Hi Suraj,
Thanks for dedication. I tried moving the policy up . but it was not successful.
i found that issue was in proxy arp since they were in the same nertwork. Since everytime the IP was increasing form /24 subnet.
Meaning, when i get IP 192..168.1.1 from pool it starts working. but after reconnecting again, i get the IP .2 from the pool and again the protected resource are not reaching.
What is did, i made a very specif pool of 192.168.1.0/30 so that the only IP's i get from the pool are .1 and .2 and then specifically permitted proxy arp from .1 and .2 in the security nat. For since then things are working fine with my customer.
somehow i closed the ticket with my customer that is why i cannot do anything at the moment untill customer opens new ticket for any issue.
PLeae let me know more clarification is required.