Thank you for your reply, Ok so would this be correct?

access-list acl_test extended permit ip object test_nat host 192.168.1.2

access-group acl_test interface outside

@m.s.rees1 I would define the destination using the object - " test_remote", less SAs if multiple hosts required later.

access-list acl_test extended permit ip object test_nat object test_remote

I have tried changing that to a specifc IP but still not getting any luck. When I do a sh crpyto isakmp it says:

There are no IKEv2 SAs

I wanted to rule this side of the config out frist, before investigating further with the the 3rd party.

@m.s.rees1 have you made the changes as mentioned previously? If you are NAT translating interesting traffic will come from the NAT address not the real IP address.

Yes I have now added in the ACL as you mentioned:

access-list acl_test extended permit ip object test_nat object test_remote

Still no luck.

access-list acl_test extended permit tcp any host 192.168.1.10 eq ssh
access-list acl_test extended permit tcp any host 192.168.1.2 eq https
access-list acl_test extended permit UDP host 1.1.1.1 eq 500 host <outside interface IP> 
access-list acl_test extended permit UDP host <outside interface IP> eq 500 host 1.1.1.1
access-list acl_test extended permit UDP host 1.1.1.1 eq 4500 host <outside interface IP> 
access-list acl_test extended permit UDP host <outside interface IP> eq 4500 host 1.1.1.1

access-group acl_test interface outside control-plane

these acl NEEDED 

@MHM Cisco World a control-plane ACL is not needed (its optional), if no control-plane is defined traffic is implictly permitted.

sorry I see his reply he remove the keyword control-plane from ACL.

OK, using ANY in ACL of policy and NAT is not work sometimes in IPSec

name 1.1.1.1 test

object-group network test
network-object host test

object network test_nat
host 192.168.2.1

Object network test_local
Subnet 0.0.0.0 0.0.0.0

Object network test_remote
Subnet 192.168.1.0 255.255.255.224

access-list acl_test extended permit tcp host 192.168.2.1 host 192.168.1.10 eq ssh
access-list acl_test extended permit tcp host 192.168.2.1 host 192.168.1.2 eq https

access-group acl_test interface outside control-plane

route outside 192.168.1.0 255.255.255.252 180.180.180.126

crypto ipsec ikev2 ipsec-proposal p1
protocol esp encryption aes-256
protocol esp integrity sha-256

crypto ikev2 policy 1
encryption aes-256
integrity sha
group 14
prf sha256
lifetime seconds 86400
Crypto ikev2 enable outside

crypto map outside_tunnels 141 match address acl_test
crypto map outside_tunnels 141 set peer test
crypto map outside_tunnels 141 set ikev2 ipsec-proposal p1
crypto map outside_tunnels 141 set pfs group14

tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
ikev2 remote-authentication pre-shared-key xxxxxxx
ikev2 local-authentication pre-shared-key xxxxxxx

nat (inside,outside) source static test_local test_nat destination static test_remote test_remote

in peer you need mirror ACL and route 
access-list acl_test extended permit tcp  host 192.168.1.10 eq ssh host 192.168.2.1
access-list acl_test extended permit tcp host 192.168.1.2 eq https  host 192.168.2.1

route OUT   192.168.2.1 255.255.255.255 <this ASA outside public IP >

Config is almost identical to this now. Not working though currently. Attaching Debug info below.

@m.s.rees1 can you enable debugs, attempt to establish the VPN and provide the debug output.

debug crypto ikev2 protocol 127
debug crypto ikev2 platform 127

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/115935-asa-ikev2-debugs.html

Is IKEv2 protocol enabled under the group-policy (possibly DfltGrpPolicy if you do not have a specific policy).

Also check that the crypto map is enabled on the outside interface.

crypto map outside_tunnels interface <outside if>