ok, the static command works to replace the alias, I had the same security permit intra and inter interface, changed the inside nat pool from 0 to 1 and it is working I can ping and http

will this affect my outbound identity addresses? like if I have a web filter outside the ASA will it now see all traffic coming from the ASA interface instead of the identity of the client PC?

I wasn't doing any NAT overload on the ASA, there is a router from the ISP doing that from their IP pool. I was just doing identity nat

"will this affect my outbound identity addresses?"

-No. Only traffic from inside to inside is affected.

I spoke too soon - it broke my internet for inside hosts, I changed it back to nat pool 0 and internet works, but of course now I cant talk to the server

Post your nat/global config please.

You should be able to leave your existing nat 0 then add...

nat (inside) 1 0 0

global (inside) 1 interface

global (inside) 1 interface

nat (management) 0 0.0.0.0 0.0.0.0

nat (inside) 0 0.0.0.0 0.0.0.0

static (inside,outside) 216.x.x.x 10.17.1.42 netmask 255.255.255.255

static (inside,outside) 216.x.x.x 10.17.1.45 netmask 255.255.255.255

static (inside,outside) 216.x.x.x 10.17.1.43 netmask 255.255.255.255

static (inside,outside) 216.x.x.x 10.17.1.46 netmask 255.255.255.255

static (inside,outside) 216.x.x.x 10.17.1.44 netmask 255.255.255.255

static (inside,outside) 216.x.x.x 10.17.1.33 netmask 255.255.255.255

static (inside,inside) 216.x.x.x 10.17.1.42 netmask 255.255.255.255

if I change to

nat (inside) 1 0 0

I can't get to the internet on any hosts that don't have a static, I don't really want to overload on my outside interface on the ASA because I have a fatpipe for load balancing outside the asa and a web filter.

it wont take

nat (inside) 1 0 0

says 'duplicate nat entry'

ok so I solved it, just created an access list permitting ip to that server, then natted the pool 1 to that acl, works fine

thanks for all the help