NAT not working

[aleav]

anyone have any ideas as to why my manual Hide NAT rules are not working correctly? I have this:

Original Source: Group of IP addresses
Original Destination: Outside server
Original Service: Any

Translated Packet: a single IP on the same network (using Hide NAT)
Destination: Original
Service: original

I am testing with one of the machines in the "Group of IP addresses". In the logs I only see it going out with its original IP. I'm not really sure about NATing but is this because this macine has a routable IP (to the public)? Also, when I test it going to a machine within our network it uses it for a few hits and then switches back to its original IP.

Any help is appreciated.

[thebuffman]

Firstly, is the "group" allowed access to the server via your rule base?

In the logs check the boxes xlate src & xlate dst. This will allow you to see the translations taking place during data transmission.

According to your post, the "group" should not translate for anything other than the unique server you specified. According to your post the only time your "group" will do any translations is when they try hitting that IP address only.

[dfwboiler]

So do any in the "group" nat?
and as thebuffman noted, check for xlate src and dst in Tracker.
There may be a new nat rule above the existing one causing the issue.

I've added a nonat above a nat rule that needed to work and caused a problem.. Oops.