I am attempting to configure VPNs to a large partner network. For this VPN setup, they require the gateway to be two different public IPs. We have two separate /28 subnets of IPs from our ISP. The first one is full and cannot be changed, but is where my egress interface resides.
To elaborate, lets say my first ip block is 1.1.250.112/28 with egress interface at 1.1.250.116
Second IP block is 1.1.250.192/28
The gateway IPs I have available to use for these VPNs are 1.1.250.204 and 1.1.250.205
Options I've though of using are to set two loopback interfaces with 1.1.250.204 and 1.1.250.205 and use these for gateways out, but there is a question of how to best route traffic back into them. Would these best be in the trust or untrust zone? Can you use a MIP on the untrust interface to these loopbacks with the same IP?