For some reason, I can't type in the reply box.... Here's what I have... I've broke it down to the most basic of configs... 






interface VlanXXX
 description " DMZ"
 nameif web_dmz
 security-level 10
 ip address 172.16.XXX.1 255.255.255.0 


interface VlanXXX
 description "Conf Room WLAN"
 nameif ConfRoomWLAN
 security-level 4
 ip address 172.16.XXX.1 255.255.255.0 

interface VlanXXX
 nameif OUTSIDE
 security-level 0
 ip address 20X.XXX.XXX.3 255.255.255.0 

object-group network CITRIX_SERVERS
 network-object 20X.XXX.XXX.72 255.255.255.255
 network-object 20X.XXX.XXX.76 255.255.255.255


access-list out_acl extended permit tcp any object-group CITRIX_SERVERS eq 2598
access-list out_acl extended permit tcp any object-group CITRIX_SERVERS eq 27001
access-list out_acl extended permit tcp any object-group CITRIX_SERVERS eq citrix-ica
access-list out_acl extended permit tcp any object-group CITRIX_SERVERS eq www
access-list out_acl extended permit tcp any object-group CITRIX_SERVERS eq https

access-group out_acl in interface OUTSIDE


access-list web_dmz extended permit ip any any

access-group web_dmz in interface web_dmz


access-list ConfRoomWLAN_in extended permit ip any any

access-group ConfRoomWLAN_in in interface ConfRoomWLAN

static (web_dmz,OUTSIDE) 20X.XXX.XX.76 172.16.XXX.76 netmask 255.255.255.255 
static (web_dmz,ConfRoomWLAN) 172.16.XXX.0 172.16.XXX.0 netmask 255.255.255.0

nat (ConfRoomWLAN) 3 172.16.XXX.0 255.255.255.0
global (OUTSIDE) 3 20X.XXX.XXX.44


policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect skinny
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
  inspect smtp
  inspect http
  inspect dns maximum-length 512