1-I want to make a VPN site to site, static to dynamic, between main and branch offices.
2- the branch ASA has a dynamic ip address from ISP.
3- the main ASA have two WAN interfaces ,one of them have a dynamic IP and nated behind a TB-link ADSL router (this WAN interface is used for normal internet traffic ).
The other WAN interface is connected to a leased line and has a public static IP which couldn't be used unless you have a route to a specific gateway in the ISP, and this WAN interface I want to use for the VPN connection.
4-on the ASA i have one default route:
route ousdie 0.0.0.0 0.0.0.0 192.168.1.1 1
(192.168.1.1 is the IP of TB-link router)
When the branch trys to make a connection to the public static IP on the main office .the main asa replys through the outside interface. and here is my problem because as I said a main ASA should reply through the same interface (leased line interface )becuase leased line public static ip is unusable unless i forwarded to the specific gateway on the ISP.
I need a way to make the main ASA reply to branch office requests through the leased line interface not through the ouside interface.