Routing from VPN client to Site B of Site-to-Site tunnel

i’m trying to figure out how to make right routing for my situation:

I have ipsec tunnel Site-to-Site. One end (Side b) got dynamic IP and and not able to receive any dynamic VPN clients (security issue). On Side A of tunnel i have VPN server (l2tp/ipsec) for dynamic VPN clients. What should i do to let dynamic VPN clients from Side A access LAN of Side B? Any thoughts?

i ‘ve created ipsec policy on both Side A and Side B for Side A’ VPN clients subnet and created Firewall rule to bypass NAT (src-nat accept), but still no luck.

i got it, need no help.