Ok thanks much progress!  Still can't ping. Crypto Tunnel is up not sure if it was fully.  Here is new config and output of show commands at the end of each config.

AGI#show run
Building configuration...

Current configuration : 7180 bytes
!
! Last configuration change at 15:13:22 UTC Tue Aug 6 2019
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AGI
!
boot-start-marker
boot-end-marker
!
!
enable 
!
aaa new-model
!
!
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_1 local
!
!
!
!
!
aaa session-id common
!
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.16.0.1 172.16.0.150
!
ip dhcp pool local
import all
network 172.16.0.0 255.255.0.0
default-router 172.16.0.1
dns-server 172.16.0.46 172.16.0.41
lease infinite
!
!
!
ip dhcp snooping vlan 1
ip dhcp snooping information option allow-untrusted
ip dhcp snooping
ip domain name agirouter.biz
ip name-server 99.197.99.99
ip multicast-routing
ip inspect name CCP_LOW dns
ip inspect name CCP_LOW ftp
ip inspect name CCP_LOW h323
ip inspect name CCP_LOW sip
ip inspect name CCP_LOW https
ip inspect name CCP_LOW icmp
ip inspect name CCP_LOW imap
ip inspect name CCP_LOW pop3
ip inspect name CCP_LOW netshow
ip inspect name CCP_LOW rcmd
ip inspect name CCP_LOW realaudio
ip inspect name CCP_LOW rtsp
ip inspect name CCP_LOW esmtp
ip inspect name CCP_LOW sqlnet
ip inspect name CCP_LOW streamworks
ip inspect name CCP_LOW tftp
ip inspect name CCP_LOW tcp
ip inspect name CCP_LOW udp
ip inspect name CCP_LOW vdolive
ip cef
no ip igmp snooping
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-1742995674
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1742995674
revocation-check none
rsakeypair TP-self-signed-1742995674
!
!
crypto pki certificate chain TP-self-signed-1742995674
license udi pid CISCO2921/K9 sn FTX1523AH87
!
!

!
!
!
!
!
!
class-map match-any output
match destination-address mac A4BA.DBFD.13BA
class-map match-any mac_suspend
match source-address mac A4BA.DBFD.13BA
!
policy-map block_output
class output
drop
policy-map block
class mac_suspend
drop
!
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key data address 12.226.164.221
crypto isakmp keepalive 10
!
crypto isakmp client configuration group autogen
key letmeoutplease
pool SDM_POOL_1
acl 110
crypto isakmp profile cisco-ike-profile-1
match identity group autogen
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-aes esp-sha-hmac
mode tunnel
crypto ipsec transform-set ESP-AES esp-aes esp-sha-hmac
mode tunnel
!
crypto ipsec profile CiscoCP_Profile1
set security-association idle-time 86400
set transform-set ESP-3DES-SHA
set isakmp-profile cisco-ike-profile-1
!
!
!
crypto map CMAP 10 ipsec-isakmp
set peer 12.226.164.221
set transform-set ESP-3DES-SHA
match address VPN-TRAFFIC
!
!
!
!
!
interface Loopback0
no ip address
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-WAN$$FW_OUTSIDE$
ip address 12.226.164.218 255.255.255.248
ip access-group 102 in
ip nat outside
ip inspect CCP_LOW out
ip virtual-reassembly in
ip verify unicast reverse-path
duplex auto
speed 1000
crypto map CMAP
!
interface GigabitEthernet0/1
description $ETH-LAN$$FW_INSIDE$
ip address 172.16.0.1 255.255.0.0
ip access-group 101 in
ip directed-broadcast
ip pim sparse-dense-mode
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
vlan-id dot1q 1
exit-vlan-config
!
service-policy input block
service-policy output block_output
!
interface GigabitEthernet0/1.20
shutdown
!
interface GigabitEthernet0/1.30
shutdown
!
interface GigabitEthernet0/1.40
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel source GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
!
ip local pool SDM_POOL_1 172.17.0.1 172.17.0.252
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
no ip nat service sip tcp port 5060
no ip nat service sip udp port 5060
ip nat pool NATPOOL 172.16.0.151 172.16.255.255 netmask 255.255.0.0
ip nat inside source list 109 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 12.226.164.217
ip route 10.10.10.0 255.255.255.0 GigabitEthernet0/0
!
ip access-list extended VPN-TRAFFIC
permit ip 172.16.0.0 0.0.255.255 10.10.10.0 0.0.0.255
!
no cdp run
!
!
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 172.16.0.0 0.0.255.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 172.16.0.0 0.0.255.255
access-list 70 permit 172.16.0.0 0.0.255.255
access-list 70 deny 192.168.0.0 0.0.255.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by CCP firewall configuration
access-list 101 remark CCP_ACL Category=1
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 103 deny ip any host 199.191.50.73
access-list 103 deny tcp any any eq 3478
access-list 103 permit ip any any
access-list 109 deny ip 172.16.0.0 0.0.255.255 10.10.10.0 0.0.0.255
access-list 109 permit ip 172.16.0.0 0.0.255.255 any
access-list 110 permit ip 172.16.0.0 0.0.255.255 172.17.0.0 0.0.255.255
access-list 111 deny ip 172.16.0.0 0.0.255.255 172.17.0.0 0.0.255.255
access-list 111 permit ip any any
access-list 112 deny tcp any any eq 3478
access-list 112 permit ip any any
access-list 113 deny ip 172.16.0.0 0.0.255.255 10.10.10.0 0.0.0.255
access-list 113 permit ip 172.16.0.0 0.0.255.255 any
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output none
stopbits 1
line vty 0 4
access-class 70 in
privilege level 15
transport input none
!
scheduler allocate 20000 1000
!
end

AGI#

Interface: GigabitEthernet0/0
Session status: UP-ACTIVE
Peer: 12.226.164.221 port 500
Session ID: 0
IKEv1 SA: local 12.226.164.218/500 remote 12.226.164.221/500 Active
IPSEC FLOW: permit ip 172.16.0.0/255.255.0.0 10.10.10.0/255.255.255.0
Active SAs: 2, origin: crypto map

AGI#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
12.226.164.218 12.226.164.221 QM_IDLE 1152 ACTIVE

interface: GigabitEthernet0/0
Crypto map tag: CMAP, local addr 12.226.164.218

protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
current_peer 12.226.164.221 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 160, #pkts encrypt: 160, #pkts digest: 160
#pkts decaps: 5, #pkts decrypt: 5, #pkts verify: 5
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0

Router#show run
Building configuration...

Current configuration : 6061 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$CEIS$GMRtfe7IvkNMWV4YrcBPA/
!
aaa new-model
!
!
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_1 local
!
aaa session-id common
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.75
!
ip dhcp pool Local
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 8.8.8.8
lease infinite
!
!
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip inspect name CCP_LOW cuseeme
ip inspect name CCP_LOW dns
ip inspect name CCP_LOW ftp
ip inspect name CCP_LOW h323
ip inspect name CCP_LOW sip
ip inspect name CCP_LOW https
ip inspect name CCP_LOW icmp
ip inspect name CCP_LOW imap
ip inspect name CCP_LOW pop3
ip inspect name CCP_LOW netshow
ip inspect name CCP_LOW rcmd
ip inspect name CCP_LOW realaudio
ip inspect name CCP_LOW rtsp
ip inspect name CCP_LOW esmtp
ip inspect name CCP_LOW sqlnet
ip inspect name CCP_LOW streamworks
ip inspect name CCP_LOW tftp
ip inspect name CCP_LOW tcp
ip inspect name CCP_LOW udp
ip inspect name CCP_LOW vdolive
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
crypto pki trustpoint TP-self-signed-1742995674
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1742995674
revocation-check none
rsakeypair TP-self-signed-1742995674
!
!

!
!
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key data address 12.226.164.218
crypto isakmp keepalive 10
!
crypto isakmp client configuration group autogen
key letmein
pool SDM_POOL_1
acl 110
crypto isakmp profile cisco-ike-profile-1
match identity group autogen
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES esp-aes esp-sha-hmac
!
crypto ipsec profile CiscoCP_Profile1
set security-association idle-time 86400
set transform-set ESP-3DES-SHA
set isakmp-profile cisco-ike-profile-1
!
!
crypto map CMAP 10 ipsec-isakmp
set peer 12.226.164.218
set transform-set ESP-AES
match address VPN-TRAFFIC
!
!
!
interface Loopback0
no ip address
!
interface FastEthernet0/0
description $ETH-WAN$$FW_OUTSIDE$
no ip dhcp client request tftp-server-address
ip address 12.226.164.221 255.255.255.248
ip access-group 102 in
ip verify unicast reverse-path
ip nat outside
ip inspect CCP_LOW out
ip virtual-reassembly
duplex auto
speed auto
crypto map CMAP
!
interface FastEthernet0/1
description $ETH-LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/0/0
!
interface FastEthernet0/0/1
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface FastEthernet0/1/0
!
interface FastEthernet0/1/1
!
interface FastEthernet0/1/2
!
interface FastEthernet0/1/3
!
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet0/0
tunnel source FastEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
!
interface Vlan1
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 12.226.164.217
ip route 172.16.0.0 255.255.0.0 FastEthernet0/0
!
!
no ip http server
no ip http secure-server
no ip nat service sip tcp port 5060
no ip nat service sip udp port 5060
ip nat pool NATPOOL 10.10.10.0 10.10.10.255 netmask 255.255.255.0
ip nat inside source list 111 interface FastEthernet0/0 overload
!
ip access-list extended BLOCK_FACEBOOK
ip access-list extended VPN-TRAFFIC
permit ip 10.10.10.0 0.0.0.255 172.16.0.0 0.0.255.255
!
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 10.10.10.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 216.70.254.72 0.0.0.7 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by CCP firewall configuration
access-list 101 remark CCP_ACL Category=1
access-list 101 deny ip 216.70.254.72 0.0.0.7 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 102 remark auto generated by CCP firewall configuration
access-list 102 remark CCP_ACL Category=1
access-list 102 deny ip 10.10.10.0 0.0.0.255 any
access-list 102 permit icmp any host 216.70.254.77 echo-reply
access-list 102 permit icmp any host 216.70.254.77 time-exceeded
access-list 102 permit icmp any host 216.70.254.77 unreachable
access-list 102 permit udp any 216.70.254.0 0.0.0.255 eq isakmp
access-list 102 permit udp any 216.70.254.0 0.0.0.255 eq non500-isakmp
access-list 102 permit udp any 72.203.225.0 0.0.0.255 eq isakmp
access-list 102 permit udp any 72.203.225.0 0.0.0.255 eq non500-isakmp
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 deny ip 192.168.0.0 0.0.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 permit udp any any eq isakmp
access-list 110 permit ip 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 111 deny ip 10.10.10.0 0.0.0.255 172.16.0.0 0.0.255.255
access-list 111 permit ip 10.10.10.0 0.0.0.255 any
access-list 111 permit ip any any
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
transport input ssh
!
scheduler allocate 20000 1000
end

Router#

Router# show crypto session
Crypto session current status

Interface: FastEthernet0/0
Session status: UP-ACTIVE
Peer: 12.226.164.218 port 500
IKE SA: local 12.226.164.221/500 remote 12.226.164.218/500 Active
IPSEC FLOW: permit ip 10.10.10.0/255.255.255.0 172.16.0.0/255.255.0.0
Active SAs: 2, origin: crypto map

Router#show crypto ipsec sa

interface: FastEthernet0/0
Crypto map tag: CMAP, local addr 12.226.164.221

protected vrf: (none)
local ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (172.16.0.0/255.255.0.0/0/0)
current_peer 12.226.164.218 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 30, #pkts encrypt: 30, #pkts digest: 30
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 1, #recv errors 0

local crypto endpt.: 12.226.164.221, remote crypto endpt.: 12.226.164.218
path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/0
current outbound spi: 0x24F495A5(620008869)

inbound esp sas:
spi: 0xF74A6839(4148848697)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 3001, flow_id: FPGA:1, crypto map: CMAP
sa timing: remaining key lifetime (k/sec): (4431145/2936)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE

inbound ah sas:

inbound pcp sas:

outbound esp sas:
spi: 0x24F495A5(620008869)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 3002, flow_id: FPGA:2, crypto map: CMAP
sa timing: remaining key lifetime (k/sec): (4431145/2929)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE

outbound ah sas:

outbound pcp sas:
Router#

Router#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 12.226.164.217 to network 0.0.0.0

S 172.16.0.0/16 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/1
12.0.0.0/29 is subnetted, 1 subnets
C 12.226.164.216 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 12.226.164.217
Router#

Here are debugs for isakmp and a before and after for a ping of encrypts and decrypts (the decrypts are incremented not sure what this means).  I took out a static route on both routers before this progress.

*Aug 6 16:47:16.489: ISAKMP: DPD received KMI message.
*Aug 6 16:47:16.489: ISAKMP: set new node 1918545926 to QM_IDLE
*Aug 6 16:47:16.489: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 1918545926
*Aug 6 16:47:16.489: ISAKMP:(1152): seq. no 0x7DAFD766
*Aug 6 16:47:16.489: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:47:16.489: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:47:16.489: ISAKMP:(1152):purging node 1918545926
*Aug 6 16:47:16.493: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:47:16.493: ISAKMP: set new node 22182466 to QM_IDLE
*Aug 6 16:47:16.493: ISAKMP:(1152): processing HASH payload. message ID = 22182466
*Aug 6 16:47:16.493: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 22182466, sa = 0x3C3AE144
*Aug 6 16:47:16.493: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD766
*Aug 6 16:47:16.493: ISAKMP:(1152):deleting node 22182466 error FALSE reason "Informational (in) state 1"
*Aug 6 16:47:16.493: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:47:16.493: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

AGI#ping 10.10.10.1 source f0/0
^
% Invalid input detected at '^' marker.

AGI#ping 10.10.10.1 source f0/
*Aug 6 16:47:54.133: %FW-5-POP3_INVALID_COMMAND: Invalid POP3 command from initiator (172.16.2.157:61552): Invalid verb
*Aug 6 16:47:54.277: %FW-5-POP3_INVALID_COMMAND: Invalid POP3 command from initiator (172.16.2.157:61552): Invalid verb1
AGI#ping 10.10.10.1 source f0/1
^
% Invalid input detected at '^' marker.

AGI#
*Aug 6 16:47:57.449: ISAKMP: DPD received KMI message.
*Aug 6 16:47:57.449: ISAKMP: set new node 1989884331 to QM_IDLE
*Aug 6 16:47:57.449: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 1989884331
*Aug 6 16:47:57.449: ISAKMP:(1152): seq. no 0x7DAFD767
*Aug 6 16:47:57.449: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:47:57.449: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:47:57.449: ISAKMP:(1152):purging node 1989884331
*Aug 6 16:47:57.453: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:47:57.453: ISAKMP: set new node -1949685511 to QM_IDLE
*Aug 6 16:47:57.453: ISAKMP:(1152): processing HASH payload. message ID = 2345281785
*Aug 6 16:47:57.453: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 2345281785, sa = 0x3C3AE144
*Aug 6 16:47:57.453: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD767
*Aug 6 16:47:57.453: ISAKMP:(1152):deleting node -1949685511 error FALSE reason "Informational (in) state 1"
*Aug 6 16:47:57.453: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:47:57.453: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE
ping 10.10.10.1 source g0/1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
.
*Aug 6 16:48:06.493: ISAKMP:(1152):purging node 22182466.
*Aug 6 16:48:09.225: ISAKMP: DPD received KMI message.
*Aug 6 16:48:09.225: ISAKMP: set new node 1798550935 to QM_IDLE
*Aug 6 16:48:09.225: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 1798550935
*Aug 6 16:48:09.225: ISAKMP:(1152): seq. no 0x7DAFD768
*Aug 6 16:48:09.225: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:48:09.225: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:48:09.225: ISAKMP:(1152):purging node 1798550935
*Aug 6 16:48:09.229: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:48:09.229: ISAKMP: set new node -492074518 to QM_IDLE
*Aug 6 16:48:09.229: ISAKMP:(1152): processing HASH payload. message ID = 3802892778
*Aug 6 16:48:09.229: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 3802892778, sa = 0x3C3AE144
*Aug 6 16:48:09.229: ISAKMP:(1152): DPD/R_U_THERE_ACK receive.d from peer 12.226.164.221, sequence 0x7DAFD768
*Aug 6 16:48:09.229: ISAKMP:(1152):deleting node -492074518 error FALSE reason "Informational (in) state 1"
*Aug 6 16:48:09.229: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:48:09.229: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE
..
Success rate is 0 percent (0/5)
AGI#
*Aug 6 16:48:19.977: ISAKMP: DPD received KMI message.
*Aug 6 16:48:19.977: ISAKMP: set new node -1063001905 to QM_IDLE
*Aug 6 16:48:19.977: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 3231965391
*Aug 6 16:48:19.977: ISAKMP:(1152): seq. no 0x7DAFD769
*Aug 6 16:48:19.977: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:48:19.977: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:48:19.977: ISAKMP:(1152):purging node -1063001905
*Aug 6 16:48:19.981: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:48:19.981: ISAKMP: set new node 152529732 to QM_IDLE
*Aug 6 16:48:19.981: ISAKMP:(1152): processing HASH payload. message ID = 152529732
*Aug 6 16:48:19.981: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 152529732, sa = 0x3C3AE144
*Aug 6 16:48:19.981: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD769
*Aug 6 16:48:19.981: ISAKMP:(1152):deleting node 152529732 error FALSE reason "Informational (in) state 1"
*Aug 6 16:48:19.981: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:48:19.981: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

*Aug 6 16:48:47.453: ISAKMP:(1152):purging node -1949685511
*Aug 6 16:48:56.841: ISAKMP: DPD received KMI message.
*Aug 6 16:48:56.841: ISAKMP: set new node 1202099634 to QM_IDLE
*Aug 6 16:48:56.841: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 1202099634
*Aug 6 16:48:56.841: ISAKMP:(1152): seq. no 0x7DAFD76A
*Aug 6 16:48:56.841: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:48:56.841: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:48:56.841: ISAKMP:(1152):purging node 1202099634
*Aug 6 16:48:56.845: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:48:56.845: ISAKMP: set new node -1760272497 to QM_IDLE
*Aug 6 16:48:56.845: ISAKMP:(1152): processing HASH payload. message ID = 2534694799
*Aug 6 16:48:56.845: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 2534694799, sa = 0x3C3AE144
*Aug 6 16:48:56.845: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD76A
*Aug 6 16:48:56.845: ISAKMP:(1152):deleting node -1760272497 error FALSE reason "Informational (in) state 1"
*Aug 6 16:48:56.845: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:48:56.845: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

*Aug 6 16:48:57.433: %FW-5-POP3_INVALID_COMMAND: Invalid POP3 command from initiator (172.16.2.157:61557): Invalid verb
*Aug 6 16:48:57.573: %FW-5-POP3_INVALID_COMMAND: Invalid POP3 command from initiator (172.16.2.157:61557): Invalid verb
*Aug 6 16:48:59.229: ISAKMP:(1152):purging node -492074518
*Aug 6 16:49:09.649: ISAKMP: DPD received KMI message.
*Aug 6 16:49:09.649: ISAKMP: set new node -1309801177 to QM_IDLE
*Aug 6 16:49:09.649: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 2985166119
*Aug 6 16:49:09.649: ISAKMP:(1152): seq. no 0x7DAFD76B
*Aug 6 16:49:09.649: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:49:09.649: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:49:09.649: ISAKMP:(1152):purging node -1309801177
*Aug 6 16:49:09.653: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:49:09.653: ISAKMP: set new node -1648836503 to QM_IDLE
*Aug 6 16:49:09.653: ISAKMP:(1152): processing HASH payload. message ID = 2646130793
*Aug 6 16:49:09.653: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 2646130793, sa = 0x3C3AE144
*Aug 6 16:49:09.653: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD76B
*Aug 6 16:49:09.653: ISAKMP:(1152):deleting node -1648836503 error FALSE reason "Informational (in) state 1"
*Aug 6 16:49:09.653: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:49:09.653: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

*Aug 6 16:49:09.981: ISAKMP:(1152):purging node 152529732
*Aug 6 16:49:20.913: ISAKMP: DPD received KMI message.
*Aug 6 16:49:20.913: ISAKMP: set new node 50548888 to QM_IDLE
*Aug 6 16:49:20.913: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 50548888
*Aug 6 16:49:20.913: ISAKMP:(1152): seq. no 0x7DAFD76C
*Aug 6 16:49:20.913: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:49:20.913: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:49:20.913: ISAKMP:(1152):purging node 50548888
*Aug 6 16:49:20.917: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:49:20.917: ISAKMP: set new node 741780742 to QM_IDLE
*Aug 6 16:49:20.917: ISAKMP:(1152): processing HASH payload. message ID = 741780742
*Aug 6 16:49:20.917: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 741780742, sa = 0x3C3AE144
*Aug 6 16:49:20.917: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD76C
*Aug 6 16:49:20.917: ISAKMP:(1152):deleting node 741780742 error FALSE reason "Informational (in) state 1"
*Aug 6 16:49:20.917: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:49:20.917: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

*Aug 6 16:49:40.369: ISAKMP: DPD received KMI message.
*Aug 6 16:49:40.369: ISAKMP: set new node -57109272 to QM_IDLE
*Aug 6 16:49:40.369: ISAKMP:(1152):Sending NOTIFY DPD/R_U_THERE protocol 1
spi 567945480, message ID = 4237858024
*Aug 6 16:49:40.369: ISAKMP:(1152): seq. no 0x7DAFD76D
*Aug 6 16:49:40.369: ISAKMP:(1152): sending packet to 12.226.164.221 my_port 500 peer_port 500 (R) QM_IDLE
*Aug 6 16:49:40.369: ISAKMP:(1152):Sending an IKE IPv4 Packet.
*Aug 6 16:49:40.369: ISAKMP:(1152):purging node -57109272
*Aug 6 16:49:40.373: ISAKMP (1152): received packet from 12.226.164.221 dport 500 sport 500 Global (R) QM_IDLE
*Aug 6 16:49:40.373: ISAKMP: set new node 1989134924 to QM_IDLE
*Aug 6 16:49:40.373: ISAKMP:(1152): processing HASH payload. message ID = 1989134924
*Aug 6 16:49:40.373: ISAKMP:(1152): processing NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 0, message ID = 1989134924, sa = 0x3C3AE144
*Aug 6 16:49:40.373: ISAKMP:(1152): DPD/R_U_THERE_ACK received from peer 12.226.164.221, sequence 0x7DAFD76D
*Aug 6 16:49:40.373: ISAKMP:(1152):deleting node 1989134924 error FALSE reason "Informational (in) state 1"
*Aug 6 16:49:40.373: ISAKMP:(1152):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY
*Aug 6 16:49:40.373: ISAKMP:(1152):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

*Aug 6 16:49:46.845: ISAKMP:(1152):purging node -1760272497

AGI#show crypto ipsec sa

interface: GigabitEthernet0/0
Crypto map tag: CMAP, local addr 12.226.164.218

protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
current_peer 12.226.164.221 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 867, #pkts encrypt: 867, #pkts digest: 867
#pkts decaps: 45, #pkts decrypt: 45, #pkts verify: 45
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0

interface: GigabitEthernet0/0
Crypto map tag: CMAP, local addr 12.226.164.218

protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
current_peer 12.226.164.221 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 881, #pkts encrypt: 881, #pkts digest: 881
#pkts decaps: 50, #pkts decrypt: 50, #pkts verify: 50
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0

The tunnel is showing encaps/decaps and encrypts/decrypts on both sides. Are you sourcing the ping?

Have you tried the ping from hosts behind each of the protected LANs?

Have you also tried traceroutes?