So I found a fix....

You need to define and match on a standard wide open network and or host acl and then use the 'vpn-filter value' command to get granular on the standard one you created. If that doesn't make sense here's the config....

ASA# sh run | begin group-policy Company-ABC-WebVPN internal

group-policy Company-ABC-WebVPN internal

group-policy Company-ABC-WebVPN attributes

dns-server value 192.168.0.21 192.168.0.11

vpn-access-hours none

vpn-simultaneous-logins 10

vpn-filter value Company-ABC-Access-VPN-Network-List

vpn-tunnel-protocol webvpn

split-tunnel-policy tunnelspecified

split-tunnel-network-list value Company-ABC-NONSPECIFIC-Access-VPN-Network-List

address-pools value Remote-Access-VPN-Pool

webvpn

functions url-entry file-access file-entry file-browsing port-forward auto-download

url-list value Company-ABC

port-forward value Company-ABC-Access

port-forward-name value Application Access

svc enable

svc keep-installer installed

!

access-list Company-ABC-Access-VPN-Network-List remark Allow VPN Access to Demo-DMZ

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.145 eq 5802

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.145 eq 5902

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.145 eq 8080

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.145 eq ssh

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.147 eq 5802

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.147 eq 5902

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.147 eq 8080

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.147 eq ssh

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.148 eq 3389

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.131 eq 3389

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 1.1.1.135 eq 3389

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 192.168.0.11 eq domain

access-list Company-ABC-Access-VPN-Network-List extended permit tcp any host 192.168.0.21 eq domain

access-list Company-ABC-Access-VPN-Network-List extended permit udp any host 192.168.0.11 eq domain

access-list Company-ABC-Access-VPN-Network-List extended permit udp any host 192.168.0.21 eq domain

!

access-list Company-ABC-NONSPECIFIC-Access-VPN-Network-List remark Allow VPN Access to Demo-DMZ

access-list Company-ABC-NONSPECIFIC-Access-VPN-Network-List standard permit 1.1.1.128 255.255.255.224

access-list Company-ABC-NONSPECIFIC-Access-VPN-Network-List standard permit host 192.168.0.21

access-list Company-ABC-NONSPECIFIC-Access-VPN-Network-List standard permit host 192.168.0.11

!

thx,

scott