Hi I’m really confused bt this statement “The access-list is always checked before NAT translation”
So if I have traffic coming into the asa on the outside interface with a public IP address destined for a server on my dmz who has a private IP address translated by nat to the outside public address would I permit traffic destined from anywhere as an example to the private ip address of my server NOT the NAT public address?
Thanks
Simon