So, I was doing some testing this weekend, and I had noticed something that I wanted someone to verify my findings. In an ASA, if I create an acl and policy nat, it seems that it's two directions.
access-list NONAT permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
nat (inside) 0 access-list NONAT
From the 192.168.3.0 subnet, I could ping something in the 192.168.1.0 subnet, and the same in reverse. I would've thought that I needed to create a 192.168.3.0 -> 192.168.1.0 ace, but that wasn't the case. Does that seem right?