Thanks for the link, i have prepared the configuration based on what i study from the link and from few other sites can you please let me know if this will work

isakmp policy 1 authentication pre-share

isakmp policy 1 encryption 3des

isakmp policy 1 hash sha

isakmp policy 1 group 2

isakmp policy 1 lifetime 43200

isakmp enable outside

ip local pool Scott_VPN_Pool 10.6.31.245-10.6.31.245 mask 255.255.255.0

crypto dynamic-map Statham 1 set transform-set esp-sha-hmac

crypto dynamic-map Statham 1 set reverse route

crypto map Stathammap 1 ipsec-isakmp dynamic Statham

crypto map Stathammap interface outside

crypto isakmp nat-traversal  20

crypto isakmp identity address

crypto isakmp enable outside

crypto isakmp policy 10

access-list inside_nat0_outbound extended permit ip any 10.6.31.245 255.255.255.255

access-list SPLIT_DNS extended permit ip 10.0.0.0 255.0.0.0

nat (inside) 0 access-list inside_nat0_outbound

group-policy ASIA-xx internal

group-policy ASIA-xx attributes

dns-server value 10.6.1.245 10.6.1.246

vpn-tunnel-protocol IPSec

   ipsec-udp enable

   split-tunnel-policy tunnelspecified

   split-tunnel-network-list value SPLIT_DNS

tunnel-group ASIA-xx type ipsec-ra

tunnel-group ASIA-xx general-attributes

   address-pool Scott_VPN_Pool

   default-group-policy ASIA-CEO

tunnel-group ASIA-xx ipsec-attributes

   pre-shared-key xxxxx

username statham password xxxxxx

username statham attributes

vpn-group-policy ASIA-xx

thanks again for the support

cheers..

Hello,

I went quickly through your configuration.

1.

isakmp enable outside - i belive this command doesn't exist,

crypto isakmp enable outside - this should be enough

2.

you are specifiing default-group-policy ASIA-CEO,

but it is not at least at your configuration (ASIA-CEO group-policy)

3.

Also routing should be configured correctly.

Please rate helpful posts

Best Regards,

Eugene

Thank you very much Eugene, will test this and offcourse will rate this

many thanks

cheers..