Okay here it is.
I want to let port 80 traffic from the DMZ to my inside net but not the the outside.
Outside 134.186.1.0/24
inside 134.186.2.0/24
dmz 134.186.3.0/24
Here what I think I should do:
static (dmz,outside) 134.186.1.0 134.186.1.0
static (inside,dmz) 134.186.2.0 134.186.2.0
access-list acl_dmz permit tcp any host 134.186.2.0 255.255.255.0 eq 80
access-group acl_dmz in interface dmz
Does this only let port 80 traffic to my inside and deny all the rest? If not, where did I go wrong?
I just listed the networks to make the example easier.
Mike