Hi,
In firewall, you can do the following:
1. Mapped the server's IP (in DMZ) to the public IP of xxx.xx.30.110
static (dmz,outside) .....
2. Create ACL on outside interface, or add to the existing ACL. Make sure you do not put the entry after 'access-list deny ip any any' statement. This ACL should permit TCP-www access to the server.
3. For testing purposes, allow ICMP to the server so that you can verify it is reachable from internet.
Remove this once ping test is successful, or allow only trusted host to ping it.
4. Optional: make sure route to internet/internet router is defined correctly
route outside 0.0.0.0 0.0.0.0
Example:
access-list outside permit tcp any host xxx.xx.30.110 eq www
access-list outside permit icmp any host xxx.xx.30.110
access-list outside deny ip any any
static (dmz,outside) xxx.xx.30.110 192.168.254.110
access-group outside in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xx.30.y (xxx.xx.30.y = internet router)
HTH
AK