Hi Boris,

The solarwind server is 10.130.8.248 and should belong to 10.0.0.0/8. And I wonder to it can't route to inside and going to Outside Interface.

Strange behaviour... Could you, please, post the output of show route command?

Theoretically, NAT-translations can influence the selection of exit interface. I'm not sure, that it'll help, but you can try to remove nat-configurations and issue clear xlate command. Attention! If it is production network, it could influence the packet handling. Don't do it in production environment.

Alternatively, you can try to add a nat exception for host 10.130.8.248. It'll be something like this:

access-list inside_nat0_outbound extended permit ip host 10.130.8.248 any

access-list inside_nat0_outbound extended permit ip any host 10.130.8.248

clear xlate

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/route_overview.html

How Routing Behaves Within the Adaptive Security Appliance

The ASA uses both routing table and XLATE tables for routing decisions. To handle destination IP translated traffic, that is, untranslated traffic, the ASA searches for existing XLATE, or static translation to select the egress interface. The selection process is as follows:

Egress Interface Selection Process

1. If destination IP translating XLATE already exists, the egress interface for the packet is determined from the XLATE table, but not from the routing table.

2. If destination IP translating XLATE does not exist, but a matching static translation exists, then the egress interface is determined from the static route and an XLATE is created, and the routing table is not used.

3. If destination IP translating XLATE does not exist and no matching static translation exists, the packet is not destination IP translated. The ASA processes this packet by looking up the route to select egress interface, then source IP translation is performed (if necessary).

For regular dynamic outbound NAT, initial outgoing packets are routed using the route table and then creating the XLATE. Incoming return packets are forwarded using existing XLATE only. For static NAT, destination translated incoming packets are always forwarded using existing XLATE or static translation rules.

Yes, I finally got the show route from the customer. It's really strange, there is no static route on the configuration but there is an entry when show route.

S    10.130.0.0 255.255.0.0 [1/0] via (Outside GW), outside

However, I have another issue is that some subnet should go to this Outside gateway. The criteria is that only the inside subnet (i.e. 10.131.3.0) will back to MPLS connection and should use below route. 

S    10.0.0.0 255.0.0.0 [1/0] via 10.131.3.1, inside

I know there is no any policy routing in ASA 8.0, how can I achieve it ?

Hello, Kurt.

I'm afraid, there is no way to configure your task on ASA.

I believe, you have to change default gateway on devices from subnet 10.131.3.0/24 to 10.131.3.1 (Router) and implemet all routing logic on the router.