Port forward done, but inside network not able to ping outside

can anyone tell me is access-list problem or dynamic nat problem

and actually what is the different between PAT and NAT? and also dynamic nat / dynamic policy nat?

ASA5505(config)# sh run nat-control

no nat-control

ASA5505(config)# exit

ASA5505# config t

ASA5505(config)# nat ?

configure mode commands/options:

  (  Open parenthesis for the name of the network interface where the

     hosts/network designated by the local IP address are accessed

ASA5505(config)# exit

ASA5505# sh run

: Saved

:

ASA Version 8.2(5)

!

hostname ASA5505

enable password 0e53SZdxezxawxDG encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Ethernet0/0

description connect_to_internet

!

interface Ethernet0/1

description connect_to_webserver

switchport access vlan 2

!

interface Ethernet0/2

description connect_to_mail_server

switchport access vlan 2

!

interface Ethernet0/3

switchport access vlan 2

shutdown

!

interface Ethernet0/4

switchport access vlan 2

shutdown

!

interface Ethernet0/5

switchport access vlan 2

shutdown

!

interface Ethernet0/6

switchport access vlan 2

shutdown

!

interface Ethernet0/7

switchport access vlan 2

shutdown

!

interface Vlan1

nameif internet

security-level 0

ip address 103.247.1XX.XXX 255.255.255.252

!

interface Vlan2

nameif lan

security-level 100

ip address 192.168.18.254 255.255.255.0

!

banner exec ******************************************

banner exec

banner exec ASA5505

banner exec

banner exec

banner exec ******************************************

banner login ******************************************

banner login

banner login ASA5505

banner login

banner login

banner login ******************************************

ftp mode passive

clock timezone HKST 8

dns domain-lookup lan

dns server-group DefaultDNS

name-server 202.130.97.XX

name-server 202.130.97.XX

object-group service DM_INLINE_TCP_1 tcp

port-object eq 5900

port-object eq 8443

port-object eq www

port-object eq https

object-group service Webserver tcp

port-object eq 5900

port-object eq 8443

object-group service DM_INLINE_TCP_2 tcp

port-object eq pop3

port-object eq smtp

access-list internet_access_in extended permit icmp any any

access-list internet_access_in extended permit tcp any host 103.247.1XX.XXX object-group DM_INLINE_TCP_1

access-list internet_access_in extended permit tcp any host 103.247.1XX.XXX object-group DM_INLINE_TCP_2

pager lines 24

logging enable

logging asdm informational

mtu internet 1500

mtu lan 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

global (internet) 1 interface

nat (lan) 1 192.168.18.0 255.255.255.0

static (lan,internet) tcp interface www 192.168.18.168 www netmask 255.255.255.255

static (lan,internet) tcp interface https 192.168.18.168 https netmask 255.255.255.255

static (lan,internet) tcp interface 5900 192.168.18.168 5900 netmask 255.255.255.255

static (lan,internet) tcp interface 8443 192.168.18.168 8443 netmask 255.255.255.255

static (lan,internet) tcp interface smtp 192.168.18.128 smtp netmask 255.255.255.255

static (lan,internet) tcp interface pop3 192.168.18.128 pop3 netmask 255.255.255.255

access-group internet_access_in in interface internet

route internet 0.0.0.0 0.0.0.0 103.247.1XX.XXX 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

aaa authentication ssh console LOCAL

http server enable 444

http 192.168.18.0 255.255.255.0 internet

http 192.168.18.0 255.255.255.0 lan

http 0.0.0.0 0.0.0.0 internet

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

telnet 192.168.18.0 255.255.255.0 lan

telnet timeout 5

ssh 192.168.18.0 255.255.255.0 lan

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

webvpn

username itadmin password M5SKGxQcWvugHZqs encrypted

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect ip-options

  inspect netbios

  inspect rsh

  inspect rtsp

  inspect skinny

  inspect esmtp

  inspect sqlnet

  inspect sunrpc

  inspect tftp

  inspect sip

  inspect xdmcp

!

service-policy global_policy global

prompt hostname context

no call-home reporting anonymous

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:f384ba91ec911c771a8e98f6a953566e

: end

ASA5505#