1: If your VPN FW has public IP then why are you doing any NAT on the DMZ firewall?
2: If you are using any secondary IP on VPN FW firewall and want it to respond ato any traffic destined to it then better way is to configure it on any loopback interface or on any subinterface with the VLN tagging.
Thanks,
VIkas