Yes, the /28 they leave it up to me to route from /30 interface to /28. This would not be a problem for me if I had another router to use to assign the /28. But with my very limited experience and knowledge, I am lost on how or where to put this /28 IPs that I can nat to the servers. Now my second problem occurs with figuring out nat. I did as you suggested and created sub interfaces, and assigned IPs to each in their respective subnet. I have tested and can SSH into each IP.

But the nat entry for 62.10.8.182 does not seem to work, as I can not access the test device which is specifically configured at the moment to use this router as default gateway. Would I add 'ip nat outside" on just 0/0/0.1 and leave 0.2 alone? 

interface GigabitEthernet0/0/0.1
encapsulation dot1Q 1 native
ip address 35.55.120.130 255.255.255.248
!
interface GigabitEthernet0/0/0.2
encapsulation dot1Q 2
ip address 62.10.8.177 255.255.255.240
!
interface GigabitEthernet0/0/1
ip address 10.1.1.5 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip nbar protocol-discovery
negotiation auto
vrrp 1 ip 10.1.1.10
vrrp 1 timers advertise 3
vrrp 1 timers learn
vrrp 5 ip 10.1.1.15
vrrp 5 timers advertise 30
vrrp 5 timers learn
vrrp 5 priority 200
!
interface GigabitEthernet0/0/2
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
no negotiation auto
no vrrp 100 preempt
!
interface Vlan1
no ip address
shutdown
!
ip nat inside source static 10.1.1.101 62.10.8.180
ip nat inside source static 10.1.1.102 62.10.8.181
ip nat inside source static 10.1.1.105 62.10.8.182
!
ip route 0.0.0.0 0.0.0.0 35.55.120.129

Ok. How do you plan to route your /28 with your ISP? which protocol?

with that config, you can reach both public IP from internet?

with a design it would be helpful to better understand.

For your nat issue, I don't see ip nat outside on the interface outside.

Do those 2 sub interfaces are connected to your ISP router?

Please share a design and I'll be able to help you.

Thanks

I can ssh to both IPs 35.55.120.130 and 62.10.8.177.i.e the 2 sub interface IPs I have assigned

In the bottom of the diagram in grey box is how I would ideally solve this given my knowledge on the subject. But in the real world here, I have just 1 router to work with that includes not 1, but 2 unique subnets that I need to route to the internal 10.1.1.0/24

On router 1, I have 1 subnet to work with. I nat a host address 75.10.10.5 to 10.1.1.5 which in turn is picked up by the firewall and nat'd to the actual server IP. It works.

Right now on GE 0/0/0 (directly connected to the ISP) I have 2 sub interfaces 0.1 and 0.2 with GE 0/0/1 being my 'inside' interface. 

I am wondering if I should change the 'inside' interface to 2x sub interfaces?

As for any routing protocols like BGP, OPSF...that would be beyond me. I have 0 experience with OPSF and BGP. All I know is the ISP gave me the /30 subnet and said that is what I need to assign to my router interface directly connected to their on premise switch, and from there "I need to route to the /28 myself". 

I did as you suggested, and it worked! I simply never knew I could use a loopback interface for this purpose. 

I created a static route on the firewall to use this 2nd router's VRRP IP to a test firewall at another location, and sure enough I got a site to site tunnel established without problem

Thank you supportlan, this was really appreciated!!

You're very welcome