What interface is the PC in? You typed dmz but I gather that was a typo. If the PC is on the inside, then you just need a nat (inside)/global (dmz) pair. If the PC is on the outside, then you'll need a static and an ACL to get to it.
The PC is really in the dmz. Not a typo. If it were up to me this one pc would be moved to the inside but I don't have the option to do that. PCs on the outside and inside can hit the web server by IP just not the one pc that is in the dmz.
Try accessing the site by ip address from the dmz pc. If they are both in the dmz, they are almost assuredly in the same ip subnet. The problem is most likely a dns issue (meaning, the dns reply for the web server's hostname contains the external ip used for nat for the web server, not the RFC 1918 address the web server is using, as is the DMZ pc). If it is just one pc, I would probably make sure that the site is accessible via ip, and tell them to use that, or edit the local hosts file and statically code it.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...