I have the following network setup on my pix.
Interface 0 is internet --static ip
Interface 1 is internal 10.1.1.0 is regular computers.
vlan3 -- 10.1.3.0 is public internet
Also we have 2 dhcp scopes setup, one for each network
Its all working great except for one thing.
when someone is on the public I don't want them to be able to get to anything on the regular 10.1.1.x network.
I have attached my current running config.
Also this is a pix 515 running 804