I can't see any issue with this setup. The Central will have (minumum) three interfaces:
- Clear interface to Internet (int A)
- Tunnel interface to Branch (int B)
- LAN interface (Int C)
The routing table in Central can have a default route (0.0.0.0/0) via Int A and a branch route via Int B. Both routes could be in the same virtual router
The Branch will also have three interfaces:
- Clear interface to Internet (Int A)
- Tunnel interface to Central (int B)
- LAN interface (int C)
In this case you'll have two default routes (0.0.0.0/0). A "public default route" via Int A and a "privade default route" via int B. You just have to put these routes in different Virtual Routers:
Public virtual router with:
* Int A +
* Public default route and
Private virtual router with:
* Int B +
* Int C and
* Private default route
Xavi