Is it possible that you will implement a ip nat inside or ip nat outside on the interface and at the same time implement a ip access-group 5 in/out in the same interface.
I try this configuration implement a static and dynamic NAT. but when i try to include a more specific acl that aren't included in the translation i always can't go thru. e.g
ip address 192.168.1.1/24
ip nat outside
ip access-group 200 in
ip address 172.16.1.1/24
ip nat inside
access-list 5 deny 172.16.1.2
access-list 5 permit 172.16.0.0 0.0.0.255
ip nat pool limit 192.168.1.1 192.168.1.20 netmask 255.255.255.0
ip nat inside source list 1 pool limit
ip nat inside source static 172.16.1.2 192.168.1.2
access-list 200 permit tcp 10.10.10.10 eq 22 192.168.1.10 eq 22
after i apply this on the interface, the internet connection of other translation have blocked to the outside.