We have an internal VLAN that we wish to have ACLs to allow https traffic for when applications need the access to perform upgrades. If we try to setup NAT it wont let us use port 443 because it is in use with VPN and SSL. The ACLs dont seem to have any effect on the traffic, though the packet tracer shows that the 443 from the outside doesnt make it past the ACL rules. I have attached the complete configuration (IPs have been replaced with letters) so that anyone may review and add any comments. 

We have been using curl as a test for this. This should return a header from the site, but instead just hangs:

# curl -Is https://support.cisco.com

#  show asp table socket                               

Protocol  Socket    State      Local Address                                Foreign Address

SSL       00003148  LISTEN     :443                              0.0.0.0:*                                    

SSL       00005a08  LISTEN     :443                             0.0.0.0:*                                    

SSL       00006738  LISTEN     :443                               0.0.0.0:*                                    

SSL       00009138  LISTEN     :443                               0.0.0.0:*                                    

SSL       0000a6a8  LISTEN     :443                               0.0.0.0:*