I have a bit of an interesting question that I would like some help with.

I am currently using an ASA 5505 running 9.2.1 as my edge device with a Cisco 2920 router on the inside acting as a tunnel endpoint for a 6in4 tunnel to Hurricane Electric.  I have a single static IPv4 address from my ISP assigned to the outside interface of my ASA, and a full /48 address space from HE.  My ASA is currently forwarding protocol 41 traffic to the router to perform this.  Everything is working fine so far, both IPv4 and IPv6 traffic are routing to the Internet just fine.  I have a number of port address translations (PAT) defined on the ASA to forward traffic to certain servers (SMTP, WWW, etc.) using IPv4 NAT rules.  All inside hosts are dual stack enabled using private 10.x.x.x/24 addresses and IPv6 addresses from my /48 (I actually subnetted it to several /64 networks).

I just bought a Cisco 3825 and I want to use that as my edge device (move the 6in4 tunnel to this device, decommission the 2920, put the ASA behind the 3825).  I am trying to figure out what changes I will need to make to allow my IPv4 translations to continue to work without them conflicting with my IPv6 addresses.  To put it another way, my rules translate a port of the full outside interface of the ASA to an inside address (i.e. all incoming traffic on TCP 25 goes to my email server).  How do I make this keep working in the new topology without effecting IPv6 addresses not assigned to my email server (i.e. allow+send TCP 25 traffic directed to the IPv6 address assigned to my email server, without also affecting anything to do with TCP 25 of other IPv6 addresses on the inside)??

Thanks in advance for any help!