Cisco Pix515 firewall configuration

I need to allow access thru a pix firewall from the inside interface to an ip address off the orange interface.  The address I need to permit access to is 198.133.252.202.  I need to allow ICMP and TCP traffic to this address for the 10.60.0.0 /16 LAN on the inside.

The relevant firewall config is below.  I am sure this is a simple(ish) change but am stuck.

nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet4 orange security10
access-list no_nat permit ip host 10.60.2.1 any
access-list no_nat permit icmp host 10.60.2.1 any
access-list no_nat permit ip 10.60.0.0 255.255.0.0 10.70.0.0 255.255.0.0
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.110
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.111
access-list no_nat permit ip 10.0.50.0 255.255.255.0 10.70.0.0 255.255.0.0
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.115
access-list no_nat permit ip 10.10.0.0 255.255.0.0 host 172.16.2.110
access-list no_nat permit ip 10.10.0.0 255.255.0.0 host 172.16.2.120
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.120
access-list no_nat permit ip 10.10.0.0 255.255.0.0 host 172.16.2.130
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.130
access-list no_nat permit ip 10.10.0.0 255.255.0.0 host 172.16.2.112
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.112
access-list no_nat permit ip any host 172.16.2.145
access-list no_nat permit ip any host 172.16.2.146
access-list no_nat permit ip any host 172.16.2.137
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.125
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.50
access-list no_nat permit ip any host 198.133.252.202
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.60
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.180
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.185
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.186
access-list no_nat permit ip 10.10.0.0 255.255.0.0 any
access-list no_nat permit ip any host 172.16.2.51
access-list no_nat permit ip any host 172.16.2.201
access-list no_nat permit ip any host 172.16.2.202
access-list no_nat permit ip any 172.18.2.0 255.255.255.0
access-list no_nat permit ip any host 172.16.2.203
access-list no_nat permit ip 10.0.50.0 255.255.255.0 172.18.2.0 255.255.255.0
access-list no_nat permit ip any any
access-list no_nat permit ip 10.60.0.0 255.255.0.0 host 172.16.2.147
access-list no_nat permit ip 192.168.0.0 255.255.0.0 host 172.16.2.147
access-list no_nat permit ip any 204.90.162.0 255.255.255.0
access-list no_nat permit ip any 198.133.252.0 255.255.255.0
access-list orange_in permit icmp any any
access-list orange_in permit ip any 10.70.0.0 255.255.0.0
access-list orange_in permit tcp any host 172.26.9.14 eq ftp
access-list orange_in permit icmp any host 172.26.9.14
access-list orange_in permit ip any host 172.16.2.140
access-list orange_in permit icmp any host 172.26.9.13
access-list orange_in permit ip any host 172.16.2.142
access-list orange_in permit tcp any host 172.26.9.13 eq www
access-list orange_in permit tcp any host 172.26.9.12 eq ftp
access-list orange_in permit tcp any host 172.26.9.11 eq ftp
access-list orange_in permit tcp any host 172.26.9.10 eq www
access-list orange_in permit tcp any host 172.26.9.8 eq www
ip address inside 10.60.1.4 255.255.0.0
ip address orange 172.26.9.4 255.255.255.240
global (outside) 1 interface
global (orange) 1 interface
nat (inside) 0 access-list no_nat
access-group orange_in in interface orange
route outside 0.0.0.0 0.0.0.0 66.66.66.6 1
route orange 198.133.252.0 255.255.255.0 172.26.9.1 1Start Free Trial