Question : route ip addresses over isl vlan on Cisco 3640 to Cisco 1605

Currently have a customer terminating a 128k ISDN connection on a Cisco 802 - http://hawk-systems.com/dave/vlan2.htm (reference 802 config)

We are trying to replace this with an ethernet through a connection we have with Bell for our DSL service.  Bell terminates an ATM connection into our rack on a 2900, and turns it into ethernet which then goes into our Cisco 3640.  Over this we terminate all the VLANs from the various bell boxes over which the l2tp tunnels for the DSL come across -http://hawk-systems.com/dave/vlan2.htm (reference 3640 config)

Bell has provisioned a ethernet service to the customer in the same fasion, terminating into a 2600(or something) and turning it into an ethernet connection, that we will terminate into a Cisco 1605R.  All this done over a private VLAN for this customer on our end. (see 3640 config, FastEth3/1.34).

We need to route a similar sized IP block, as in the 802 config, to the customer over this vlan.  From the block we currently have available on the 3640, the 69.28.227.80 255.255.255.248 block was selected as can be seen from the route command in the 3640 config.  

We are stumbling on two things...  
1) we can't assign an IP address in the 69.28.227.80 255.255.255.248 block to the FastEth3/1.34 or set it as ip unnumbered, we get errors of either;
    nistorrtr1(config-subif)#ip address 69.28.227.81 255.255.255.248
    69.28.227.80 overlaps with FastEthernet3/0
or
    nistorrtr1(config-subif)#ip unnumbered fast3/1
    Point-to-point (non-multi-access) interfaces only

Correct me if I am wrong, but if we don't have IP on that interface, nothing gets routed.

2) once we have those IP addresses, using the existing 802 config as a template, we will need to know how to receive the addresses or the block and route accordingly on the 1605R.

First time using Experts Exchange...  look forward to some insight.  If any further explanation or rephrasing is required, let me know.  Given the difficulty we have had with this on our end, and the multiple aspect of the question, max points asigned.

Answer : route ip addresses over isl vlan on Cisco 3640 to Cisco 1605

yes, using an RFC1918 (10./24, 172.16./12, 192.168./16) address between the two routers will be fine.

You'll end up with this (my poor attempt at ascii drawing will probably wrap over multiple lines, but hopefully you'll get the idea):

3640-fa3/1.34 (192.168.1.1/24) ---- switch1 ---- (192.168.1.2/24) eth0-1605-eth1 (69.28.227.1/25) ---- switch2 ---- (69.28.227.2/25) - customer firewall

also connect the customer VPN server to switch2 with an IP address of 69.28.227.3/25

on your 3640 router, you'll need a route statement:
 # ip route 69.28.227.0 255.255.255.128 192.168.1.2

Yes the IP address range will be globally routable. It will be sent to your router by your ISP and then your router knows to send it to their router (even though it is using private IP addresses to do this). The only thing that won't be accesible from the internet is the eth0 port of the 1605 router as it doesn't have a real IP address. This isn't a problem though as it has a real address on its other ethernet port, so you can get to that IP address if you need to manage the router from the Internet.

Given that you've said that "The customer requires at least two routable IP addresses inside their network", why are you adverse to subnetting the block ? You can subnet it however you want to give them up to 62 useable IP addresses in a single block and then allow you to use real addresses for the connection between the two routers. Yes it will waste some IP addresses if you subnet, but if you are going to route 128 IP addresses to them and they're only going to use 3-4 of them, the rest are being wasted anyway.
Random Solutions  
 
programming4us programming4us