here is the config
interface Ethernet0
speed 100
duplex full
nameif outside
security-level 0
ip address a.a.a.a 255.255.255.0
interface Ethernet1
speed 100
duplex full
nameif inside
security-level 100
ip address b.b.b.b 255.255.255.0
interface Ethernet2
speed 100
duplex full
nameif dmz
security-level 50
ip address c.c.c.c 255.255.255.0
access-list acl-nat0 extended permit ip b.b.b.b 255.255.255.0 c.c.c.c 255.255.255.0
access-list acl-nat0 extended permit ip b.b.b.b 255.255.255.0 x.x.x.x 255.255.255.0
access-list acl-nat0 extended permit ip b.b.b.b 255.255.255.0 y.y.y.y 255.255.255.0
access-list acl-nat0 extended permit ip 192.168.1.0 255.255.255.0 b.b.b.b 255.255.255.0
access-list acl-nat0 extended permit ip b.b.b.b 255.255.255.0 192.168.1.0 255.255.255.0
access-list acl-dmz-nat0 extended permit ip c.c.c.c 255.255.255.0 x.x.x.x 255.255.255.0
access-list acl-dmz-nat0 extended permit ip c.c.c.c 255.255.255.0 y.y.y.y 255.255.255.0
access-list acl-dmz-nat0 extended permit ip c.c.c.c 255.255.255.0 192.168.1.0 255.255.255.0
access-list acl-dmz extended permit tcp host c.c.c10 y.y.y.y 255.255.255.0 eq smtp
access-list acl-dmz extended permit ip host c.c.c100 any
access-list acl-dmz extended permit ip c.c.c.c 255.255.255.0 x.x.x.x 255.255.255.0
access-list acl-dmz extended permit ip c.c.c.c 255.255.255.0 y.y.y.y 255.255.255.0
access-list acl-dmz extended permit ip c.c.c.c 255.255.255.0 b.b.b.b 255.255.255.0
access-list acl-dmz extended permit ip c.c.c.c 255.255.255.0 192.168.1.0 255.255.255.0
access-list acl-dmz extended permit tcp host c.c.c10 any eq smtp
access-list acl-dmz extended permit icmp any any
access-list acl-dmz extended permit tcp host c.c.c10 any eq 8443
access-list acl-dmz extended permit ip any any
access-list acl-outside extended permit tcp any host a.a.a.195 eq https
access-list acl-outside extended permit tcp any host a.a.a.195 eq www
access-list acl-outside extended permit tcp any host a.a.a.195 eq 8080
access-list acl-outside extended permit tcp any host a.a.a.195 eq smtp
access-list acl-outside extended permit tcp any host a.a.a.195 eq 8443
access-list acl-outside extended permit icmp any host a.a.a.195
access-list acl-outside extended permit tcp host a.a.a.195 any eq 8443
access-list acl-outside extended permit icmp any any
access-list acl-outside extended permit tcp host a.b.c.d host a.a.a.195 eq 9090
access-list acl-outside extended permit tcp host a.b.c.d host a.a.a.195 eq 3389
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list acl-nat0
nat (dmz) 0 access-list acl-dmz-nat0
nat (dmz) 1 c.c.c.c 255.255.255.0
static (inside,dmz) b.b.b.b b.b.b.b netmask 255.255.255.0
static (dmz,outside) a.a.a.195 c.c.c10 netmask 255.255.255.255 tcp 1000 1000
access-group acl-outside in interface outside
access-group acl-dmz in interface dmz
route outside 0.0.0.0 0.0.0.0 a.a.a.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
service-policy global_policy global
