I will first admit I'm not much of a Microsoft guy. However, I do have some experience working through similar scenarios from taking inbound calls.
One thng I've learned over the last couple years that may be the cause, when using the active directory, the group policies view the VPN connection is a "public connection" and not a "private connection". I've also heard you may need to make the policies aware of the different subnet as the request from the remote router is not of the same subnet of the AD LAN and therefore isn't trusted.
Of course, other things to check are the firewall settings and 3rd party security applications which block ICMP.
I hope this may help point to a right direction at all.
Just as a funny side story, I had one time it got to the point a customer is very frustrated, he unplugged his server box power and everything worked great until he plugged it back in.
-Of course I don't recommend doing that but it is an "interesting" test.
Please mark answered for helpful posts
Reboot and Factory Default Reset on ISA500 Series Integrated Security Appliances
Reboot or restart of the network device is made when certain changes in the settings need reboot or if the device is frozen. The configuration...
WAN Quality of Service (QoS) Policy Profiles Settings on ISA500 Series Integrated Security Appliances
Wide Area Network (WAN) Quality of Service (QoS) policy profiles manage traffic through classed-based profiles. These pro...
Cisco QuickVPN Installation Tips for Windows Operating Systems
For a video showing installation tips on Quick VPN, visit http://youtu.be/hHu2z6A78N8
Cisco QuickVPN is a free software designed for remote access to a ne...