I have an ASS5510 with 3 interfaces, External, Internal, and DMZ. I have configured a mail server in the DMZ and I can get to it from the external interface and from the internal interface.
External access is a simple NAT..
static (outside,dmz) 192.168.200.25 XX.YY.ZZ.52 netmask 255.255.255.255
static (dmz,outside) XX.YY.ZZ.52 192.168.200.25 netmask 255.255.255.255
Internal access is similar...
static (dmz,inside) 192.168.100.21 192.168.200.25 netmask 255.255.255.255
static (inside,dmz) 192.168.100.0 192.168.100.0 netmask 255.255.255.0
so users on the internal lan see the mail server as 192.168.100.21, and they can connect just fine.
The problem I have is that when VPN users connect with their 10.10.10.0 address, they cannot connect to 192.168.100.21, and the internal DNS points then to that rather than to the XX.YY.ZZ.52 address on the outside.
How can I get the VPM users to connect?
Of course I will tell you not to as I don't want you to lock yourself out. If anything would break, it would only be the vpn. Take a look at this similar post. Notice the similar acl's which define interesting traffic to be tunneled. I assume you have disconnected from the vpn and reconnected? Maybe a clear xlate. Try getting a log when you are trying to access the dmz server. Also, if you are trying to access dmz server by fqdn instead of ip, make sure it is resolving to 200. address.