Thanks for that.  I think I'm making some progress.  Here is what I have so far...

crypto map houston 10 match address 101

crypto map houston 10 set peer 99.119.80.165

crypto ipsec ikev1 transform-set DUMAC3 esp-3des esp-md5-hmac

crypto map houston 10 set ikev1 transform-set DUMAC3

tunnel-group 99.119.80.165 type ipsec-l2l

tunnel-group 99.119.80.165 ipsec-attributes

ikev1 pre-shared-key *****

ikev2 remote-authentication pre-shared-key *****

ikev2 local-authentication pre-shared-key *****

access-list 101 extended permit ip 192.168.1.0 255.255.255.0 192.168.7.0 255.255.255.0

Is there anything else that I will need to do for this?  Add nat rules so the VPN traffic isn't NAT'd?  Apply the crypto map to an interface?

if your router doesn't IOS 15.2, then you don't need the IKEv2-config on the ASA.

Yes, the crypto map has to be applied to the interface and you need to exempt the vpn-traffic from translation with Identity NAT:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/nat_overview.html#wp1102289

Thanks again.  One more question... I already have a crypto map on that interface for my RA ipsec VPN (Cisco VPN Client).  Can I also apply this one or do I need to edit the existing one?  If I need to edit it, what needs to be changed?

Here is my current crypto map:

crypto map primaryisp_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map primaryisp_map interface primaryisp

Only one crypto-map is allowed per interface. So everything has to go into one CM. Use lower sequence-number for your site-to-site tunnels and a high number (65535) for remote-access.

Could you explain a little further on that?  Not sure how I would use lower/higher seq numbers when I can only have 1 per interface....

Thanks for all the help!  That makes more sense now.  I'll be attempting to implement this tomorrow night.  Just want to make sure everything is lined up.  Here is my "final" config... anything you notice that should be added/changed (obviously it's tough to just look at it and know without testing).  Thanks again!

object network inside

subnet 192.168.1.0 255.255.255.0

!

object network houston-network

subnet 192.168.7.0 255.255.255.0

!

access-list syracuse-houston-acl extended permit ip object inside object houston-network

!

nat (inside,primaryisp) source static inside inside destination static houston-network houston-network

!

crypto ipsec ikev1 transform-set DUMAC3 esp-3des esp-md5-hmac

!

crypto map primaryisp_map 1 match address syracuse-houston-acl

crypto map primaryisp_map 1 set peer 99.119.80.165

crypto map primaryisp_map 1 set ikev1 transform-set DUMAC3

crypto map primaryisp_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map primaryisp_map interface primaryisp

!

crypto ikev1 enable primaryisp

!

crypto ikev1 policy 10

authentication pre-share

encryption 3des

hash md5

group 2

lifetime 36000

!

tunnel-group 99.119.80.165 type ipsec-l2l

tunnel-group 99.119.80.165 ipsec-attributes

ikev1 pre-shared-key *****

This partial config looks good for the S2S-VPN. Nowadays you perhaps should use better crypto (SHA, AES, DH5), but it could work anyway.