My scenario is as such: Trusted <--> g0/0:IOS FIREWALL(HSRP&NAT):g0/1 <--> Extranet. I have inspect rules setup for the very basic inspection (udp/tcp). I have not changed any of the default settings for timeouts, etc. I have applied inbound acls to both interfaces. (See Extranet perimeter Configuration -- http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_implementation_design_guide09186a00800fd670.html)
When I apply an inbound inspection rule to the external interface for some reason all traffic sourced from the extranet is not granted access to the trusted network even though I have explicit permit statements in the ACLS allowing for specific tcp port access to services hosed in the trusted net. When I remove the inbound inspection rule from the extranet interface and leave the acl the traffic is allowed in?