I have a Cisco ASA 5510 firewall and I use ASA version 8.0(3) and ASDM version 6.1(1). I have a site-to-site vpn tunnel setup with one of our software vendors. The vpn tunnel is so that the vendor can remote into our server for support. The way the vpn tunnel is setup, the internal ip of the server is NAT'd to a private ip for communicating with the vendor. This static NAT is causing this machine to not be able to communicate over the internet since it is translated to that private ip going over the outside interface. I now have a server on the internet that I know the ip address for that this machine needs to be able to send files to over port 22. Can I add another NAT statement that says something like, when this internal server wants to communicate with this outside server (on port 22), then apply the default NAT statement which translate internal ip's to the outside ip (internet ip) of the firewall? Can this be done? Thanks!