I found the problem, the document I linked to has an error.
access-list Split_Tunnel_List standard permit 192.168.10.0 255.255.255.0
This is supposed to push what traffic to encrypt to the client, but it is the clients network that is listed. Once I discovered that I had the wrong network being sent to the client, the split tunnel started working. The correct ACL should be
access-list Split_Tunnel_List standard permit 10.10.10.0 255.255.255.0 which is the network of the ASA.
Once I got split tunneling working, it was a matter of getting the no nat working since there are more than 3 remote 800 routers using Ezvpn to connect to this ASA along with Cisco VPN clients.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...