Hello all,

I am using cisco ASA 5515 with 9.2 image, I have to nat need to be implemented: 

first nat form inside interface to outside (For accessing internet from LAN), i am using PAT with outside interface ip (private ip given by service provider) this working perfect.

the next nat is for server in DMZ, i use STATIC nat (server must access internet and also must be accessible from internet in specific port), I saw hits in NAT and ACL but server donot working,

below are command used:

interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 10.100.10.2 255.255.255.0 (private ip given by ISP)
!
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 192.168.200.1 255.255.255.0 (LAN subnet)
!
interface GigabitEthernet0/2
nameif dmz
security-level 50
ip address 10.10.20.1 255.255.255.0 (dmz gateway)
!

object network inside_lan
subnet 192.168.200.0 255.255.255.0
object network public-ip (public IP given by ISP to use for server)
host X.X.X.X
object network server
host 10.10.20.100
!
access-list dmz-server extended permit tcp any host 10.10.20.100 eq ssh
access-list dmz-server extended permit ip host 10.10.20.100 any
access-list dmz-server extended permit ip 192.168.200.0 255.255.255.0 any
access-list dmz-server extended permit ip host X.X.X.X any
access-list dmz-server extended permit ip host 10.10.20.100 any
!
nat (inside,outside) source dynamic inside_lan interface
!

object network server
nat (dmz,outside) static public-ip
access-group dmz-server in interface outside
access-group dmz-server in interface dmz

route outside 0.0.0.0 0.0.0.0 10.100.10.1 1

show nat detail
Manual NAT Policies (Section 1)
1 (inside) to (outside) source dynamic inside_lan interface
translate_hits = 74641, untranslate_hits = 367
Source - Origin: 192.168.200.0/24, Translated: 10.100.10.2/24
2 (dmz) to (outside) source static server public-ip
translate_hits = 192, untranslate_hits = 0
Source - Origin: 10.10.20.100/32, Translated: X.X.X.X/32

Note: also I have hits in ACL line

access-list dmz-server extended permit ip host 10.10.20.100 any

but no hits from outside to server

please help me what is the issue?

Thanks in advance