Since you are using DHCP to assign IP to your internal subnet, maybe it is a good idea to configure a different subnet for your internal ASA network, so it doesn't overlap with home network as home network is very often by default in 192.168.0.0/24 subnet.

I agree with you, but due to the nature of our set up I'm leaning toward having the remote Mac users (only a handful of people) change their home set up. The reason being is our 192.168.0.0/23 network gives out DHCP for the 192.168.0.X portion of addresses, but we have a lot of devices with static IPs on the 192.168.1.X portion. Thank you for your suggestion though. If we ever get a large surge in remote Mac users we'll have to figure things out haha.

To answer your other questions:

The Mac I am using for testing is connected on a remote network via wireless.

Here is the output of the show cry command as you directed:

ciscoasa# show cry ipsec sa peer 72.***.***.56

peer address: 72.***.***.56

    Crypto map tag: dynmap, seq num: 1, local addr: 98.***.***.57

      local ident (addr/mask/prot/port): (192.168.0.0/255.255.254.0/0/0)

      remote ident (addr/mask/prot/port): (192.168.5.35/255.255.255.255/0/0)

      current_peer: 72.***.***.56, username: R*********k

      dynamic allocated peer ip: 192.168.5.35

      #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0

      #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

      #pkts compressed: 0, #pkts decompressed: 0

      #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0

      #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0

      #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0

      #send errors: 0, #recv errors: 0

      local crypto endpt.: 98.***.***.57/4500, remote crypto endpt.: 72.***.***.56/4500

      path mtu 1500, ipsec overhead 66, media mtu 1500

      current outbound spi: 062A311E

      current inbound spi : 02C48356

    inbound esp sas:

      spi: 0x02C48356 (46433110)

         transform: esp-3des esp-md5-hmac no compression

         in use settings ={RA, Tunnel,  NAT-T-Encaps, }

         slot: 0, conn_id: 2334720, crypto-map: dynmap

         sa timing: remaining key lifetime (sec): 3514

         IV size: 8 bytes

         replay detection support: Y

         Anti replay bitmap:

          0x00000000 0x00000001

    outbound esp sas:

      spi: 0x062A311E (103428382)

         transform: esp-3des esp-md5-hmac no compression

         in use settings ={RA, Tunnel,  NAT-T-Encaps, }

         slot: 0, conn_id: 2334720, crypto-map: dynmap

         sa timing: remaining key lifetime (sec): 3513

         IV size: 8 bytes

         replay detection support: Y

         Anti replay bitmap:

          0x00000000 0x00000001

Has anyone played about with inserting static routes when the mac is connected to the vpn to resolve this issue or tested with another mac vpn client

We have a customer with servers in the 192.168.1.0 range and this will conflict every time their end users are in a public internet zone. They would be reluctact to change their server IPs. I can't see many other options for them.