Recently we migrated our network to ASA 5515, since we had configured nat pool overload on our existing router the users are able to translated their ip's outside. Right now my issue was when I use the existing NAT configured to our router into firewall, it seems that the translation was not successful actually I used Dynamic NAT. When I use the Dynamic PAT(Hide) all users are able to translated to the said public IP's. I know that PAT is Port address translation but when I use static nat for specific server. The Static NAT was not able to translated. Can anyone explain if there's any conflict whit PAT to Static NAT? I appriciate their response. Thanks!
I would have to guess that you Dynamic PAT was perhaps configured as a Section 1 rule and Static NAT configured as Section 2 rule which would mean that the Dynamic PAT rule would always override the Static NAT for the said host.
The very basic configured for Static NAT and Default PAT I would do in the following way
object network STATIC
nat (inside,outside) static
object-group network DEFAULT-PAT-SOURCE
nat (inside,outside) after-auto source dynamic DEFAULT-PAT-SOURCE interface
The Static NAT would be configured as Network Object NAT (Section 2) and the Default PAT would be configured with Twice NAT / Manual NAT (after-auto specifies it as Section 3 rule)
This might sound confusing. Though it would be easier to say what the problem is if we saw the actual NAT configuration. Though I gave the reason that I think is probably one of the most likely reasons if there is some conflict with the 2 NAT rules
You can also check out a NAT document I made regarding the new NAT configuration format and its operation.
Hope this helps
Static NAT and PAT can operate at the same time without any problems. Static NAT actually takes precedence over Dynamic NAT.
On the ASA besides adding NAT rules, you need to open your ACLs so that the trafic can pass from the Internet to your internal servers. Make sure you have done this otherwise you wont be able to see the servers from outside. Take a look at this doc, it might help:
Perhaps if you give us more details about what you are trying to do, and post your current config we can take a look and point you in the right direction.
I'll try that recommendation and i'll get back to you if this will work. Thank you so much for their help specially JouniForss for keeping your sources provided to me. Thank you again guys.