Removing the acl from the crypto map entry would be the simplest and the best way with the least amount of configurations.By removing the acl from the crypto map the asa will no longer encrypt that subnet/host to the peer ip.You may also have to adju...
The access lists on local and remote vpn devices must be mirror images of each other. The acl you removed was part of your site to site cryptomap. You must have had an extra acl that the remote end did not have, thus VPN would not have worked.
not seeing any nat exemption here.
can you do a packet tracer and attach the output using the following:
"pack in in icmp 192.168.1.99 8 0 192.168.2.29 det"
also i see the following config :
split-tunnel-policy excludespecified
split-tunnel-netwo...