ASA 7.2 5510 portmap translation creation failed for tcp src inside

Hi ive got a NAT problem, the asa shows up a the error: "portmap translation creation failed for tcp src inside" when trying to access a specific lan, here are the network config
INSIDE is 10.21.0.0/24
OUTSIDE is xx.xx.xx.xx
TEMPNET is 192.168.0.0 > NET behind tempnet is 172.1.1.0 /24
The Problem is i have only 2 IPs i can use in Tempnet, so i have to NAT all my internal IPs to 1 IP from the TEMPNET, TEMPNet is provided by another company and got its own router which forwards pakets into several foreign networks, to prevent routing issues (tempnet routers dont know routes into my local net) i need to nat all my local ips to lets say 192.168.1.1.
I added a route for example route tempnet 172.1.1.0 /24 192.168.1.2 (1.2 is the router from the TEMPNET).
Now here are my nat / global / statements:
access-list NAT_TEMP permit ip 10.0.21.0 255.255.255.0 172.1.1.0 255.255.255.0
access-list NAT_ANYDESTINATION permit ip 10.0.21.0 255.255.255.0 any
nat (inside) 1 access-list NAT_ANYDESTINATION
nat (inside) 2 access-list NAT_TEMP
global (inside) 1 interface
global (tempnet) 2 interface

when trying to access 172.1.1.1 i receive the errorcode: portmap translation creation failed..
when i change this:
no nat (inside) 2 access-list NAT_TEMP
no global (tempnet) 2 interface
global (tempnet) 1 interface

it works like a charm, but why isnt it working with the other config, lets say i want to split it more up and work with more then 1 nat rules based on source and destination it wont work, why do i cannot use multiple nat/global statements?

netcrewAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
The way you have it, traffic hits nat rule 1  before rule 2 it always matches rule1

You can try this:
nat (inside) 10 access-list NAT_ANYDESTINATION
nat (inside) 2 access-list NAT_TEMP
global (outside) 10 interface
global (tempnet) 2 interface
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.