I would like to start a discussion on the best way to implement Site to Site VPN's in a non standard networking environment.
At the moment we have a Cisco 2911 ISR at our Head Quarters building set up as a zone based firewall. This router has a static public IP address. We then have a number of small office using Draytek 2820 routers with a dynamic public IP address. The Draytek routers dial into the Cisco router to create a site to site VPN. We have the Tunnels set up using a Crypto Maps.
This seems to work OK to start with but the more tunnels we add the more unstable it seems to become and then tunnels seem to drop out and not come back up.
What do other people recommend for this type of situation?