Yes, this is another segment.

The mentioned server works as KMS server that has two IPs 10.1.1.56 and the other 10.39.1.131. When Every subinterface in LAN network hits the 10.39.1.131 it's supposed to be redirected(internaly NATed) to 10.1.1.56 which would be a part of the same server. I'm not sure if it's described well. When I think of it I'm uncertain if that is even possible. I looked at the DNS doctoring. That would make sense if the traffice was headed outside the network I guess?

Both addresses are internal at one KMS server. I've tried several options non of them worked. I currtently removed the 10.39.1.131 address from config.

I have created another KMS server on that INF interface. There are currently two KMS servers KMS01 10.1.1.56 and KMS02 10.39.1.131. I'd need the traffic tcp/1688 from all other intefaces when they contact KMS02 to be redirected to KMS01 inside. Ther won't be outside traffic involved.

Config

ASA01# sh run
: Saved
:
:
ASA Version 9.2(1)
!
hostname ASA01
names
ip local pool PIN-pool 192.168.3.100-192.168.3.125 mask 255.255.255.0
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport trunk allowed vlan 1052-1053,1060,1091-1093,1524,1533,1600,1920,1930,3001-3004,3010,3012
switchport mode trunk
!
interface Ethernet0/2
switchport access vlan 1524
!
interface Ethernet0/3
switchport trunk allowed vlan 1052-1053,1060,1091-1093,1524,1533,1600,1920,1930,3001-3004,3010,3012
switchport mode trunk
!
interface Ethernet0/4
shutdown
!
interface Ethernet0/5
shutdown
!
interface Ethernet0/6
shutdown
!
interface Ethernet0/7
shutdown
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.3.244 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 84.24.98.44.51 255.255.255.240
!
interface Vlan1052
nameif OSR-052-EXT-COM
security-level 55
ip address 192.168.52.254 255.255.255.0
!
interface Vlan1053
nameif OSR-053-EXT-COM
security-level 55
ip address 192.168.53.254 255.255.255.0
!
interface Vlan1060
nameif OSR-060-EXT-COM
security-level 55
ip address 192.168.60.254 255.255.255.0
!
interface Vlan1091
nameif OSR-091-EXT-COM
security-level 55
ip address 192.168.91.254 255.255.255.0
!
interface Vlan1092
nameif OSR-092-EXT-COM
security-level 55
ip address 192.168.92.254 255.255.255.0
!
interface Vlan1093
nameif OSR-093-EXT-COM
security-level 55
ip address 192.168.93.254 255.255.255.0
!
interface Vlan3001
nameif DMZ
security-level 55
ip address 10.1.0.254 255.255.255.0
!
interface Vlan3002
nameif INF
security-level 55
ip address 10.1.1.254 255.255.255.0
!
interface Vlan3003
nameif DEPLOYMENT
security-level 55
ip address 10.1.3.254 255.255.255.0
!
interface Vlan3004
nameif OSR-KMS-EXT-COM
security-level 55
ip address 10.39.1.254 255.255.255.0
!
ftp mode passive
same-security-traffic permit inter-interface
object network NETWORK_OBJ_192.168.3.96_27
subnet 192.168.3.96 255.255.255.224
object network DMZ-ext-com
subnet 10.1.0.0 255.255.255.0
object network INF-EXT-COM
subnet 10.1.1.0 255.255.255.0
object network OSR-INF-WSUS1
host 10.1.1.53
object network OSR-INF-DC1
host 10.1.1.151
object network OSR-DMZ-UAG1
host 10.1.0.1
object network OSR-INF-VIEW1
host 10.1.1.51
object network PODA-DNS1
host 62.129.50.20
object network PODA-DNS2
host 85.135.32.100
object network OSR-INF-MGMT1
host 10.1.1.52
object network OSR-xxx-EXT-COM1
subnet 10.10.0.0 255.255.0.0
object network OSR-INF-KMS1
host 10.1.1.56
description KMS Server GSS
object network OSR-INF-DC2
host 10.1.1.152
object network OSR-INF-VC2
host 10.1.1.92
object network OSR-xxx-EXT-COM2
subnet 192.168.0.0 255.255.0.0
object network OSR-DMZ-UAG2
host 10.1.0.2
object network OSR-INF-VIEW2
host 10.1.1.57
object network OSR-091-EXT-COM
subnet 192.168.91.0 255.255.255.0
object network OSR-091-AS11
host 192.168.91.11
object network OSR-053-EXT-COM
subnet 192.168.53.0 255.255.255.0
object network DEPLOYMENT
subnet 10.1.3.0 255.255.255.0
object network DEPLOYMENT-AS11
host 10.1.3.11
object network OSR-060-EXT-COM
subnet 192.168.60.0 255.255.255.0
object network OSR-060-EXT_COM-network
subnet 192.168.60.0 255.255.255.0
object network 192.168.0.0-16
subnet 192.168.0.0 255.255.0.0
description Inside whole Network
object network 10.1.0.0-16
subnet 10.1.0.0 255.255.0.0
object network NETWORK_OBJ_10.1.1.0_24
subnet 10.1.1.0 255.255.255.0
object network OSR-092-EXT-COM
subnet 192.168.92.0 255.255.255.0
object network OSR-KMS-AS11
host 10.1.4.11
object network OSR-xxx-EXT-COM3
subnet 10.0.0.0 255.0.0.0
object network OSR-093-EXT-COM
subnet 192.168.93.0 255.255.255.0
object service KMS
service tcp source eq 1688 destination eq 1688
object service KMS_Service
service tcp destination eq 1688
object network OSR-KMS-EXT-COM
subnet 10.39.1.0 255.255.255.0
object-group network OSR-KMS_OBJECTS
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_TCP_2 tcp
port-object eq 8530
port-object eq 8531
object-group service DM_INLINE_SERVICE_1
service-object tcp destination eq 32111
service-object tcp destination eq 3389
service-object tcp destination eq 4172
service-object tcp destination eq 9427
service-object udp destination eq 4172
service-object tcp-udp destination eq 22443
object-group network DM_INLINE_NETWORK_1
network-object object OSR-DMZ-UAG1
network-object object OSR-DMZ-UAG2
object-group network OSR-xxx-EXT-COMx
network-object object OSR-xxx-EXT-COM1
network-object object OSR-xxx-EXT-COM2
network-object object OSR-xxx-EXT-COM3
object-group network OSR-INF-DCx
network-object object OSR-INF-DC1
network-object object OSR-INF-DC2
object-group network PODA-DNSx
network-object object PODA-DNS1
network-object object PODA-DNS2
object-group network OSR-VIEW-SERVERS
description Horizon Connection Servers
network-object object OSR-INF-VIEW1
network-object object OSR-INF-VIEW2
object-group service Windows_activation
description KMS activations
service-object object KMS_Service
object-group network OSR-KMS_USERS
network-object 0.0.0.0 0.0.0.0
object-group network DEPLOYMENT_USERS
network-object 0.0.0.0 0.0.0.0
object-group icmp-type DM_INLINE_ICMP_1
icmp-object echo
icmp-object echo-reply
object-group network DM_INLINE_NETWORK_2
network-object object OSR-INF-KMS1
object-group service DM_INLINE_TCP_1 tcp
port-object eq 135
port-object eq 445
port-object eq 5985
port-object eq 5986
access-list Split_Tunnel_List standard permit 192.168.3.0 255.255.255.0
access-list DMZ_access_in remark DNS inside
access-list DMZ_access_in extended permit object-group TCPUDP object OSR-DMZ-UAG1 object-group OSR-INF-DCx eq domain
access-list DMZ_access_in remark OSR-VIEW servers or load-ballancer
access-list DMZ_access_in extended permit tcp object OSR-DMZ-UAG1 object-group OSR-VIEW-SERVERS eq https
access-list DMZ_access_in remark RDP
access-list DMZ_access_in extended permit tcp object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 3389
access-list DMZ_access_in remark MMR or CDR
access-list DMZ_access_in extended permit tcp object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 9427
access-list DMZ_access_in remark PCoIP
access-list DMZ_access_in extended permit tcp object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 4172
access-list DMZ_access_in remark PCoIP
access-list DMZ_access_in extended permit udp object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 4172
access-list DMZ_access_in remark USB-R
access-list DMZ_access_in extended permit tcp object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 32111
access-list DMZ_access_in remark HTTPS
access-list DMZ_access_in extended permit object-group TCPUDP object OSR-DMZ-UAG1 object-group OSR-xxx-EXT-COMx eq 22443
access-list DMZ_access_in remark HTTPS
access-list DMZ_access_in remark USB-R
access-list DMZ_access_in remark RDP
access-list DMZ_access_in remark PCoIP
access-list DMZ_access_in remark MMR or CDR
access-list DMZ_access_in remark HTTPS
access-list DMZ_access_in remark PCoIP
access-list DMZ_access_in remark for Horizon RDS
access-list DMZ_access_in extended permit object-group DM_INLINE_SERVICE_1 object OSR-DMZ-UAG1 object OSR-INF-MGMT1
access-list DMZ_access_in remark ICMP
access-list DMZ_access_in extended permit icmp object OSR-DMZ-UAG1 any4
access-list DMZ_access_in extended deny ip any any log disable inactive
access-list INF_access_in extended permit tcp object OSR-INF-WSUS1 any4 eq https
access-list INF_access_in extended permit tcp object OSR-INF-WSUS1 any4 eq www
access-list INF_access_in extended permit ip 192.168.93.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list INF_access_in remark DNS forwarders
access-list INF_access_in extended permit object-group TCPUDP object-group OSR-INF-DCx object-group PODA-DNSx eq domain
access-list INF_access_in remark RDP -> OSR-xxx machines
access-list INF_access_in extended permit tcp object OSR-INF-MGMT1 object-group OSR-xxx-EXT-COMx eq 3389
access-list INF_access_in remark Management
access-list INF_access_in extended permit tcp object OSR-INF-MGMT1 object-group DM_INLINE_NETWORK_1 eq 9443
access-list INF_access_in remark MMR or CDR
access-list INF_access_in extended permit tcp object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 9427
access-list INF_access_in remark USB-R
access-list INF_access_in extended permit tcp object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 32111
access-list INF_access_in remark Blast
access-list INF_access_in extended permit object-group TCPUDP object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 8443
access-list INF_access_in remark PCoIP
access-list INF_access_in extended permit object-group TCPUDP object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 4172
access-list INF_access_in remark RDP
access-list INF_access_in extended permit tcp object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 3389
access-list INF_access_in remark HTTPS
access-list INF_access_in extended permit object-group TCPUDP object-group OSR-VIEW-SERVERS object-group OSR-xxx-EXT-COMx eq 22443
access-list INF_access_in extended permit icmp object OSR-INF-VIEW1 object-group OSR-xxx-EXT-COMx inactive
access-list INF_access_in extended deny ip any any log disable inactive
access-list inside_access_in extended deny ip any any log disable inactive
access-list outside_access_in remark Unified Access Gateway (Horizon)
access-list outside_access_in extended permit tcp any object OSR-DMZ-UAG1 eq https
access-list outside_access_in remark Unified Access Gateway (Horizon)
access-list outside_access_in extended permit udp any object OSR-DMZ-UAG1 eq 443
access-list outside_access_in remark PCoIP
access-list outside_access_in extended permit tcp any object OSR-DMZ-UAG1 eq 4172
access-list outside_access_in remark PCoIP
access-list outside_access_in extended permit udp any object OSR-DMZ-UAG1 eq 4172
access-list outside_access_in remark Blast
access-list outside_access_in extended permit tcp any object OSR-DMZ-UAG1 eq 8443
access-list outside_access_in remark Blast
access-list outside_access_in extended permit udp any object OSR-DMZ-UAG1 eq 8443
access-list outside_access_in extended permit tcp object-group DEPLOYMENT_USERS 10.1.3.0 255.255.255.0 eq 3389
access-list outside_access_in extended permit tcp object-group OSR-KMS_USERS 10.1.4.0 255.255.255.0 eq 3389
access-list outside_access_in extended deny ip any any
access-list global_access remark WinRM -> OSR-xxx machines
access-list global_access extended permit tcp object OSR-INF-MGMT1 object-group OSR-xxx-EXT-COMx object-group DM_INLINE_TCP_1
access-list global_access extended permit icmp any any object-group DM_INLINE_ICMP_1
access-list global_access remark PCoIP
access-list global_access extended permit udp object-group OSR-xxx-EXT-COMx object OSR-DMZ-UAG1 eq 4172
access-list global_access remark WSUS updates
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object OSR-INF-WSUS1 eq www
access-list global_access remark WSUS updates
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object OSR-INF-WSUS1 eq https
access-list global_access remark WSUS updates
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object OSR-INF-WSUS1 object-group DM_INLINE_TCP_2
access-list global_access remark Horizon CS
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object-group OSR-VIEW-SERVERS eq 4001
access-list global_access remark Horizon CS
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object-group OSR-VIEW-SERVERS eq 4002
access-list global_access extended permit icmp object-group OSR-xxx-EXT-COMx object OSR-INF-VIEW1 inactive
access-list global_access remark PS remoting
access-list global_access extended permit tcp object-group OSR-xxx-EXT-COMx object OSR-INF-MGMT1 eq https inactive
access-list global_access extended deny ip any any log disable
access-list global_access remark Domain controllers
access-list global_access extended permit ip any object-group OSR-INF-DCx
access-list global_access extended permit tcp any object OSR-INF-VC2 eq https
access-list global_access extended permit tcp any4 object OSR-INF-KMS1 eq 1688
access-list OSR-060-EXT-COM_access_in remark Domain controllers
access-list OSR-060-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-060-EXT-COM_access_in remark VC02
access-list OSR-060-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-060-EXT-COM_access_in extended permit tcp any object OSR-INF-KMS1 eq 1688
access-list OSR-053-EXT-COM_access_in remark Domain controllers
access-list OSR-053-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-053-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-053-EXT-COM_access_in extended permit tcp any4 object OSR-INF-KMS1 eq 1688
access-list OSR-052-EXT-COM_access_in remark Domain controllers
access-list OSR-052-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-052-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-092-EXT-COM_access_in remark Domain controllers
access-list OSR-092-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-092-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-092-EXT-COM_access_in extended permit tcp any4 object OSR-INF-KMS1 eq 1688
access-list OSR-091-EXT-COM_access_in_1 extended deny ip any any
access-list DEPLOYMENT_access_in remark DCOM
access-list OSR-091-EXT-COM_access_in remark Domain controllers
access-list OSR-091-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-091-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-091-EXT-COM_access_in extended permit tcp any object OSR-INF-KMS1 eq 1688
access-list OSR-093-EXT-COM_access_in remark Domain controllers
access-list OSR-093-EXT-COM_access_in extended permit ip any object-group OSR-INF-DCx
access-list OSR-093-EXT-COM_access_in extended permit tcp any object OSR-INF-VC2 eq https
access-list OSR-093-EXT-COM_access_in extended permit tcp any4 object OSR-INF-KMS1 eq 1688
access-list OSR-KMS-EXT-COM_access_in extended deny ip any any log disable
access-list OSR-KMS-EXT-COM_access_in_1 remark Domain controllers
access-list OSR-KMS-EXT-COM_access_in_1 extended permit ip any object-group OSR-INF-DCx
access-list OSR-KMS-EXT-COM_access_in_1 extended permit tcp any object OSR-INF-VC2 eq https
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu OSR-052-EXT-COM 1500
mtu OSR-053-EXT-COM 1500
mtu OSR-060-EXT-COM 1500
mtu OSR-091-EXT-COM 1500
mtu DMZ 1500
mtu INF 1500
mtu DEPLOYMENT 1500
mtu OSR-092-EXT-COM 1500
mtu OSR-093-EXT-COM 1500
mtu OSR-KMS-EXT-COM 1500
ip verify reverse-path interface outside
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network DMZ-ext-com
nat (DMZ,outside) dynamic interface dns
object network INF-EXT-COM
nat (INF,outside) dynamic interface dns
object network OSR-DMZ-UAG1
nat (DMZ,outside) static 84.24.98.41
object network OSR-091-EXT-COM
nat (OSR-091-EXT-COM,outside) dynamic interface
object network OSR-053-EXT-COM
nat (OSR-053-EXT-COM,outside) dynamic interface
object network DEPLOYMENT
nat (DEPLOYMENT,outside) dynamic interface
object network OSR-060-EXT-COM
nat (OSR-060-EXT-COM,outside) dynamic interface
object network OSR-092-EXT-COM
nat (OSR-092-EXT-COM,outside) dynamic interface
object network OSR-093-EXT-COM
nat (OSR-093-EXT-COM,outside) dynamic interface
object network OSR-KMS-EXT-COM
nat (OSR-KMS-EXT-COM,outside) dynamic interface
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
access-group OSR-052-EXT-COM_access_in in interface OSR-052-EXT-COM
access-group OSR-053-EXT-COM_access_in in interface OSR-053-EXT-COM
access-group OSR-060-EXT-COM_access_in in interface OSR-060-EXT-COM
access-group OSR-091-EXT-COM_access_in in interface OSR-091-EXT-COM
access-group DMZ_access_in in interface DMZ
access-group INF_access_in in interface INF
access-group OSR-092-EXT-COM_access_in in interface OSR-092-EXT-COM
access-group OSR-093-EXT-COM_access_in in interface OSR-093-EXT-COM
access-group OSR-KMS-EXT-COM_access_in_1 in interface OSR-KMS-EXT-COM
access-group global_access global
route outside 0.0.0.0 0.0.0.0 84.24.98.44 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 2:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
http 192.168.3.0 255.255.255.0 inside
http 10.1.1.0 255.255.255.0 INF
http 10.1.2.0 255.255.255.0 INF
no snmp-server location
no snmp-server contact