pix to pix dhcp to static vpn

I am trying to create a lan-to-lan ipsec-isakmp vpn tunnel pix to pix on end is dhcp. I can't seem to bring up the tunnel not sure what is wrong. PPPOE is working and I got internet on the one end any suggestions? two configs posted below

dhcpd pix PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password rYa/GJxn8xRiuReW encrypted passwd rYa/GJxn8xRiuReW encrypted hostname pix domain-name cisco.com fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names access-list ocmap permit ip 10.1.3.0 255.255.255.0 10.1.1.0

255.255.255.0 access-list nonat permit ip 10.1.3.0 255.255.255.0 10.1.1.0 255.255.255.0 pager lines 24 mtu outside 1500 mtu inside 1500 ip address outside pppoe setroute ip address inside 10.1.3.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list nonat nat (inside) 1 0.0.0.0 0.0.0.0 0 0 timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set esp-aes-sha esp-aes esp-sha-hmac crypto map outside_map 20 ipsec-isakmp crypto map outside_map 20 match address ocmap crypto map outside_map 20 set peer 28.4.8.1 crypto map outside_map 20 set transform-set esp-aes-sha crypto map outside_map interface outside isakmp enable outside isakmp key ******** address 28.4.8.1 netmask 255.255.255.255 isakmp policy 20 authentication pre-share isakmp policy 20 encryption aes isakmp policy 20 hash sha isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 telnet timeout 5 ssh 0.0.0.0 0.0.0.0 inside ssh timeout 5 management-access inside console timeout 0 vpdn group pppoe-sbc request dialout pppoe vpdn group pppoe-sbc localname snipped-for-privacy@sbcglobal.net vpdn group pppoe-sbc ppp authentication pap vpdn username snipped-for-privacy@sbcglobal.net password ********* dhcpd address 10.1.3.2-10.1.3.11 inside dhcpd lease 6999 dhcpd ping_timeout 750 dhcpd auto_config outside dhcpd enable inside terminal width 80 Cryptochecksum:c2eeab192092fda1820bcf75b439c557 : end

static pix PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto shutdown nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 intf2 security4 enable password rYa/GJxn8xRiuReW encrypted passwd rYa/GJxn8xRiuReW encrypted hostname dyn domain-name cisco.com fixup protocol dns maximum-length 512 fixup protocol domain 53 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 no names access-list dynmap permit ip 10.1.1.0 255.255.255.0 10.1.3.0

255.255.255.0 pager lines 24 logging on logging timestamp logging trap warnings logging host inside 192.168.203.50 no logging message 106021 mtu outside 1500 mtu inside 1500 mtu intf2 1500 ip address outside 28.4.8.1 255.255.255.240 ip address inside 10.1.1.5 255.255.255.0 no ip address intf2 ip verify reverse-path interface outside ip verify reverse-path interface inside ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list dynmap nat (inside) 1 0.0.0.0 0.0.0.0 0 0 route outside 0.0.0.0 0.0.0.0 28.4.8.1 1 route inside 192.1.2.0 255.255.255.0 10.1.1.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 0.0.0.0 0.0.0.0 inside snmp-server host inside 192.1.2.50 no snmp-server location no snmp-server contact snmp-server community public snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set esp-aes-sha esp-aes esp-sha-hmac crypto dynamic-map dynvpn 1 set transform-set esp-aes-sha crypto map dyn-map 20 ipsec-isakmp dynamic dynvpn crypto map dyn-map interface outside isakmp enable outside isakmp key ******** address 0.0.0.0 netmask 0.0.0.0 isakmp policy 20 authentication pre-share isakmp policy 20 encryption aes isakmp policy 20 hash sha isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh 0.0.0.0 0.0.0.0 inside ssh timeout 5 management-access inside console timeout 0 terminal width 80 Cryptochecksum:102a6374cbae8a5d29c7a09e6598ad34 : end