A client wants to setup a VPN with us and they want us to traffic  non-RFC1918 (Public IP) address through the tunnel. Is the following config correct or am I missing something?

interface Vlan10

nameif outside

security-level 0

ip address 202.12.184.246 255.255.255.0

!

interface Vlan55

nameif vpn-engine

security-level 100

ip address 172.27.1.246 255.255.255.0

!

object network obj-208.70.238.60 <-- client machine

host 208.70.238.60

object network obj-208.70.238.61 <-- client machine

host 208.70.238.61

object network obj-172.27.41.18   <-- our machine

host 172.27.41.18

object network obj-202.12.184.220  <--non-RFC1918 (Public IP) address

host 202.12.184.220

object-group network SvrGroup

network obj-208.70.238.60

network obj-208.70.238.61

!

access-list nat_vpn-engine extended permit ip object obj-202.12.184.220 object SvrGroup

!

nat (vpn-engine,outside) source static obj-172.27.41.18 obj-202.12.184.220 destination SvrGroup SvrGroup

!

route outside 0.0.0.0 0.0.0.0 202.12.184.1 1

route vpn-engine 172.27.40.0 255.255.252.0 172.27.1.227 1

!

crypto map outside_map 3 match address nat_vpn-engine

crypto map outside_map 3 set pfs

crypto map outside_map 3 set peer 208.70.233.24

crypto map outside_map 3 set ikev1 ESP-AES-256

!

crypto ikev1 policy 20

authentication pre-share

encryption aes-256

hash sha

group 2

lifetime 86400

!

group-policy GroupPolicy4 internal

group-policy GroupPolicy4 attributes

vpn-tunnel-protocol ikev1

tunnel-group 208.70.233.24 type ipsec-l2l

tunnel-group 208.70.233.24 general attributes

default-group-policy GroupPolicy4

tunnel-group 208.70.233.24 ipsec-attributes

ikev1 pre-shared-key *****