Thank you for checking my config. I will remove the no Nat DMZ to remote. As for the cryto ACL can the DMZ be added to the existing Inside crypto ACL?

Thank you for checking my config. I will remove the NO-Nat DMZ to remote.

I dont see this NAT' if you config dont remove it

As for the cryto ACL can the DMZ be added to the existing Inside crypto ACL?

Sure Yes you can and make sure the peer also add DMZ subnet to it acl

MHM

Last point friend make sure the peer add static route for DMZ subnet toward IPSec interface

MHM

I've added DMZ1-Network to the inside_cryptomap_65535.65535 and inside_cryptomap_65535.65535_1 crypto ACL. 

Sorry I miss read your no nat statement.  I need to add a "no nat" statement. What is the correct syn text for that?   Thank you.

nat (inside,outside) source static DukeLAN DukeLAN destination static Obj-Remote-IPSEC-VPN Obj-Remote-IPSEC-VPN route-lookup description Allow Inside VPN Split tunnel
nat (dmz1,outside) source static DMZ1-Network DMZ1-Network destination static Obj-Remote-IPSEC-VPN Obj-Remote-IPSEC-VPN no-proxy-arp description Allow VPN to DMZ <<- this NO-NAT (exemption) for DMZ subnet, you already add it, it correct dont remove it

MHM

I've reconnected to the VPN client and tried to ping a DMZ IP 192.168.44.2. No replies back.

I've added DMZ1-Network to the inside_cryptomap_65535.65535 and inside_cryptomap_65535.65535_1 crypto ACL. I'm not sure if this is correct. But I do have 

access-list dmz1_cryptomap_65535.65535 extended permit ip object DMZ1-Network object Obj-Remote-IPSEC-VPN

Ran the Packet Tracer and I'm still getting the same error. Thanks for verifying my NAT statements, I was thinking that they should be right, but after you mention that I need to add a no NAT statement, was not sure on how it should be added. My VPN client has secured routes to 144.244.244.0(Inside), 124.140.1.0(VPN network), and 192.168.44.0(DMZ network).

Not sure what to do next to get it to work.

OK
let summary point and you write confirm for each point (and config if you can)
1- add DMZ-LAN to ACL of IPsec 
2- config NO-NAT of DMZ-LAN to remote-LAN
3- add DMZ-LAN to ACL of IPsec in Peer 
4- add route for DMZ-LAN in Peer 

MHM

Here what I think you are asking for. If it's not correct please give me an example for each of 4 items or you can look at the config that is listed below to see if it's there.

1- add DMZ-LAN to ACL of IPsec

* access-list Split_Tunnel remark Duke DMZ
access-list Split_Tunnel standard permit 192.168.44.0 255.255.255.0

2- config NO-NAT of DMZ-LAN to remote-LAN

* nat (dmz1,outside) source static DMZ1-Network DMZ1-Network destination static Obj-Remote-IPSEC-VPN Obj-Remote-IPSEC-VPN no-proxy-arp description Allow VPN to DMZ

3- add DMZ-LAN to ACL of IPsec in Peer

* access-list Dmz1_Access_In remark Allow DMZ1 to VPN Added 1/23/24
access-list Dmz1_Access_In extended permit ip object DMZ1-Network object Obj-Remote-IPSEC-VPN

4- add route for DMZ-LAN in Peer

* Not sure about this one. I don't think their a route but the ASA is the GW for the DMZ so it should be directly connected, and route is not need.

***********************************************************************

Here the config:

ip local pool IPSEC-VPN-Pool 124.140.1.1-124.140.1.254 mask 255.255.255.0
!
interface GigabitEthernet0/0
description Outside
speed 1000
duplex full
nameif outside
security-level 0
ddns update DYNU
dhcp client update dns
ip address dhcp setroute
!
interface GigabitEthernet1/0
description Inside
speed 1000
duplex full
nameif inside
security-level 100
ip address Firewall 255.255.255.0
!
interface GigabitEthernet1/1.100
description DMZ1 for Duke Network
vlan 100
nameif dmz1
security-level 50
ip address 192.168.44.1 255.255.255.0
!
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
!
object network DukeLAN
subnet 144.244.244.0 255.255.255.0
description Inside Network
!
object network Obj-Remote-IPSEC-VPN
subnet 124.140.1.0 255.255.255.0
description VPN IP Subnet (Allow TCP NAT)
!
object network DMZ1-Network
subnet 192.168.44.0 255.255.255.0
description DMZ subnet for XBox
!
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object udp
protocol-object tcp
!
object-group network DM_INLINE_NETWORK_1
network-object object DukeLAN
network-object object DMZ1-Network
!
object-group service DM_INLINE_SERVICE_3
service-object icmp
service-object tcp destination eq www
service-object tcp destination eq https
!
object-group service DM_INLINE_SERVICE_4
service-object icmp timestamp-reply
service-object icmp unreachable
service-object tcp destination eq ssh
!
object-group protocol DM_INLINE_PROTOCOL_8
protocol-object ip
protocol-object icmp
!
object-group protocol DM_INLINE_PROTOCOL_5
protocol-object udp
protocol-object tcp
!
object-group protocol DM_INLINE_PROTOCOL_7
protocol-object ip
protocol-object udp
protocol-object tcp
!
object-group network DM_INLINE_NETWORK_2
network-object object DMZ1-Network
network-object object DukeLAN
!
access-list 102 extended permit ip object DukeLAN object Obj-Remote-IPSEC-VPN
access-list Split_Tunnel remark Duke Network
access-list Split_Tunnel standard permit 144.244.244.0 255.255.255.0
access-list Split_Tunnel remark VPN
access-list Split_Tunnel standard permit 124.140.1.0 255.255.255.0
access-list Split_Tunnel remark Duke DMZ
access-list Split_Tunnel standard permit 192.168.44.0 255.255.255.0
access-list 101 extended permit ip object DukeLAN object Obj-Remote-IPSEC-VPN
access-list inside_access_in extended deny ip any4 any4
access-list acl_out extended permit icmp any any unreachable
access-list netflow-export extended permit ip any any
access-list dynamic-filter_acl extended permit ip any any
access-list outside_access_in extended permit object-group DM_INLINE_PROTOCOL_8 object Obj-Remote-IPSEC-VPN 192.168.44.0 255.255.255.0
access-list outside_access_in extended permit tcp any object MarksPlex object-group 32400_TCP log
access-list outside_access_in extended permit object-group DM_INLINE_PROTOCOL_7 any object DukeDVR
access-list outside_access_in extended permit tcp any interface outside eq 14440 inactive
access-list outside_access_in extended permit udp any interface outside eq 14440 inactive
access-list ACL-SPLIT-TUNNEL remark Duke Network
access-list ACL-SPLIT-TUNNEL standard permit 144.244.244.0 255.255.255.0
access-list ACL-SPLIT-TUNNEL remark VPN
access-list ACL-SPLIT-TUNNEL standard permit 124.140.1.0 255.255.255.0
access-list ACL-SPLIT-TUNNEL remark Duke DMZ
access-list ACL-SPLIT-TUNNEL standard permit 192.168.44.0 255.255.255.0
access-list outside_cryptomap_1.1 extended deny object-group VPN_Ports interface dmz1 interface outside
access-list Dmz1_Access_In remark Allow DMZ1 to VPN Added 1/23/24
access-list Dmz1_Access_In extended permit ip object DMZ1-Network object Obj-Remote-IPSEC-VPN
access-list Dmz1_Access_In remark Block DMZ to any where
access-list Dmz1_Access_In extended deny ip any any
access-list ACL_OUT remark VPN ACCESS (ALLOWS GRE, ISAKMP,ESP, IPSEC, PPTP, AH PORTS)
access-list ACL_OUT remark VPN ACTIVE DIRECTORY(ALLOW PPTP PORT)
access-list ACL_OUT extended permit gre any any
access-list ACL_OUT remark VPN ACCESS (ALLOWS GRE, ISAKMP,ESP, IPSEC, PPTP, AH PORTS)
access-list ACL_OUT remark VPN ACCESS (ALLOWS GRE, ISAKMP,ESP, IPSEC, PPTP, AH PORTS)
access-list ACL_OUT remark FOR VPN ACCESS
access-list outside_cryptomap_1.1_1 extended deny object-group VPN_Ports interface inside interface outside
access-list outside_cryptomap_1.1_2 extended permit ip object Obj-Remote-IPSEC-VPN object-group DM_INLINE_NETWORK_2
access-list outside_cryptomap_65535.65535_1 extended permit ip object DukeLAN any inactive
access-list outside_cryptomap_65535.65535_2 extended deny ip object DukeLAN any inactive
access-list outside_cryptomap_65535.65535 extended permit object-group DM_INLINE_PROTOCOL_1 object DukeLAN any object-group TCP-UDP2049
access-list inside_cryptomap_65535.65535 extended permit ip object DukeLAN object Obj-Remote-IPSEC-VPN
access-list dmz1_cryptomap_65535.65535 extended permit ip object DMZ1-Network object Obj-Remote-IPSEC-VPN
access-list inside_cryptomap_65535.65535_1 extended permit ip object DukeLAN object Obj-Remote-IPSEC-VPN
access-list outside_cryptomap_10.10 extended permit ip object Obj-Remote-IPSEC-VPN object-group DM_INLINE_NETWORK_1
access-list IPSecVPN_Policy remark Allow VPN users Internet and ICMP
access-list IPSecVPN_Policy extended permit object-group DM_INLINE_SERVICE_3 object Obj-Remote-IPSEC-VPN any
access-list Dmz1_Access_In_1 extended permit object-group XBOX_Services object XBox any
!
nat (dmz1,outside) source static MarksPlex interface service 32400_in 32400_out description For Ouside Access to Plex
nat (inside,dmz1) source static DMZ1-Network interface service 37777 37777 description To allow traffic to flow from a lower security level (DMZ). So it can reach DukeDVR in a higher security (Inside)
nat (outside,inside) source static any any destination static DukeDVR DukeDVR service 37777 37777 description For Outside access to DVR
nat (inside,outside) source dynamic DukeLAN interface description Allow Inside Access to the Outside
nat (inside,outside) source static DukeLAN DukeLAN destination static Obj-Remote-IPSEC-VPN Obj-Remote-IPSEC-VPN route-lookup description Allow Inside VPN Split tunnel
nat (dmz1,outside) source static DMZ1-Network DMZ1-Network destination static Obj-Remote-IPSEC-VPN Obj-Remote-IPSEC-VPN no-proxy-arp description Allow VPN to DMZ
!
object network DukeLAN
nat (inside,outside) dynamic interface dns
object network obj_any
nat (inside,outside) dynamic interface
!
nat (dmz1,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
access-group Dmz1_Access_In in interface dmz1

I've discovered that my VPN client IP 124.140.1.1 fails to ping the DMZ using Packet Tracer. But if I change the IP address to 124.140.1.2 it works.

I will share with you some step tonight 
thanks for waiting 
MHM

I wait your reply but I think you are busy 
this Note I write I need to discus with you 
the point that make me ask the config is split tunnel and you always mention client not Peer, so I want to be sure are you use IPSec dynamic OR RA IPSec ?
MHM

can I you share the all config of ASA 
thanks a lot 
MHM