more time later I can go into VPN config.
For the first half of this...
You're missing three obvious things:
- NAT/PAT configuration (ip nat inside, ip nat outside, define an access list to match your internal address space, then ip nat source list <ACL> interface <outside if> overload.
- A default route to the internet. ip route 0.0.0.0 0.0.0.0 dhcp, take the default gateway from DHCP on the outside interface.
- Firewall config, there are too many options here for me to go into. For simple config you probably just want to research CBAC (http://www.cisco.com/c/en/us/td/docs/ios/sec_data_plane/configuration/guide/12_4/sec_data_plane_12_4_book/sec_cfg_content_ac.html) or if you are willing to spend some time (the "current" way would be zone based firewall. (http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/98628-zone-design-guide.html)
I would recommend reorienting yourself with IOS before diving into production environments, get a cheap router and play with it at home because VPN and ZBF config can get complicated.
Cisco Configuration Professional may also help you initially, it's a GUI based config tool. It can make config messy, so I wouldn't recommend it in the long run.
Beyond the above that IP route to 192.168.11.0 doesn't make sense, so I would remove it. Keep in mind that routers add connected routes to their routing table.
Hope this gives you a starting point to work off of.
