On FW1 change:-

access-list outside_in extended permit ip any any - REMOVE THIS

access-list outside_in extended permit icmp any any  - REMOVE THIS
access-list outside_in extended permit icmp any any echo  - REMOVE THIS

access-list outside_in extended permit icmp any any echo-reply - KEEP THIS

access-list outside_1_cryptomap extended permit ip 192.168.2.0 255.255.255.0 remote 255.255.255.0 - DELETE
access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.255.0 remote 255.255.255.0 - DELETE

Put the below in:-

access-list outside_1_cryptomap extended permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0

On FW2 change:-

access-list outside_in extended permit ip any any - REMOVE THIS

access-list outside_in extended permit icmp any any  - REMOVE THIS
access-list outside_in extended permit icmp any any echo  - REMOVE THIS

access-list outside_in extended permit icmp any any echo-reply - KEEP THIS

access-list outside_1_cryptomap extended permit ip 192.168.3.0 255.255.255.0 remote 255.255.255.0 - DELETE
access-list inside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 remote 255.255.255.0 - DELETE
access-list outside_1_cryptomap_1 extended permit ip 192.168.3.0 255.255.255.0 remote 255.255.255.0 - DELETE

Add the below:-

access-list inside_nat0_outbound extended permit ip 192.168.3.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list outside_1_cryptomap_1 extended permit ip 192.168.3.0 255.255.255.0 192.168.2.0 255.255.255.0