#CENTRAL ASA:

INTERNAL_SUBNETS: On this local ASA.
REMOTE_SUBNETS: On the remote ASA.

crypto ikev1 enable OUTSIDE-1

crypto ikev1 policy 10
 authentication pre-share
 encryption aes
 hash sha
 group 2
 lifetime 86400

crypto ipsec ikev1 transform-set DYNAMICVPN-1 esp-aes esp-sha-hmac

access-list DYNAMICVPN-1 extended permit ip object-group INTERNAL_SUBNETS object-group REMOTE_SUBNETS

nat (INSIDE-1,OUTSIDE-1) source static INTERNAL_SUBNETS INTERNAL_SUBNETS destination static REMOTE_SUBNETS REMOTE_SUBNETS

crypto dynamic-map DYNAMICVPN-1 1 match address DYNAMICVPN-1
crypto dynamic-map DYNAMICVPN-1 1 set ikev1 transform-set DYNAMICVPN-1

crypto map CRYMAP 1 ipsec-isakmp dynamic DYNAMICVPN-1
crypto map CRYMAP interface OUTSIDE-1

tunnel-group DefaultL2LGroup ipsec-attributes
 ikev1 pre-shared-key *****