VPN TO Multiple Locations Failing

I have 4 locations that I have RB2011’s in. My problem is that the VPN connection between the offices will not stay up for any give period of time. Here is a a breakdown of how the network is setup
jan/03/1970 04:47:54 by RouterOS 6.10 on all routers

Location 1

address=172.16.10.1 comment=LAN interface=ether2 
address=1.1.1.1/30 comment=WAN interface-ether1
add chain=srcnat comment=Location 3 dst-address=172.16.12.0/24 src-address=172.16.10.0/24
add chain=srcnat comment=Location 4 dst-address=172.16.13.0/24 src-address=172.16.10.0/24
add chain=srcnat comment=Location 2 dst-address=172.16.11.0/24 src-address=172.16.10.0/24
add action=dst-nat chain=dstnat disabled=yes dst-address=0.0.0.0/0 dst-port=443 protocol=tcp to-addresses=\
    172.16.10.2 to-ports=443
add action=dst-nat chain=dstnat dst-address=0.0.0.0/0 dst-port=1723 protocol=tcp to-addresses=172.16.10.2 \
    to-ports=1723
add action=dst-nat chain=dstnat dst-address=xxx.xxx.xxx.1-xxx.xxx.xxx.254 dst-port=8889 protocol=tcp \
    to-addresses=172.16.10.2 to-ports=8889
add action=dst-nat chain=dstnat dst-address=xxx.xxx.xxx.1-xxx.xxx.xxx.254 dst-port=8889 protocol=tcp \
    to-addresses=172.16.10.2 to-ports=8889
add action=dst-nat chain=dstnat dst-address=76.xxx.xxx.xxx dst-port=8889 protocol=tcp to-addresses=172.16.10.2 \
    to-ports=8889
add action=dst-nat chain=dstnat dst-address=xxx.xxx.xxx.1-xxx.xxx.0.254 dst-port=389 protocol=tcp \
    to-addresses=172.16.10.2 to-ports=389
add action=dst-nat chain=dstnat dst-address=xxx.xxx.xxx.1-xxx.xxx.xxx.254 dst-port=389 protocol=tcp to-addresses=\
    172.16.10.2 to-ports=389
add action=dst-nat chain=dstnat dst-address=1.1.1.1 to-addresses=172.16.10.2
add action=src-nat chain=srcnat src-address=172.16.10.2 to-addresses=1.1.1.1
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 src-address=172.16.10.0/24

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 enc-algorithms=des
/ip ipsec peer
add address=4.4.4.4/30 comment=Location 4 dpd-interval=disable-dpd enc-algorithm=des \
    hash-algorithm=md5 secret=test
add address=3.3.3.3/30 comment=Location 3 dpd-interval=disable-dpd enc-algorithm=des hash-algorithm=\
    md5 secret=test
add address=2.2.2.2/30 comment=Location 2 dpd-interval=disable-dpd enc-algorithm=des hash-algorithm=md5 \
    secret=test
/ip ipsec policy
add comment=Location 4 dst-address=172.16.15.0/24 sa-dst-address=4.4.4.4 sa-src-address=\
    1.1.1.1 src-address=172.16.10.0/24 tunnel=yes
add comment=Location 3 dst-address=172.16.25.0/24 sa-dst-address=3.3.3.3 sa-src-address=\
    1.1.1.1 src-address=172.16.10.0/24 tunnel=yes
add comment=Location 2 dst-address=172.16.11.0/24 sa-dst-address=2.2.2.2 sa-src-address=1.1.1.1 \
    src-address=172.16.10.0/24 tunnel=yes

Location 2

address=172.16.11.1 comment=LAN interface=ether2 
address=2.2.2.2/30 comment=WAN interface-ether1

/ip firewall nat
add chain=srcnat comment=Location 1 dst-address=172.16.10.0/24 src-address=172.16.11.0/24
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=ether1-gateway src-address=\
    172.16.11.0/24

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 enc-algorithms=des lifetime=1d pfs-group=modp768
/ip ipsec peer
add address=1.1.1.1/30 comment=Location 1 dpd-interval=disable-dpd enc-algorithm=des hash-algorithm=md5
    test
/ip ipsec policy
add comment=Location 1 dst-address=172.16.10.0/24 sa-dst-address=1.1.1.1 sa-src-address=2.2.2.2 \
    src-address=172.16.11.0/24 tunnel=yes

Location 3

address=172.16.25.1 comment=LAN interface=ether2 
address=3.3.3.3/30 comment=WAN interface=ether1
address-3.3.3.4/30 comment=PBX interface=ether3

/ip firewall address-list
add address=172.16.25.10 list=PBX
/ip firewall filter
add action=drop chain=input src-address=xxx.xxx.xxx.228
add action=drop chain=input src-address=xxx.xxx.xxx.49
/ip firewall nat
add chain=srcnat comment=Location 1 dst-address=172.16.10.0/24 src-address=172.16.25.0/24
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=ether1-gateway src-address=\
    172.16.25.0/24

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 enc-algorithms=des lifetime=1d pfs-group=modp768
/ip ipsec peer
add address=1.1.1.1/30 comment=Location 1 dpd-interval=disable-dpd enc-algorithm=des \
    hash-algorithm=md5 secret=test
/ip ipsec policy
add comment=Vincennes dst-address=172.16.10.0/24 sa-dst-address=1.1.1.1 sa-src-address=\
    3.3.3.3 src-address=172.16.25.0/24 tunnel=yes

Location 4

address=172.16.15.1 comment=LAN interface=ether2 
address=4.4.4.4/30 comment=WAN interface-ether1

/ip firewall nat
add chain=srcnat comment=Vincennes dst-address=172.16.10.0/24 src-address=\
    172.16.15.0/24
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=\
    ether1-gateway src-address=172.16.15.0/24

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 enc-algorithms=des pfs-group=modp768
/ip ipsec peer
add address=1.1.1.1/30 comment=Location 1 dpd-interval=disable-dpd enc-algorithm=des hash-algorithm=md5 secret=\
    test
/ip ipsec policy
add comment=Location 1 dst-address=172.16.10.0/24 sa-dst-address=1.1.1.1 sa-src-address=4.4.4.4 src-address=\
    172.16.15.0/24 tunnel=yes

I also just noticed that on on Location 1 I see this message in the terminal

[quote]

ipsec,warning,critical failed to begin ipsec sa negotiation.[code]

I set everything up the way it is described in this PDF

http://gregsowell.com/wp-content/uploads/2009/12/GregSowell-mikrotik-vpn1.pdf

Is there things I am missing? I just set it up straight ipsec do I need to set set up with the ipip tunnel?

chvel
I have setup with 1+2

           Cisco ASA
         /
RB1100AH
         \ 
           RB1200

On RB1110AH:
ip ipsec policy add level=unique

When I completely rebuild the VPN it comes right back up and stays up for about a day. Then I have to rebuild everything again. Anyone have any thoughts as to what might be going on?I also notice that when I create the policies that it turns red for just a moment before it turns black. However I do not see anything wrong in the logs.