There are some questionable configuration lines in place that cause the problem. Try to have the following on the configuration.
1. New part of configuration as follows
Object Group command
object-group network PUBLIC-SERVERS
network-object host 192.168.2.2
object-group icmp-type ICMP-INBOUND
icmp-object 0
icmp-object 3
icmp-object 11
object-group service WEB-SERVICES tcp
port-object eq 80
port-object eq 443
Global command
global (outside) 1 interface
Route command
route outside 0.0.0.0 0.0.0.0.0 [ISP DEFAULT GATEWAY]
2. Modify existing command line as follows
ACL outside_access_in should look something like this
access-list outside_access_in extended permit icmp any host [THE ASA OUTSIDE INTERFACE IP ADDRESS] object-group ICMP-INBOUND
access-list outside_access_in extended permit tcp any host [THE ASA OUTSIDE INTERFACE IP ADDRESS] object-group WEB-SERVICES
ACL inside_access_in should look something like this
access-list inside_access_in extended permit icmp object-group PUBLIC-SERVERS any
access-list inside_access_in extended permit tcp object-group PUBLIC-SERVERS any
access-list inside_access_in extended permit udp object-group PUBLIC-SERVERS any
access-list inside_access_in extended deny ip any any log
static command should look like this
static (inside,outside) tcp interface 80 192.168.2.2 80 netmask 255.255.255.255
static (inside,outside) tcp interface 443 192.168.2.2 443 netmask 255.255.255.255
Once you have these commands in, issue
clear xlate command to active the new NAT commands. Don't forget to save the configuration afterwards