This is not a straighforward problem. Since the problem is from the headend, you should focus on headend logging. I suggest logging to a syslog server on the headend so there may be some insight into whats happening around the time the VPN disconnect...
this will reset the counter to zero: clear crypto ipsec sa counters
after that check the ipsec sa encryp/decrypt counters increment.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-cli-reference/A-H/asa-command-ref-A-H/clear-a-to-clear-k-co...