We are trying to upgrade from 8.2 to 8.3 (or beyond) and want to know if with the changes to NAT do we need to convert all of our NAT rules for access from the DMZ to the internal network. We have some static NAT statements for both single IP's and subnets in addtion to Global NAT statements for NAT and no NAT o the DMZ interface. Can access between the networks be accomplished with ACL's only or do I still have to use NAT?
IF that's in place (though ACL is not required from higher security to lower - it's allowed by default) - AND there are no globals etc. affecting it AND your inside interface is at a higher security level than the DMZ - then no you don't need it. However, it doesn't hurt. As you note, it is really a "no nat" statement as written.