The problem with this setup is it requires the return path to be the same as the forward path.
So if you NAT a port coming on on site1 from the Internet, and the internal host is at site2, then the return traffic for that NAT session must come back over the AutoVPN tunnel to site1 and go out that Internet connection. It can not use the local Internet break out. This usually prevents the use of NAT as you describe.
If you were using AutoVPN this means site2 would have to be using a full tunnel to site1.