To allow all the protocols:

object-group service TCP tcp

port-object eq telnet

port-object eq www

port-object eq ftp-data

port-object eq domain

port-object eq https

port-object eq ftp

port-object eq citrix-ica

port-object eq 3389

port-object eq 8080

port-object eq ssh

port-object eq 7070

port-object eq 6080

port-object eq rtsp

port-object eq 8200

port-object eq 2097

port-object eq 5012

port-object eq 990

object-group service UDP udp

port-object eq echo

port-object eq www

port-object eq domain

port-object eq isakmp

port-object eq 4500

port-object eq 10000

access-list 102 extended permit udp any any object-group UDP

access-list 102 extended permit tcp any any object-group TCP

access-list 102 extended permit esp any any

Regards,

Dharmesh Purohit

On your router you need an acl like so in your outside int acl

access-list 105 permit ahp host remote ip host local ip

access-list 105 permit esp host remote ip host local ip

access-list 105 permit udp host remote ip host local ip eq isakmp

access-list 105 permit udp host remote ip host local ip eq non500-isakmp

access-list 105 permit ip remote internal network 0.0.3.255 local internal network 0.0.7.255