If an ASA is in transparent mode can you still use access-lists? i.e. host A resides of interface 1 and has an IP of 220.127.116.11/24 and another host resides of interface 2 and has the IP 18.104.22.168/24 Can you restrict traffic to be permitted from 22.214.171.124 to 126.96.36.199 only with out allowing access to the rest of the 1.1.1.x network?
Simple answer, yes, use extended access lists to control traffic crossing the ASA. However, thats assuming your design is the normal 2 interface Transparent mode.
Since you using the Bridge / Transparent mode, your well aware that you are effectively designing a pass through "bump in the wire" L2 device. I'm also guessing that you are staying true to the "Stealth" design and only using the inside and outside interfaces, not additional interfaces like a traditional Routed DMZ design. To that point, your servers are on different sides of the FW? Your sample IP's would seem to state otherwise.
Important points form the below document.
- Each directly connected network must be on the same subnet.
- You must use an extended access list to allow Layer 3 traffic, such as IP traffic, through the security appliance.
You can also optionally use an EtherType access list to allow non-IP traffic through.
Cisco Transparent ASA document: