I am trying to get a DMZ setup on my ASA 5510. The only device that will reside in this DMZ is a VPN device that will be accessed both by my internal hosts and by an external vendor. I configured a dedicated interface on the ASA for this DMZ. I created a static that maps the DMZ IP address on the device to a valid external address. The access lists that I have created allow access from all internal networks and from a specified external host to this host in the DMZ. BTW, the DMZ interface is named AGF_VPN, and the interfaces on the device are named AGF_Contivity100_int and AVF_Contivity_ext. Testing with the ASDM packet tracer show that internal and external hosts are able to access the device in the DMZ without without any issues. However, the host in the DMZ is unable to initiate connections to hosts on the internal or external network. I think that mabye my NAT and ACLs are a bit screwed up. Can anyone provide any advice to straighten this out? Any help that can be provide will be much appreciated. Thanks.