I did bind the cert to the outside and configure it in the vpn setup.

I will get the config tomorrow. thanks

Here is the config. One thing that is odd about their network is that the inside interface of the cable modem/router is a 10. network and their internal network with servers, etc is 192. I don't understand why they have is set up that way. 

The default route points to the inside:

route inside 0.0.0.0 0.0.0.0 10.1.10.1 1

With that setup, the ASA will not know how to return the request to a public client coming in to the outside interface. The only outside network the ASA will know about is the directly connected one defined in the interface configuration:

interface Vlan2
 nameif outside
 security-level 0
 ip address x.x.x.30 255.255.255.248

Normally we set the upstream router connected to the outside interface as the gateway for our default route.

If the inside includes multiple 10.x.x.x networks, then just make it 10.0.0.0 255.0.0.0 (/8) to include them all. If you need 192.168.x.x networks, add them too as route on the inside.

Also, if your local pool addresses for the VPN clients is anything other than the subnet servicing VLAN 1, make sure your inside router has a route to it via the ASA inside interface.

10.1.10.1 is the inside interface of the Comcast cable modem /router. That shouldn't be the gateway in the default route?

Thanks

That doesn't make sense to me.

Why would the cable modem be on the inside? A VPN terminates on the outside (as confirmed by:

ssl trust-point ASDM_TrustPoint0 outside

...and remote clients are upstream from the outside interface.

Anyone coming in from a remote location (random public IP) would need to have their return traffic routed to them via the default route.

The cable modem a SMC Comcast Business Gateway. They do have a block of 5 static IPs. I have called Comcast three times and they assure me the gateway is not blocking any traffic, that it is just pass through. I can't see how that is possible because the inside interface is a private IP.... 

This whole setup is confusing because I have just set this up when the firewall is actually the first device connected to the Internet. 

Can you draw a simple block diagram of how it's all connected?

999 times out of 1000 the setup is something like:

Internal LAN <--> ASA inside interface |_ASA_| ASA Outside interface <-->

...ISP (or customer) router <--> Internet <--> remote users

...so the Comcast cable modem would be the ISP router in this case.

Currently this is what they have;

Internet  <-> SMC Router <-> Linksys Router <-> Internal LAN

The Linksys router is there because it has dual WAN ports and can fail over if the primary Internet dies. 

The SMC router has a 10.1.10 address, don't know why but I think thats the default. 

The Linksys router has a 10.1.10 address connected to the SMC. Then It has a 192.168.1 address connected to the internal LAN. 

I am trying to connect the ASA to the SMC with a 10.1.10 address. 

So back to my initial reply - if the outside is 10.1.10.x then your default route should read:

route outside 0.0.0.0 0.0.0.0 10.1.10.1

..meaning the default route is on a gateway (the SMC router?) connected to the outside interface of the ASA.

However your attached configuration indicates you are using the .30 host address on the outside interface with a /29 subnet mask. That network would include hosts .24-.31 (not the .1 address of your gateway).

Also, the SMC must be doing some NATting and allowing inbound-initiated connections. Have you validated that?