I have tried several different methods and have pretty much spent all of the morning trying to get simple ping to work through my emulate ASA 8.0. I'm just about to give up on this cause from all the documentation i have seen, it should be able to ping any IP address on the other side of the ASA (outside interface). Simply put... I'm trying to ping from my MSloopback-Cloud connected Interface- through my ASA to any ip address on the other side successfully. What i DO see is the destination nodes seeing the PING request, and sends an echo-reply to the NATTED IP. I even see the ASA translating the NAT address successfully. What seems to be happening is when the echo-request gets back to the ASA, it drops it for some unknown reason. I have added ACL's to allow ping to get through, i have also setup ICMP inspection. Still nothing. I have setup a route on the MSloopback interface to point to the internal interface of the ASA to get to these destinations. Again.. i believe routing is not the issue, but the ASA since i can see the packet make it all the way to the destination interface ( an interface on a router).

Included is my diagram and the ASA/CORPR1/ISP and gns3.net config.
OH! also i have ospf process running on the ASA.

Thanks for any help..

------------
ASA project .net config

autostart = False
[qemu localhost:10525]
workingdir = ASA1_LAB_working
udp = 20000
qemupath = C:\Program Files (x86)\GNS3\qemu.exe
qemuimgpath = C:\Program Files (x86)\GNS3\qemu-img.exe
[[5520]]
kernel = C:\Program Files (x86)\GNS3\asa_downloaded\ASA802-k8\asa802-k8.kernel
netcard = e1000
ram = 256
kernel_cmdline = auto console=ttyS0,9600 bigphysarea=16384 ide1=noprobe -vnc :1
initrd = C:\Program Files (x86)\GNS3\asa_downloaded\ASA802-k8\asa802-k8.initrd.gz
options = -hda FLASH -hdachs 980,16,32
[[525]]
netcard = e1000
key = 0x5236f5a7,0x97def6da,0x732a91f5,0xf5deef57
image = C:\Users\hshaw\Documents\Networking\bin\Unpack-0.1_win\Unpack\asa725-k8.bin.unpacked
options = -nographic
serial = 0x301D10D9
[[FW PIX1]]
x = 436.0
y = -22.0
[[ASA ASA]]
e0 = CorpR1 f0/0
e1 = R2Switch f1/1
x = -308.0
y = -136.0
[localhost:7201]
workingdir = ASA1_LAB_working
udp = 11100
[[3660]]
image = C:\Users\hshaw\Documents\Networking\bin\c3660-jk9s-mz.124-17b.bin
idlepc = 0x60559f10
ghostios = True
sparsemem = True
chassis = 3660
[[ROUTER R5SWITCH]]
model = 3660
console = 2007
cnfg = ASA1_LAB_configs\R5SWITCH.cfg
slot1 = NM-16ESW
f1/0 = R4REMOTE f0/0
x = 344.0
y = 94.0
hx = -2.5
hy = -27.0
[localhost:7200]
workingdir = ASA1_LAB_working
udp = 11000
[[3660]]
image = C:\Users\hshaw\Documents\Networking\bin\c3660-jk9s-mz.124-17b.bin
idlepc = 0x60559f10
sparsemem = True
chassis = 3660
[[2691]]
image = C:\Users\hshaw\Documents\Networking\bin\c2691-adventerprisek9-mz.124-17b.bin
idlepc = 0x62321984
sparsemem = True
[[ROUTER R4REMOTE]]
model = 3660
ghostios = True
console = 2005
cnfg = ASA1_LAB_configs\R4REMOTE.cfg
f0/0 = R5SWITCH f1/0
slot1 = NM-4T
s1/0 = ISP s1/1
slot2 = NM-1FE-TX
x = 355.0
y = -132.0
hx = -2.5
hy = -26.0
[[ROUTER ISP]]
model = 3660
ghostios = True
console = 2004
cnfg = ASA1_LAB_configs\ISP.cfg
slot1 = NM-4T
s1/0 = CorpR1 s0/0
s1/1 = R4REMOTE s1/0
x = 127.0
y = -140.0
[[ROUTER R2Switch]]
model = 3660
console = 2002
cnfg = ASA1_LAB_configs\R2Switch.cfg
slot1 = NM-16ESW
f1/1 = ASA e1
f1/15 = nio_gen_eth:\device\npf_{9d70eab5-4abe-4633-81e2-fb984be060e4}
x = -238.0
y = 49.0
hx = 2.5
hy = -27.0
[[ROUTER CorpR1]]
model = 2691
console = 2003
cnfg = ASA1_LAB_configs\CorpR1.cfg
wic0/0 = WIC-1T
s0/0 = ISP s1/0
f0/0 = ASA e0
slot1 = NM-1FE-TX
x = -139.0
y = -141.0
hx = 5.5
hy = -26.0
[GNS3-DATA]
configs = ASA1_LAB_configs
workdir = ASA1_LAB_working
[[Cloud C1]]
x = -412.5
y = 172.0
connections = R2Switch:f1/15:nio_gen_eth:\device\npf_{9d70eab5-4abe-4633-81e2-fb984be060e4}


---------------------------------------------
ASA config:

ASA Version 8.0(2)
!
hostname ASA
domain-name xytek.org
enable password M3XXis0.trnaANGc encrypted
names
!
interface Ethernet0/0
nameif outside
security-level 0
ip address 10.0.0.2 255.255.255.252
!
interface Ethernet0/1
description INSIDE_Interface
speed 100
nameif inside
security-level 100
ip address 192.168.50.4 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/4
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/5
shutdown
no nameif
no security-level
no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot config disk0:/startup-config
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns server-group DefaultDNS
domain-name xytek.org
same-security-traffic permit intra-interface
access-list OUTSIDE_IN_ACL extended permit icmp any any echo-reply
access-list inside_access_in extended permit icmp any any echo-reply
pager lines 24
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
asdm image disk0:/asdm-631.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 101 172.16.100.1-172.16.100.20 netmask 255.255.255.0
nat (inside) 101 0.0.0.0 0.0.0.0
access-group inside_access_in in interface inside
access-group OUTSIDE_IN_ACL in interface outside
!
router ospf 1
router-id 2.2.2.2
network 10.0.0.2 255.255.255.255 area 0
area 0
log-adj-changes
!
route outside 0.0.0.0 0.0.0.0 10.0.0.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.50.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect icmp
!
username hshaw password cA2V0ye0XQCmEC9h encrypted privilege 15
prompt hostname context
Cryptochecksum:aa785c7b3fc8485a60eaa2980e517a6c
:end

------------------------
CorpR1 config (outside facing router, connected to my "ISP" router)

CorpR1#sh run
Building configuration...

Current configuration : 1220 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CorpR1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description XCONN to ASA1 (outside)
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
!
interface Serial0/0
description XCONN to ISP
ip address 10.1.0.1 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.0.0.1 0.0.0.0 area 0
network 10.1.0.1 0.0.0.0 area 0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.1.0.2
ip route 172.16.100.0 255.255.255.0 10.0.0.2
!
!
ip http server
no ip http secure-server
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

-------------------------
"ISP" config (my emulated ISP router)

Current configuration : 1106 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
description XCONN to CORPR1
ip address 10.1.0.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
description XCONN to R4REMOTE
ip address 172.16.32.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 10.1.0.2 0.0.0.0 area 0
network 172.16.32.1 0.0.0.0 area 0
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

Well after MANY hours of plowing my way through wed docs, and cisco guides, i finally stumbled across a simple straightforward doc that described what i needed to do. I think at the time i posted the original lab, i had gone through so many iterations that i confused my self.
I created another lab, much simpler, leaving out ospf and making layer2 switches instead of the 3600 routers with the switch modules built in.
I finally got pinging through BOTH ASA's working well. That was a huge step considering all i wanted to do was verify connectivity from end to end before going forward building site to site VPN's and setting up access-lists.