hi to all ...
i have an HQ Site and several Branch Sites .. the HQ has an ASA5540 with Static Public IP's on the outside, and Branches Has DSL Lines with 857 router security bundled, any ways the Branch Sites has DSL lines as you all aware the Public IPs is dynamica ..
i have tested to use the HQ as Eazy VPN server and Easy IOS VPN client the Branch router vpn tunnel and test was fine.
the Customer wants to have Site to Site VPN since in L2L-IPSEC tunnel you will reach the Branch PC with their real LAN IP.
giving the Following parameters is site to site VPN applicable in this condition:
1. HQ has and ASA5540 with static Public IP's.
2. Branchs has DSL with Dynamic Public IP's.
3. Customer wants Branch End Servers to be reached by thier Real Local IP.
This is possible and Customer Branch End Servers can be reached by thier Real Local IP.
configure ACL mention that your source network and your destination network.
Apply no NAT for this ACL and make this traffic as interesting traffic.
These all things needs to be done in both ASA as well as your branch router's.
for more information please go through the below link.