Then this is where your problem is.  If the 137.x.x.x VPN pool is used on the older ASA, this means that your ISP is routing the 137.x.x.x subnet to the older ASA. There for return traffic that you are testing on the new ASA will be redirected to the old ASA.  I am betting that if you check the logs on the older ASA you will see drops for this traffic (most likely no connection drops).

--

Please remember to select a correct answer and rate helpful posts

Hi Marius,

Unfortunately the real ips on the old asa are in a different subnet to the ones on the new one, so the networks are not duplicated.

Thanks

You still need to check with your ISP that the 137.x.x.x network is routed toward the correct ASA. 

--

Please remember to select a correct answer and rate helpful posts

Hi Marius,

Thanks for that. I will try adding the VPN Pool Network as a Routed VLAN on our core and see if that helps. This way, i think i wont have to do nat. You will connect on the outside interface, get a Real IP and we will then have a routed network it now. I will let you know how this goes.

Thanks

Do you mean that you will add an interface with an IP within the range?  If so, this will not solve the problem.  The problem is that your ISP is most likely routing the subnet towards the wrong ASA.

--

Please remember to select a correct answer and rate helpful posts

Hi,

To clarify, when i said i wanted to replicate the old ASA, i meant by design. I am using different pools of Real IP addresses on each of them. I am aware that having the same IP pools on both ASAs would lead to routing issues, so I avoided that from the start. I deciced to do away with NAT and instead i cabled up another one of the ports on the ASA to our core.Now the 137.X.X.X/26 is a routed interface on our core too. So when you connect to the outside interface, you get a Real address from the 137.X.X.X/26 pool and now we have an interface in this VLAN, so all is working perfectly.

Thanks to all for taking a look at this