Seem to be having an issue with a firewall I've inherited asa5520
some http downloads seem to be timing out, as well as some websites. When I bypass the ASA no problem.
also have a couple statements and I'm not sure as to why?
outside a.a.a.a
inside b.b.b.b
dmz c.c.c.c
dmz2 d.d.d.d
global (outside) 1 a.a.a.3-a.a.a.98 netmask 255.255.255.0
global (outside) 1 a.a.a.100-a.a.a.200 netmask 255.255.255.0
global (DMZ) 1 c.c.c.80-c.c.c.250 netmask 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0 dns
nat (DMZ) 1 c.c.c.0 255.255.255.0 dns
static (inside,outside) tcp interface 2300 b.b.b.32 2300 netmask 255.255.255.255
static (DMZ,outside) a.a.a.252 c.c.c.1 netmask 255.255.255.255
static (DMZ,outside) a.a.a.240 c.c.c.3 netmask 255.255.255.255 dns
static (DMZ,outside) a.a.a.243 c.c.c.8 netmask 255.255.255.255
static (DMZ,outside) Mail IronPort_DMZ netmask 255.255.255.255
static (inside,outside) a.a.a.247 b.b.b.74 netmask 255.255.255.255
static (inside,outside) c.c.c.c b.b.b.b netmask 255.255.255.255
static (inside,outside) a.a.a.99 b.b.b.98 netmask 255.255.255.255
static (inside,DMZ) b.0.0.0 b.0.0.0 netmask 255.0.0.0
static (inside,DMZ2) b.0.0.0 b.0.0.0 netmask 255.0.0.0
access-group acl_out in interface outside
access-group acl_dmz in interface DMZ
access-group DMZ2_access_in in interface DMZ2
route outside 0.0.0.0 0.0.0.0 a.a.a.1 1
route DMZ2 d.d.d.0 255.255.255.0 e.e.e.253 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:b:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:b:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute