ahh interesting its not able to ping that so thats part of the issue then. Do you know that the source interface the default ping is using? Or how to find that out? We don't have any routes in the default routing table so I'm wondering which interface is it using to ping when given the VRF MGMT command

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.13, timeout is 2 seconds:
Packet sent with a source address of X.X.X.X 
.....
Success rate is 0 percent (0/5)

interface Vlan54
 ip vrf forwarding MGMT
 ip address X.X.X.X X.X.X.X
end

#ping vrf MGMT 192.168.12.13

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
Adcom3750X-CE1#

If should use the routing table for VRF MGMT when you ping with source vlan 54. 

 how many interfaces do you have under VRF MGMT? 

We got quite a few under that vrf. Loopback 1 is our mgmt ip for the device and  vlan54 is directly into the firewall. From the firewall i've ran the packet tracer and its all allowed from the switch to ise. Kinda stomped on whats going on. 

                                                                    Lo1                    
                                                                   Vl51
                                                                   Vl55
                                                                   Vl60
                                                                   Vl63
                                                                   Vl301
                                                                   Vl54
                                                                   Vl35

If you ping and source all  this interface one by one ?  The one the ping succeed might be the one the switching is using

 My suspicion is  the loopback interface

I've tested them all and put them as the source interface. It feels like the command under the group of ISE servers doesn't do it. I've tried the command in both locations

Am I wrong or only the vlan 54 does not ping? 

If you try to add another interface on the TACACS config?

Sorry there was output above it. The vlan 35 does NOT ping the ise server. 

Sorry what do you mean add another interface in the tacas config? 

For example, try to send using the Loopback1

!
aaa group server tacacs+ ISE_TACACS
 server 192.168.12.13
 server 192.168.12.14
 ip vrf forwarding MGMT
 ip tacacs source-interface Loopback1
!

WOOT WOOT that worked!! thank you! Now the issue is im getting command authorization failed. Could I just temporary add in the same credentials I have to my AD store and see if that gets it working? 

This line here:

aaa authorization commands 15 default group ISE_TACACS if-authenticated 

Should allow you.

 LFG thank you @Flavio Miranda and @MHM Cisco World  for the help!!!!