I have a global pat for a clients subnet to access the internet and a static nat for a specific host to host connection accross a site to site vpn. I recently added another static nat w/ access list and now the host can't access the internet. The client hits the static access-lists but it never hits the global pat for the internet. I have a pix 525 running 6.3.3 Any thoughts as to why this is happening? I cant reproduce this effect in the lab.
Ah yes. You bring back good memories doug :-)
You are running into bug CSCec63822. It was resolved in 6.3(3.136) and later. There is no workaround other than upgrading.
PS> Please don't foget to mork the issue resolved if it solves your problem so we can check this issue off the list.