Hy all

This is the conf of ASA5520:

name 172.20.20.20 Local-host-int
object network local-host-nat-outside host 10.20.10.65

object network Local-lan subnet 10.20.10.0 255.255.255.0
object network Remote-lan subnet 10.20.20.0 255.255.255.192
access-list outside_cryptomap_22 extended permit ip object Local-lan object Remote-lan
nat (NET-INTERNE,outside) source static Local-host-int local-host-nat-outside destination static Remote-lan Remote-lan

crypto map outside_map 19 match address outside_cryptomap_22
crypto map outside_map 19 set peer 192.168.91.1
crypto map outside_map 19 set transform-set ESP-AES-128-SHA
crypto map outside_map 19 set security-association lifetime seconds 3600

crypto isakmp identity address
crypto isakmp enable outside
group-policy VPN-192.168.91.1 internal
group-policy VPN-192.168.91.1 attributes
vpn-filter none
ipv6-vpn-filter none
vpn-tunnel-protocol IPSec

tunnel-group 192.168.91.1 type ipsec-l2l
tunnel-group 192.168.91.1 general-attributes
default-group-policy VPN-192.168.91.1
tunnel-group 192.168.91.1 ipsec-attributes
pre-shared-key *****
isakmp keepalive disable

output of command

show cry isa sa
2   IKE Peer: 192.168.91.1
    Type    : L2L             Role    : initiator
    Rekey   : no              State   : MM_ACTIVE
   
   
#pkts encaps: 575, #pkts encrypt: 575, #pkts digest: 575
      #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
      #pkts compressed: 0, #pkts decompressed: 0
      #pkts not compressed: 575, #pkts comp failed: 0, #pkts decomp failed: 0
a moment ago

#pkts encaps: 591, #pkts encrypt: 591, #pkts digest: 591
      #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
      #pkts compressed: 0, #pkts decompressed: 0
      #pkts not compressed: 591, #pkts comp failed: 0, #pkts decomp failed: 0

So encrypted paquet increase, but  decrypted packages are always  0 

I also found this

[IKEv1]: Group = 192.168.91.1, IP = 192.168.91.1, Duplicate Phase 1 packet detected.  No last packet to retransmit

Thanks again

Thanks