the Goal i'm trying to achieve is having a Cisco outer 2801 (which is the internet ip: 75.150.67.105) open a port 3001 tcp to give internet to another cisco device with a IP of 172.16.8.40

interface FastEthernet0/0
ip address 75.150.67.105 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
zone-member security public
duplex auto
speed auto
crypto map vpn

I've try doing NAT, below is what i've try so far:




 

access-list 1 permit 170.163.0.0 0.0.255.255
access-list 1 remark for Telnet & SNMP Restrictions
access-list 1 permit 172.16.8.0 0.0.3.255
access-list 7 permit 172.16.8.40
access-list 7 permit 172.16.8.41
access-list 7 permit 172.16.8.42
access-list 7 permit 172.16.8.43access-list 10 permit 75.150.67.105
access-list 20 permit 170.163.128.202
access-list 102 deny   ip any 10.0.0.0 0.255.255.255
access-list 102 deny   ip any 172.16.0.0 0.15.255.255
access-list 102 deny   ip any 192.168.0.0 0.0.255.255
access-list 102 permit ip 172.16.0.0 0.0.15.255 any
access-list 102 permit ip 172.16.0.0 0.15.255.255 any
access-list 110 permit ip any any
access-list 111 permit ip 172.16.251.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 111 deny   ip any any

ip local policy route-map LocalPBR
ip local pool vpn_ip 172.16.251.10 172.16.251.20
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip nat inside source static tcp 172.16.8.40 3001 172.16.250.1 3001 
ip nat inside source route-map NAT-HFC interface FastEthernet0/0 overload
ip nat inside source route-map NAT-OPT interface Vlan413 overload
ip route 0.0.0.0 0.0.0.0 75.150.67.106 track 3
ip route 0.0.0.0 0.0.0.0 170.163.128.201 5

thanks in advance