Thanks for getting back to me.  I was using dynamic PAT, but not in a specific manner like that.  I am still having a problem.  Right now I have 4 rules in the NAT rules table.  I've tried moving the new rule to the top of the list, and I've tried deleting the other rules, but neither command works.  It looks like the one rule higher in the list is static, so I presume that rule would prevent my new rule from working.

Correction:  I just refreshed from the device, and was able to modify the Rules.  Am only seeing the new rule now.  But still I don't have internet.  Thanks.

Can share the configuration you are trying to use?

If you are sure the configuration is right will be necessary to get in to the ASA through the CLI and check a couple of commands:

sh xlate

packet-tracer input inside icmp <insideip> 8 0 4.2.2.2 detail

Hope this info helps!!

Rate if helps you!

-JP-

I'm not sure now much you want to know about the config, but I have the following interfaces: outside (DHCP),  inside (not using, but enabled), insidemain (10.142.0.10), outside2 (DHCP, not connected yet but enabled).  I setup the NAT rule as directed under the PAT section with an IP of 10.142.0.0 255.255.0.0 and source interface of insidemain.

And here are the CLI commands requested:

inftwof1rtr010# sh xlate
0 in use, 1 most used

inftwof1rtr010# packet-tracer input insidemain icmp 10.142.0.15 8 0 4.2.2.2 de$

Phase: 1
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
found next-hop 10.1.10.1 using egress ifc outside

Phase: 2
Type: NAT
Subtype:
Result: ALLOW
Config:
object network obj_10.142.0.0
nat (insidemain,outside) dynamic interface
Additional Information:
Dynamic translate 10.142.0.15/0 to 10.1.10.66/64682
Forward Flow based lookup yields rule:
in id=0x2aaac23aed40, priority=6, domain=nat, deny=false
hits=0, user_data=0x2aaac2360060, cs_id=0x0, flags=0x0, protocol=0
src ip/id=10.142.0.0, mask=255.255.0.0, port=0, tag=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, dscp=0x0
input_ifc=insidemain, output_ifc=outside

Phase: 3
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x2aaac0ca6ff0, priority=0, domain=nat-per-session, deny=true
hits=65, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, pr
otocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, dscp=0x0
input_ifc=any, output_ifc=any

Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x2aaac17b4c20, priority=0, domain=inspect-ip-options, deny=true
hits=213, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, dscp=0x0
input_ifc=insidemain, output_ifc=any

Phase: 5
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x2aaac17b4430, priority=66, domain=inspect-icmp-error, deny=false
hits=2, user_data=0x2aaac17b39a0, cs_id=0x0, use_real_addr, flags=0x0, p
rotocol=1
src ip/id=0.0.0.0, mask=0.0.0.0, icmp-type=0, tag=any
dst ip/id=0.0.0.0, mask=0.0.0.0, icmp-code=0, tag=any, dscp=0x0
input_ifc=insidemain, output_ifc=any

Phase: 6
Type: USER-STATISTICS
Subtype: user-statistics
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
out id=0x2aaac228e960, priority=0, domain=user-statistics, deny=false
hits=27, user_data=0x2aaac1dc1450, cs_id=0x0, reverse, flags=0x0, protoc
ol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, dscp=0x0
input_ifc=any, output_ifc=outside

Phase: 7
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 146, packet dispatched to next module
Module information for forward flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_translate
snp_fp_adjacency
snp_fp_fragment
snp_ifc_stat

Module information for reverse flow ...

Result:
output-interface: outside
output-status: up
output-line-status: up
Action: allow

Thanks

OK, I figured out that the issue was with DNS.  If I turn on DHCP with auto-config from "outside" interface, it will work.  However, this is not how it will be setup in the working environment.  So, my question is perhaps more of a "best-practice" question.  Should I setup my existing DNS server with forwarding to the DNS server IPs from my ISP, or would I setup forwarding to the ASA and setup the DNS server list there?

Thanks!

So I got the DNS question resolved, I think.  I've setup my DNS server for forwarding.  Will find out for sure shortly when I deploy the ASA in my network.  I was having another issue getting my second ISP to work, that turned out to be a routing problem, solution here:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-00.html