My insight over here is suspecting something on your NATing ,if you have done Static Nating or dynamic nating this will allow only one user session , if you have only 1 public IP address in your global pool for your internal network transalation to external world .
Try to configure PATing , if you have already configured PATing check for port utilisation , if it exceeds 64000 then u ll have problem , for our scenarion we have only 10 user so there should not be any problem for PATing .
Similalry check at client side http application server , does it allow multiple user session from a single public routable IP address , if it has got restriction to 1 then u need to have multiple induidual routable IP address for each user or Customer owned IP Private IP address for this resolution .
Dynamic NAT has these disadvantages:
•If the mapped pool has fewer addresses than the real group, you could run out of addresses if the amount of traffic is more than expected.
Use PAT if this event occurs often because PAT provides over 64,000 translations using ports of a single address.
•You have to use a large number of routable addresses in the mapped pool; if the destination network requires registered addresses, such as the Internet, you might encounter a shortage of usable addresses.
where you are performing your dynamic nating in same firewall or in some other device ??
1) My insight is on your firewall config , as you said already your firewall is servcing for internet with global PATing . so over here your firewall is performing same PATing for your Application HTTP server .
2) To Avoid usage of global PATing , uses access-list based dynamic NATing on your firewall .
If possible post your firewall system configuration it will be greatful for the resolution . This only configuration error ..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...