I'm bringing up a connection to a remote data center.  The data center is separated by an ASA5585x running software 9.3(1). Can access the remote servers just fine, but they can't communicate with our DNS server.  When they query, I see this in the ASA's logs:

[2015-01-02 14:56:58 GMT-08:00] (CONTEXT) 106007: Deny inbound UDP from 1.2.3.4/38583 to 5.6.7.8/53 due to DNS Query

1.2.3.4 is the IP of the server and 5.6.7.8 is the DNS server.  The traffic is permitted in the ACL, but when I run packet tracer, it shows denied.  I don't think this is an issue with DNS inspection, since other servers can talk to DNS just fine.  Manual says this:

Explanation    This is a connection-related message. This message is displayed if a UDP packet containing a DNS query or response is denied.

Recommended Action    If the inside port number is 53, the inside host probably is set up as a caching name server. Add an access-list command statement to permit traffic on UDP port 53 and a translation entry for the inside host. If the outside port number is 53, a DNS server was probably too slow to respond, and the query was answered by another server.

I don't understand why I'd need a translation entry.  The client and server are both on two different internal interfaces and NAT is not applicable.