I am trying to ping from the remote office router lan interface a public ip address.

I think with split tunneling i should be able to access the internet from the HQ.

Thank you.

Well there are a couple of things, that you need to ensure are happening:-

1) The remote end has a default route into the VPN tunnel

2) The default routing is not being natt'd into the VPN tunnel

3) At the HQ site you need to NAT the remote subnet IP on the outside interface

4) For ping to work you need to allow ICMP ech-reply on the outside of the HQ interface

5) DEBUG DEBUG DEBUG

Dear Sir,

I am using radio links for connectivity between the sites not the internet.Furtheremore the asa is not the internet gateway (no public ip assigned) the asa is serving only as a vpn concenrtrator passing internet traffic to a microsoft ISA server (on the ASA LAN interface) which is connected to the ISP ADSL modem.

ICMP is allowed.

Do the remote end have a default gateway of the ASA of the internal IP of the ISA server?

Can you ping the internal IP of the ISA server from the remote ends?

What devices are the VPN's terminated on at the remote ends?

The remote end has the ip address of the outside interface of the asa as default gateway.The ISA server policy does not allow pings but the internet traffic is allowed.Hosts in HQ have access to internet.The ISA server is connected to the the ADSL modem,(the isa server is on the LAN interface as well as internel users).

Thank you.

The default gateway pointing to the outside interface of the VPN termination interface is not a way I would do it. I would point the default gateway to the internal router on the HQ LAN that handles all the internal default routing.

What do you mean "The ISA server policy does not allow pings" ? does this mena you cannot even ping the LAN facing interface (inside) od the ISA server?

You really need to confirm connectivity from the remote ends into the HQ network before you start with the ISA server.