I guess I'm a little confused on the setup. You have a firewall with a connection to a local LAN, another connection to customer network(s), and a third connection to the Internet via cable modem?
You have NAT setup to NAT your Local LAN out to the Internet and to the customer network? A customer network device would use the outside IP on the customer network connection to communicate with devices in the Local LAN?
I think it makes more sense to me now.
Provider1 Provider2 | | | | cable modem router (PI space, BGP) | | | |--- Servers | | -------Firewall----- | Clients The clients are on rfc1918 space, or on a small chunk of a block of PI space. For normal web traffic, they get NATed as the outside cable modem IP address on the firewall. For traffic that is to specific places (customer sites), it is routed to the router. For the rfc1918 clients, they are NATed as the PI IP address on the firewall. For the clients that have fully routable PI addresses, they are simply routed normally. Has worked quite well for a long time. -Randy