I have not yet caught up to speed on ASA 8.3 changes and came across the below working ACL on an ASA running 8.3. The ACL is applied inbound to an Internet facing publicly addressed interface. At this point the destination IP in the packet will not be 192.168.0.41 but the ASA outside public IP. My understanding was that ACL's were processed firstly then NAT. The fact that this rule works implies things have changed?
access-list OUTSIDE_ACCESS_IN extended permit tcp any host 192.168.0.41 eq 54321
Regards,
Kent.