Implementing email, webserver and DNS in a DMZ, cannot ping from DMZ and inside to natted IP and outside interface

I am implementing a DNS, a webserver and an email server in a DMZ. I mounted those services on a windows 2008 standard but my NS does not recognize external IP. I assume because i cannot ping form DMZ/inside to outside interface or natted IP. Someone can help. Here's my configuration:

 

: Saved
:
ASA Version 8.2(1)
!
hostname ASAFCHFW
domain-name farmaciachavez.com.bo
enable password 6Jfo5anznhoG00fM encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
 nameif Outside
 security-level 0
 ip address 200.87.226.123 255.255.255.248
!
interface Ethernet0/1
 nameif Branch_Office
 security-level 100
 ip address 192.168.2.1 255.255.255.0
!
interface Ethernet0/2
 nameif DMZ
 security-level 10
 ip address 172.16.31.1 255.255.255.0
!
interface Ethernet0/3
 nameif Inside
 security-level 100
 ip address 192.168.0.2 255.255.255.0
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
!
boot system disk0:/asa821-k8.bin
ftp mode passive
dns server-group DefaultDNS
 domain-name farmaciachavez.com.bo
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network POSLINKSER
 network-object host 192.168.41.101
 network-object host 192.168.41.102
 network-object host 192.168.41.103
 network-object host 192.168.41.104
 network-object host 192.168.41.105
 network-object host 192.168.41.106
 network-object host 192.168.27.101
 network-object host 192.168.27.102
 network-object host 192.168.27.103
 network-object host 192.168.27.104
 network-object host 192.168.27.105
 network-object host 192.168.27.106
 network-object host 192.168.42.101
 network-object host 192.168.42.102
 network-object host 192.168.42.103
 network-object host 192.168.42.104
 network-object host 192.168.42.105
 network-object host 192.168.42.106
 network-object host 192.168.23.101
 network-object host 192.168.23.102
 network-object host 192.168.23.103
 network-object host 192.168.23.104
 network-object host 192.168.23.105
 network-object host 192.168.23.106
 network-object host 192.168.39.101
 network-object host 192.168.39.102
 network-object host 192.168.39.103
 network-object host 192.168.39.104
 network-object host 192.168.39.105
 network-object host 192.168.39.106
 network-object host 192.168.40.101
 network-object host 192.168.40.102
 network-object host 192.168.40.103
 network-object host 192.168.40.104
 network-object host 192.168.40.105
 network-object host 192.168.40.106
 network-object host 192.168.0.62
access-list dmz_in extended permit ip any host 172.16.31.2
access-list dmz_in extended permit tcp any host 172.16.31.2
access-list dmz_in extended permit udp any host 172.16.31.2
access-list dmz_in extended permit tcp any host 172.16.31.2 eq 3000
access-list dmz_in extended permit tcp any host 172.16.31.2 eq https
access-list dmz_in extended permit udp any host 172.16.31.2 eq domain
access-list dmz_in extended permit tcp any host 172.16.31.2 eq pop3
access-list dmz_in extended permit tcp any host 172.16.31.2 eq smtp
access-list dmz_in extended permit tcp any host 172.16.31.2 eq www
access-list dmz_in extended permit tcp any host 172.16.31.2 eq 1000
access-list dmz_in extended permit tcp any host 172.16.31.2 eq echo
access-list Inside extended permit ip any any
access-list Inside extended permit icmp any any
access-list Inside extended permit tcp any any
access-list 100 extended permit ip any host 200.87.226.122
access-list 100 extended permit tcp any host 200.87.226.122
access-list 100 extended permit udp any host 200.87.226.122
access-list linkser extended permit ip any 193.168.1.0 255.255.255.0
access-list linkser extended permit ip 193.168.1.0 255.255.255.0 any
access-list linkser extended permit tcp 193.168.1.0 255.255.255.0 any
access-list linkser extended permit tcp any 193.168.1.0 255.255.255.0
access-list ping extended permit icmp any any echo-reply
access-list ping extended permit icmp any any source-quench
access-list ping extended permit icmp any any unreachable
access-list ping extended permit icmp any any time-exceeded
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu Outside 1500
mtu Branch_Office 1500
mtu DMZ 1500
mtu Inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit host 192.168.0.43 Outside
icmp permit any Outside
asdm image disk0:/asdm-647.bin
asdm history enable
arp timeout 14400
global (Outside) 101 interface
global (DMZ) 101 interface
global (Inside) 102 192.168.0.3
nat (Branch_Office) 101 0.0.0.0 0.0.0.0
nat (DMZ) 101 0.0.0.0 0.0.0.0
nat (Inside) 101 0.0.0.0 0.0.0.0
static (DMZ,Inside) 172.16.31.0 172.16.31.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.2.0 192.168.2.0 netmask 255.255.255.0
static (Inside,DMZ) 192.168.0.0 192.168.0.0 netmask 255.255.255.0
static (Inside,Branch_Office) 192.168.0.0 192.168.0.0 netmask 255.255.255.0
static (DMZ,Branch_Office) 172.16.31.0 172.16.31.0 netmask 255.255.255.0
static (Branch_Office,DMZ) 192.168.2.0 192.168.2.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.3.0 192.168.3.0 netmask 255.255.255.0
static (Branch_Office,Inside) 172.16.1.0 172.16.1.0 netmask 255.255.255.0
static (Branch_Office,Inside) 172.16.2.0 172.16.2.0 netmask 255.255.255.0
static (Branch_Office,Inside) 172.16.3.0 172.16.3.0 netmask 255.255.255.0
static (Branch_Office,DMZ) 172.16.1.0 172.16.1.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.44.0 192.168.44.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.21.0 192.168.21.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.20.0 192.168.20.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.35.0 192.168.35.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.37.0 192.168.37.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.43.0 192.168.43.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.45.0 192.168.45.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.28.0 192.168.28.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.33.0 192.168.33.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.30.0 192.168.30.0 netmask 255.255.255.0
static (Branch_Office,Inside) 193.168.1.0 193.168.1.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.25.0 192.168.25.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.27.0 192.168.27.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.26.0 192.168.26.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.34.0 192.168.34.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.23.0 192.168.23.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.39.0 192.168.39.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.29.0 192.168.29.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.22.0 192.168.22.0 netmask 255.255.255.0
static (Branch_Office,Inside) 192.168.32.0 192.168.32.0 netmask 255.255.255.0
static (DMZ,Outside) 200.87.226.122 172.16.31.2 netmask 255.255.255.255
access-group ping in interface Outside
access-group ping in interface DMZ
route Outside 0.0.0.0 0.0.0.0 200.87.226.121 20
route Branch_Office 172.16.1.0 255.255.255.0 192.168.2.2 1
route Branch_Office 172.16.2.0 255.255.255.0 192.168.2.2 1
route Branch_Office 172.16.3.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.1.0.0 255.255.192.0 192.168.2.2 1
route Branch_Office 192.168.20.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.21.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.22.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.23.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.25.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.26.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.27.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.28.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.29.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.30.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.32.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.33.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.34.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.35.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.37.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.39.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.43.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.44.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.45.0 255.255.255.0 192.168.2.2 1
route Branch_Office 192.168.100.0 255.255.255.0 192.168.2.2 1
route Inside 193.168.1.0 255.255.255.0 192.168.0.249 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 management
http 192.168.0.0 255.255.255.0 Inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet 0.0.0.0 0.0.0.0 Branch_Office
telnet 172.16.31.0 255.255.255.0 DMZ
telnet 192.168.0.0 255.255.255.0 Inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username eguerra password dr6zkC4iOPQHLH5f encrypted privilege 15
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect icmp
  inspect icmp error
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:316ae9cbc1ea6482776a8766720c307f
: end
ASAFCHFW#
edumaticoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

anoopkmrCommented:
add the below commands and see

access-list ACL_dmz_in extended permit tcp host 172.16.31.2 eq 443 any
 access-list ACL_dmz_in extended permit tcp host 172.16.31.2 eq 80 any
access-list ACL_dmz_in extended permit tcp host 172.16.31.2 eq 25 any
access-list ACL_dmz_in extended permit tcp host 172.16.31.2 eq 110 any
access-list ACL_dmz_in extended permit udp host 172.16.31.2 eq 53 any
access-list ACL_dmz_in extended permit udp host 172.16.31.2  any eq 53
access-group ACL_dmz_in in interface DMZ


access-list ACL_out_in extended permit tcp any host 200.87.226.122 eq 443 any
access-list ACL_out_in extended permit tcp any host 200.87.226.122 eq 25 any
access-list ACL_out_in extended permit tcp any host 200.87.226.122 eq 110 any
access-list ACL_out_in extended permit tcp any host 200.87.226.122 eq 80 any
access-list ACL_out_in extended permit udp any host 200.87.226.122 eq 53 any
access-group ACL_out_in in interface Outside
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.