just wondering:
here's my interfaces:
dmz: 10.10.0.1/16 inside:192.168.1.1/24
sh nat nat (dmz) 0 access-list no-nat nat (inside) 0 access-list no-nat
one subnet on the dmz interface has access to inside lan, and vice versa
do I need a nonat statement in both directions? e.g: access-list no-nat permit ip 10.10.15.0 5 255.255.255.0 192.168.1.0 255.255.255.0 access-list no-nat permit ip 192.168.1.0 255.255.255.0 10.10.15.0 255.255.255.0
cheers, m