Symptom
It was observed that PAT Pool can present stickiness for some xlate session causing many of the internal users unable to reach network resources
Some of the logs observed:
TCP PAT from inside.lac:10.164.84.102/64286 to outside.int:122.33.4.5/62489 flags ri idle 0:28:40 timeout 0:00:30
IP: 10.164.84.102 XXXX port it landed in 122.33.4.5 pool went up 40 K
IP: 10.164.84.103 XXXX port is also landed 122.33.4.5 pool went up 25 K.
Now when 10.164.84.102 YYYY port tries to make new connection , it will land on to the same pool 122.33.4.5. This might fails.
During this behavior, it should have printed the syslog:
"%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection"
Conditions
PAT Pools configured on the device
Workaround
Enable Round Robin option on the pat pool rule
