Well Im a "certified cisco firewall specialist" and have setup several hundred VPNs but Im not sure what you are saying? Are you setting up a site to site VPN between two routers? If so then you only have to do a 1-1 NAT if you have overlapping IP address schemes at both sites. for instance if you have 2 sites that both have 192.168.1.0/24 networks and computers on each side have the same IP addresses you can do a 1-1 NAT so they see each other by a different address, is this what you are doing? otherwise if you have a site with 192.168.1.0/24 and a site with 192.168.2.0/24 then you configure the VPN and use ACLs to define interesting traffic to go through the tunnel.