Here is the config....and show cry isa sa

----------------------------------------------------------------------------------------

Dathomir-ASA(config)#  show cry isa sa

There are no IKEv1 SAs

There are no IKEv2 SAs
Dathomir-ASA(config)# 

----------------------------------------------------------------------------------------

Manual NAT Policies (Section 1)
1 (inside) to (outside) source static INSIDE INSIDE   destination static DAN-NETWORK DAN-NETWORK route-lookup
    translate_hits = 0, untranslate_hits = 0

Manual NAT Policies (Section 3)
1 (inside) to (outside) source dynamic any interface  
    translate_hits = 661, untranslate_hits = 0
Dathomir-ASA(config)# 

----------------------------------------------------------------------------------------

!
hostname Dathomir-ASA

names
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address dhcp setroute 
!
interface GigabitEthernet0/1
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/2
 no nameif
 no security-level
 no ip address
!             
interface GigabitEthernet0/3
 nameif inside
 security-level 100
 ip address 192.168.75.1 255.255.255.0 
!
interface Management0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
ftp mode passive
dns server-group DefaultDNS
 domain-name SW.Demers.com
object network DAN-PUB
 host 1.1.1.1
object network NATE-INSIDE
 host 192.168.75.5
object-group network INSIDE
 network-object 192.168.75.0 255.255.255.0
object-group network DAN-NETWORK
 network-object 192.168.75.0 255.255.255.0
access-list INSIDE-IN extended permit ip any any log 
access-list INSIDE-IN extended deny ip any any log 
access-list OUTSIDE-IN extended permit ip object DAN-PUB host 192.168.75.5 log 
access-list VPN-DAN extended permit ip 192.168.75.0 255.255.255.0 192.168.200.0 255.255.255.0 
pager lines 24
logging enable
logging timestamp
logging buffer-size 10000
logging console debugging
logging buffered debugging
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
nat (inside,outside) source static INSIDE INSIDE destination static DAN-NETWORK DAN-NETWORK route-lookup
!
nat (inside,outside) after-auto source dynamic any interface
access-group OUTSIDE-IN in interface outside
access-group INSIDE-IN in interface inside
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL 
http server enable
http 192.168.75.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set TS_ESP_AES256_SHA esp-aes esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
crypto ipsec ikev2 ipsec-proposal DES
 protocol esp encryption des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
 protocol esp encryption 3des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
 protocol esp encryption aes
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
 protocol esp encryption aes-192
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
 protocol esp encryption aes-256
 protocol esp integrity sha-1 md5
crypto map mymap 10 match address VPN-DAN
crypto map mymap 10 set peer 2.2.2.2
crypto map mymap 10 set ikev1 transform-set TS_ESP_AES256_SHA
crypto map mymap 10 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map mymap 10 set reverse-route
crypto map mymap 20 match address VPN-DAN
crypto map mymap 20 set peer 1.1.1.1
crypto map mymap 20 set ikev1 transform-set TS_ESP_AES256_SHA
crypto map mymap 20 set reverse-route
crypto map mymap interface outside
crypto ikev2 policy 5
 encryption aes
 integrity sha
 group 2      
 prf sha
 lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 10
 authentication pre-share
 encryption aes
 hash sha
 group 5
 lifetime 86400
telnet timeout 5
ssh 192.168.75.0 255.255.255.0 inside
ssh timeout 20
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
dhcpd dns 8.8.8.8 4.4.2.2
dhcpd lease 3000
!
dhcpd address 192.168.75.5-192.168.75.5 inside
dhcpd dns 8.8.8.8 4.4.2.2 interface inside
dhcpd option 3 ip 192.168.75.1 interface inside
dhcpd option 6 ip 8.8.8.8 4.4.2.2 interface inside
dhcpd enable inside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DfltGrpPolicy attributes
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN-DAN
username nated password L3LhK0WEjivHU8Xd encrypted privilege 15
tunnel-group 2.2.2.2 type ipsec-l2l
tunnel-group 2.2.2.2 ipsec-attributes
 ikev1 pre-shared-key *****
 ikev2 remote-authentication pre-shared-key *****
 ikev2 local-authentication pre-shared-key *****
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
 ikev1 pre-shared-key *****
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters   
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect http 
!
service-policy global_policy global
prompt hostname context 
no call-home reporting anonymous
call-home
 profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
password encryption aes
Cryptochecksum:5398307065bcf53ecaf5884259f1ea71
: end

-----------------------------------------------------------------------------------------------

DEBUG CRYPTO IKEV1 255

 RECV PACKET from 73.206.149.11
ISAKMP Header
  Initiator COOKIE: fc 30 42 fb 1d 4e be 9f 
  Responder COOKIE: 00 00 00 00 00 00 00 00 
  Next Payload: Security Association
  Version: 1.0
  Exchange Type: Identity Protection (Main Mode)
  Flags: (none)
  MessageID: 00000000
  Length: 172
  Payload Security Association
    Next Payload: Vendor ID
    Reserved: 00
    Payload Length: 60
    DOI: IPsec
    Situation:(SIT_IDENTITY_ONLY)
    Payload Proposal
      Next Payload: None
      Reserved: 00
      Payload Length: 48
      Proposal #: 1
      Protocol-Id: PROTO_ISAKMP
      SPI Size: 0
      # of transforms: 1
      Payload Transform
        Next Payload: None
        Reserved: 00
        Payload Length: 40
        Transform #: 1
        Transform-Id: KEY_IKE
        Reserved2: 0000
        Group Description: Group 5
        Encryption Algorithm: AES-CBC
        Key Length: 256
        Hash Algorithm: SHA1
        Authentication Method: Preshared key
        Life Type: seconds
        Life Duration (Hex): 00 01 51 80 
  Payload Vendor ID
    Next Payload: Vendor ID
    Reserved: 00
    Payload Length: 20
    Data (In Hex): 
      90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 
  Payload Vendor ID
    Next Payload: Vendor ID
    Reserved: 00
    Payload Length: 20
    Data (In Hex): 
      7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 
  Payload Vendor ID
    Next Payload: Vendor ID
    Reserved: 00
    Payload Length: 20
    Data (In Hex): 
      4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f 
  Payload Vendor ID
    Next Payload: None
    Reserved: 00
    Payload Length: 24
    Data (In Hex): 
      40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 
      c0 00 00 00 
Aug 11 08:14:40 [IKEv1]IP = 73.206.149.11, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 172
Aug 11 08:14:40 [IKEv1 DEBUG]IP = 73.206.149.11, processing SA payload
Aug 11 08:14:40 [IKEv1]IP = 73.206.149.11, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + NOTIFY (11) + NONE (0) total length : 100

ISAKMP Header
  Initiator COOKIE: fc 30 42 fb 1d 4e be 9f 
  Responder COOKIE: 4d 0c df a2 6a 57 ec 24 
  Next Payload: Notification
  Version: 1.0
  Exchange Type: Informational
  Flags: (none)
  MessageID: 00000000
  Length: 100
Aug 11 08:14:40 [IKEv1 DEBUG]IP = 73.206.149.11, All SA proposals found unacceptable
Aug 11 08:14:40 [IKEv1]IP = 73.206.149.11, Error processing payload: Payload ID: 1
Aug 11 08:14:40 [IKEv1 DEBUG]IP = 73.206.149.11, IKE MM Responder FSM error history (struct &0xcefbce48)  <state>, <event>:  MM_DONE, EV_ERROR-->MM_START, EV_RCV_MSG-->MM_START, EV_START_MM-->MM_START, EV_START_MM-->MM_START, EV_START_MM-->MM_START, EV_START_MM-->MM_START, EV_START_MM-->MM_START, EV_START_MM
Aug 11 08:14:40 [IKEv1 DEBUG]IP = 73.206.149.11, IKE SA MM:a2df0c4d terminating:  flags 0x01000002, refcnt 0, tuncnt 0
Aug 11 08:14:40 [IKEv1 DEBUG]IP = 73.206.149.11, sending delete/delete with reason message