object network GUEST-INTERNET

subnet 10.205.64.0 255.255.252.0

object network GUEST-INTERNET

nat (extranet,outside) dynamic xxx.xx.199.135

Auto NAT Policies (Section 2)

2 (extranet) to (outside) source dynamic GUEST-INTERNET xxx.xx.199.135

    translate_hits = 3536082, untranslate_hits = 32663

    Source - Origin: 10.205.64.0/22, Translated: xxx.xx.199.135/32

3 (extranet) to (inside) source dynamic VPN_USER_POOL interface

    translate_hits = 3369448, untranslate_hits = 283060

    Source - Origin: 10.254.32.0/22, Translated: 10.254.28.113/28

4 (extranet) to (outside) source dynamic EXTRANET_ANY interface

    translate_hits = 33130812, untranslate_hits = 62286

    Source - Origin: 0.0.0.0/0, Translated: xxx.xx.199.140/28

But users are still reporting to be using the xxx.xx.199.140 address when validating via whatismyip ? 

There must be a way to Exclude and Include ?