Public IP block routing through single WAN IP

Question

Installed Comcast Metro E fiber Internet connection. Was unable to use Sophos UTM as I could not turn up an IPSec point to point tunnel on an additional IP. 
 Sophos recommended installing XG firmware on the SG230 firewall as it will allow tunnels on additional IPs. 
 I am at a loss how to set up the configuration per Comcast recommendation here.

Aditya Patel · Answer

Hello Chuckak , 
 As per my understanding from the diagram, I would see that there is one connection to Comcast network from the customer's premise. I would like to know do you plan to connect to a different router at the same time or active failover type of connection? 
 The WAN is not direct public facing and is NATTED to a private address so you would need to initiate the connection from Customer's premise.

Aditya Patel · Answer

Hello Chuckak , 
 Since you have multiple addresses you wish to route through your main. Your WAN connection will have an option to add an alias to the main interface. But it will rely outgoing traffic through the main by default and can be changed by configuring SNAT and apply on your firewall rules. 
 If inbound traffic i.e. DNAT you can use any alias on your WAN interface.