Please don't post binary files in text newsgroups.
And as best I recall, I don't have access to a visio viewer.
You don't need 500 TCP, just 500 UDP.
You don't need 10000 TCP or UDP: that was for an old VPN passthrough that is not supported on the PIX 501.
You don't need 4500 TCP, just 4500 UDP, and that only if you have isakmp nat-traversal configured on the 501.
You don't need 50 or 51 TCP. No VPN that I know of uses TCP 50 or TCP 51. The ESP protocol used by IPSec is IP Protocol 50, and the AH protocol used by IPSec is IP Protocol 51, but those numbers are IP Protocol numbers, exactly the same way that TCP is IP Protocol 6 and UDP is IP Protocol 17. And most consumer devices and ADSL modems do not allow configuring forwarding by IP Protocol, only by TCP or UDP port. However, if your endpoint for the VPN tunnel is the PIX, and you have isakmp nat-traversal configured, then as long as UDP 500 and UDP 4500 can get through the ADSL model to the PIX, the PIX should be able to work around the lack of direct ESP or AH packets (it will encapsulate the packets in UDP 4500.)
It isn't clear to me at which device you did the mapping. The mappings noted would have to be done at the ADSL model level if anywhere: you don't need them on the PIX if your security gateway is the PIX and you are using the Cisco client to connect to the PIX in order to access the server resources. But you -do- need to either permit the RDP etc. ports through the PIX outside interface, or else configure sysopt connection permit-ipsec to permit the VPN connections to go anywhere inside without ACL controls.