Seem to be having an issue with a firewall I've inherited asa5520

some http downloads seem to be timing out, as well as some websites. When I bypass the ASA no problem.

also have a couple statements and I'm not sure as to why?

outside a.a.a.a

inside b.b.b.b

dmz c.c.c.c

dmz2 d.d.d.d

global (outside) 1 a.a.a.3-a.a.a.98 netmask 255.255.255.0

global (outside) 1 a.a.a.100-a.a.a.200 netmask 255.255.255.0

global (DMZ) 1 c.c.c.80-c.c.c.250 netmask 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0 dns

nat (DMZ) 1 c.c.c.0 255.255.255.0 dns

static (inside,outside) tcp interface 2300 b.b.b.32 2300 netmask 255.255.255.255

static (DMZ,outside) a.a.a.252 c.c.c.1 netmask 255.255.255.255

static (DMZ,outside) a.a.a.240 c.c.c.3 netmask 255.255.255.255 dns

static (DMZ,outside) a.a.a.243 c.c.c.8 netmask 255.255.255.255

static (DMZ,outside) Mail IronPort_DMZ netmask 255.255.255.255

static (inside,outside) a.a.a.247 b.b.b.74 netmask 255.255.255.255

static (inside,outside) c.c.c.c b.b.b.b netmask 255.255.255.255

static (inside,outside) a.a.a.99 b.b.b.98 netmask 255.255.255.255

static (inside,DMZ) b.0.0.0 b.0.0.0 netmask 255.0.0.0

static (inside,DMZ2) b.0.0.0 b.0.0.0 netmask 255.0.0.0

access-group acl_out in interface outside

access-group acl_dmz in interface DMZ

access-group DMZ2_access_in in interface DMZ2

route outside 0.0.0.0 0.0.0.0 a.a.a.1 1

route DMZ2 d.d.d.0 255.255.255.0 e.e.e.253 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:b:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:b:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute