I configure my ASA 5520 using the command line, but I keep an https:// session open so I can use the packet tracer in order to perform virtual tests. Great.
So I check to see if my configuration will pass a simple http request from inside to outside (as allowed by my inside ACL). Sure enough, the packet tracer says packet will pass.
I wire in the firewall. I can ping the inside router from it. I can ping our ISP's router on the outside. It's definitely wired into the network. I try to pass an http request. The hitcount increments on the correct ACL entry.
But it doesn't work. And I'm not sure even what to look for at this point.