we have a direct connection to another agency from an interface on our 5520 to their firewall. a user on their side needs access to a server on our inside network. We have an IP ANY ANY access rule for this interface. I've created a static NAT for the server they need to connect to and gave them the NATed address. They tried and said it isn't working. Do I need to add a route for their IP to my inside network? Is there a good way to troubleshoot this issue? I haven't used captures enough to really know how to analyze what I'm seeing.