I'm not sure what you are saying. The local-address command I posted is used in both route-based and policy-based configurations. I'm using policy-based with 5 IPs on the WAN interface, and I use local-address to specify which IP to use for each IPSEC peer configurations.
It's not clear to me what problem you are trying to solve at the moment. Is it the fact that your tunnels don't come up? Or, is it the fact that they are not using the WAN IP you want them to use.
You wrote, "My first objective is to get the site-to-site connection before I even bother with the routes." Note that the IPSEC tunnel won't come up until you pass "interesting traffic" so I'm not sure your plan to get the tunnel working before setting up the routing is possible.
Maybe it would be easier for you to get a simple policy-based IPSEC vpn working, then add VTI after you have that working.
