dynamic-access-policy-record "IPSEC Client DAP"
description "IPSEC Client access"
aaa-server Polo-Radius protocol radius
aaa-server Polo-Radius (inside) host 172.24.7.4
key *************
radius-common-pw *************

snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
service resetoutside
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside-primary_map 2 match address outside-primary_2_cryptomap
crypto map outside-primary_map 2 set pfs
crypto map outside-primary_map 2 set peer 71.39.236.29
crypto map outside-primary_map 2 set transform-set ESP-AES-256-SHA
crypto map outside-primary_map 2 set reverse-route
crypto map outside-primary_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside-primary_map interface outside-primary

crypto isakmp enable outside-primary
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 5
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 50
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
!

dhcpd address 172.24.204.4-172.24.204.150 VPN
dhcpd dns 172.24.7.4 interface VPN
dhcpd lease 7200 interface VPN
dhcpd ping_timeout 150 interface VPN
dhcpd domain polos.safe interface VPN
dhcpd option 3 ip 172.24.204.1 interface VPN
dhcpd enable VPN
!

group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec l2tp-ipsec
group-policy GS-IPSEC-FULL internal
group-policy GS-IPSEC-FULL attributes
wins-server value 172.24.7.4
dns-server value 172.24.7.4
vpn-idle-timeout 120
vpn-session-timeout 720
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value GS-IPSEC-FULL_splitTunnelAcl
default-domain value polos.safe
group-policy GS-IPSEC-ADMIN internal
group-policy GS-IPSEC-ADMIN attributes
wins-server value 172.24.7.4
dns-server value 172.24.7.4
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value GS-IPSEC-FULL_splitTunnelAcl
default-domain value polos.safe
group-policy Site-To-Site internal
group-policy Site-To-Site attributes
vpn-tunnel-protocol IPSec l2tp-ipsec

tunnel-group GS-IPSEC-FULL type remote-access
tunnel-group GS-IPSEC-FULL general-attributes
address-pool VPN-IP-Pool
authentication-server-group Polo-Radius
default-group-policy GS-IPSEC-FULL
tunnel-group GS-IPSEC-FULL ipsec-attributes
pre-shared-key *
tunnel-group GS-IPSEC-ADMIN type remote-access
tunnel-group GS-IPSEC-ADMIN general-attributes
address-pool GS-Admin-Pool
authentication-server-group Polo-Radius
default-group-policy GS-IPSEC-ADMIN
tunnel-group GS-IPSEC-ADMIN ipsec-attributes
pre-shared-key *

Full config pls...

Interested to see the actual crypto ACL, tunnel-group for the site-to-site VPN, all the NAT statements, and all the interfaces ACL.

Plus the output of:

show cry isa sa

show cry ipsec sa