Disable NAT for the subnet that's going across the tunnel.
If you have NAT enabled, it'll try to go out your public interface. If you have a NAT acl, deny your site natting to the other side:
Your side: 10.1.1.0 Theirs: 10.20.5.0
deny ip 10.1.1.0 0.0.0.255 10.20.5.0 0.0.0.255
permit ip 10.1.1.0 0.0.0.255 any
The last line allows your side to NAT anywhere else.
HTH
John
HTH,
John
*** Please rate all useful posts ***