I did the changes you mentioned but it still did not work, I took off the management-only on Vlan1 and allowed icmp and icmp error in the global map-policy but it still didn't work.

If I SSH onto the ASA, it can ping 8.8.8.8 but I don't know which interface it's doing it from, I'm assuming 0/0, however if I run packet-tracer with the source being 0/2 and dest being 0/0 it drops the pack on return I beleive as it say's there is no route to the host for some reason.

Can you paste the packet-tracer output?

Also, you don't seem to have a default route for the outside interface, so any internet address wont be reachable. You would need to add something like this:

route Uplink 0 0 <Gateway_ip_address>

Here's my packet-trace:

192.168.10.50 = laptop inside Primary(vlan 2)

192.168.1.32  = dhcp assigned ip of vlan 1

ciscoasa# packet-tracer input Primary icmp 192.168.10.50 8 0 192.168.1.32 detail

Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.1.32    255.255.255.255 identity

Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.1.32    255.255.255.255 identity

Result:
input-interface: Primary
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: drop
Drop-reason: (no-route) No route to host

ciscoasa# ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
ciscoasa# packet-tracer input Primary icmp 192.168.10.50 8 0 192.168.1.32 deta$

Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.1.32    255.255.255.255 identity

Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.1.32    255.255.255.255 identity

Result:
input-interface: Primary
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: drop
Drop-reason: (no-route) No route to host

This is my current route setup:

ciscoasa# show route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

C    192.168.10.0 255.255.255.0 is directly connected, Primary
C    192.168.1.0 255.255.255.0 is directly connected, Uplink
d*   0.0.0.0 0.0.0.0 [1/0] via 192.168.1.1, Uplink

I tried adding a route Uplink 0 0 192.168.1.1 but it still did not work.

You cannot ping the uplink interface from any other interface or host connected via any other interface. That is by design how an ASA works. 

Make the destination of your packet-tracer 8.8.8.8 and you will the the egress interface confirmed. 

Ah yes, making the packet tracer dest 8.8.8.8 worked, and thanks for info regarding pinging other interfaces on the ASA.

This worked !, I can now ping outside the firewall and receive replys, I'm trying to understand what the commands did. The "object network LOCAL_LAN", did that create a new network object ?, as when I typed "object network ?", it allows me to enter a word, so i'm not sure where LOCAL_LAN came from ?, or is the simply a given name and could be anything ?

Then the next 2 commads, are they saying for subnet XXXXX, do nat in this order dynamically ?

The "object network LOCAL_LAN", did that create a new network object ?

Yes this created a new network object. LOCAL_LAN is userdefined so you could replace this with whatever you like.  Once you create the object you need to define IPs, subnets, or a range of IPs that this object will reference.

So the subnet command and NAT command under the network object state that for the IP, subnet or range of IPs in this object, dynamically NAT this to the outside interface IP.  Now this is the configuration for auto-NAT or Section 2 NAT.  The same result could be achieved with the use of Manual NAT (Section 1) or After-Auto NAT (Section 3).  the configuration is different and the matching method is also different.  But in short Section 1 will be matched first, then entries in Section 2, and finally entries in Section 3.  Section 1 and 3 are based on a top down method (much like how ACLs are matched) and Section 2 is matched based on longest match.  That means that in section 2 if you have a 192.168.1.0/24 configured before 192.168.1.10/32, the /32.  Then if traffic from 192.168.1.10 will match /32 even though the /24 is configured above it.

Keep in mind that object network can only hold a single IP, subnet, or range entry.  If you want to group several IPs together you will need to use object-group network.

--

Please remember to select a correct answer and rate helpful posts

fixup protocol icmp was helpful, there was alternative fix to this as well?  Do you recall that ?

@LovejitSingh130013 Permit icmp echo-reply inbound on the outside ACL.

@Rob Ingram does these commands will do same thing

icmp permit any outside

icmp permit any inside

@LovejitSingh130013 

No, those commands are for icmp "to" the ASAs interfaces.

Configuring icmp inbound on the outside interface is for traffic "through" the ASA.

E.g. "access-list OUTSIDE_IN permit icmp any any echo-reply"