I have two sites UK/France that terminate on my ASA5510. They need access to our webservers in the DMZ. My configuration for the sites on my ASA are as follows:
access-list No-NAT-DMZ extended permit ip 172.16.110.0 255.255.255.0 object-group UK-Networks (192.168.0.0/24)
access-list No-NAT-DMZ extended permit ip 172.16.110.0 255.255.255.0 object-group France-Networks (192.168.10.0/24)
access-list DMZ extended permit ip host iis-public-in01 object-group UK-Networks
access-list DMZ_access_out extended permit ip object-group UK-Networks host iis-public-in01
I'm not sure if my European counterparts have changed their settings as this has worked before. Now, they cannot see our webservers.