Hi all

I have an ASA5508-x firewall on my perimeter. I want to connect to it from the internet using the VPN Client for admin purposes. I've got it configured and it asks and accepts my password, but I get the error 

Group = VPN_CLIENT_ADMIN, Username = user.name, IP = X.X.X.X, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 10.1.60.1/255.255.255.255/0/0 local proxy 0.0.0.0/0.0.0.0/0/0 on interface EXT_PUB_INT

My config is

ip local pool VPN_CLIENT_ADMIN 10.1.60.1-10.1.60.50 mask 255.255.255.0

object-group network VPN_CLIENTS
 description IP Range assigned to VPN Clients
 network-object 10.1.60.0 255.255.255.0

object-group network IND_LAN
 description Internal LAN
 network-object 192.168.1.0 255.255.255.0

access-list VPN_CLIENT_ADMIN extended permit ip object-group VPN_CLIENTS object-group IND_LAN

nat (inside,EXT_PUB_INT) after-auto source static IND_LAN IND_LAN destination static VPN_CLIENTS VPN_CLIENTS no-proxy-arp

group-policy VPN_CLIENT_ADMIN internal
group-policy VPN_CLIENT_ADMIN attributes
 banner value Use of this connection is restricted to authorised users only.
 banner value Unauthorised or inappropriate use is prohibited and may be subject to administrative, criminal,
 banner value or civil penalties. This connection is monitored and logged.
 vpn-access-hours none
 vpn-simultaneous-logins 5
 vpn-idle-timeout 30
 vpn-session-timeout 180
 vpn-filter value VPN_CLIENT_ADMIN
 vpn-tunnel-protocol ikev1
 address-pools value VPN_CLIENT_ADMIN

tunnel-group VPN_CLIENT_ADMIN type remote-access
tunnel-group VPN_CLIENT_ADMIN general-attributes
 address-pool VPN_CLIENT_ADMIN
 authentication-server-group (EXT_PUB_INT) LOCAL
 default-group-policy VPN_CLIENT_ADMIN
tunnel-group VPN_CLIENT_ADMIN ipsec-attributes
 ikev1 pre-shared-key *****

I am running

Cisco Adaptive Security Appliance Software Version 9.5(1)
Device Manager Version 7.5(1)

Any ideas why it may be failing?

Thanks