I may be wrong but you cant NAT VPN traffic. Its possible but its a very very problematic setup. Better not to do it at the client level.
We do Lan2Lan(Site To Site), VPN tunnels with all of the sites that are directly affiliated with us(under our ownership). Yet those are a minority. We have so many other remote offices that are not managed by us that use the VPN client to access our network. We HAVE to have the ability for those users to be able to access our network using multiple clients. Nearly all of them don't have a perimeter device capable of handling a site to site tunnel. If all else fails, we can always take the Cisco VPN Concentrator from our old WAN connection all of them currently use, and throw it on our new one. Just configure it, and change the peer addresses on all of the tunnels and we are good to go(this was my initial suggestion but my director enjoys stressing me). That would be too easy though... and we bought the new ASA for our new WAN connection, so we hope to use it for our remotes.