Cant seem to wrap my head around this one but I'm new to Adtran... 

I have an IPSEC tunnel to another site:

==========================================================================================================

interface eth 0/1

  ip address 74.xx.xx.226 255.255.255.240

  ip access-policy Public

  crypto map VPN

  no shutdown

crypto ike policy 100

  initiate main

  respond main

  local-id address 74.xx.xx.226

  peer 216.xx.xx.xx

  attribute 1

  encryption 3des

  authentication pre-share

  group 2

!

crypto ike remote-id address 216.xx.xx.xx preshared-key 1234567890 ike-policy 100 crypto map VPN 10 no-mode-config no-xauth

=============================================================================================================

Tunnel works fine.

Question 1:

There is a VPN server on the inside that they want for people on the road.  It's a MAC server.  They are asking to forward the same ports I know IKE/IPSEC uses.

Couldn't I just ignore that there is an existing tunnel and add a secondary IP address on the eth 0/1 interface and do the port forwarding as usual on the secondary IP?  Any detail would help.

Question 2:

Will that "crypto map VPN" on the physical interface mess with the secondary IP address on that interface?

Kind of confused.

Thank you!

-Curt