Thanks Chakshu a useful command.

I do see the right proxy arp entry at the bottom, but cannot work out why I would see proxy arp statements for what are effectively my source remote access networks. Comparing it to the working firewall, this doesn't look right.

hostname/act/pri(config)# sh nat proxy-arp

Nat Proxy-arp Table

id=0x00007fc00ac898b0, ip/id=x.x.109.161, mask=255.255.255.255 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.162, mask=255.255.255.254 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.164, mask=255.255.255.252 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.168, mask=255.255.255.248 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.177, mask=255.255.255.255 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.178, mask=255.255.255.254 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.180, mask=255.255.255.252 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=x.x.109.184, mask=255.255.255.248 ifc=FB_LIMS

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

id=0x00007fc00ac898b0, ip/id=10.x.x.167, mask=255.255.255.255 ifc=OUT_CORP

        config:(OUT_CORP) to (FB_LIMS) source static BM_&_MR_RSD_Remote_Access_Networks BM_&_MR_RSD_Remote_Access_Networks  destination static RSD_REM_ACC_VIP_10.x.x.161 FB_SOPHOS_RAVPN_NAT_192.x.x.2 service RSD_RA_VPN RSD_RA_VPN net-to-net unidirectional

Thanks

James