Cisco’s best practice is to only configure PERMIT ACE’s.
The same configuration is used for hosts to originate a connection to the mapped address. If a host on the 220.127.116.11/28 network initiates the connection to 192.168.1.22, that that host becomes the source.
One last thing. If you want to translate /24 networks, the ASA will translate the .0 and .255 addresses. To prevent this, make sure you configure an ACL to deny access.
For example, the following policy static NAT example shows a single REAL address that is translated to two MAPPED addresses depending on the destination address:
The following translates the REAL address 10.1.1.22 to the MAPPED address 18.104.22.168 when 10.1.1.22 sends traffic to the 22.214.171.124/28 network.
The following also translates the REAL address 10.1.1.22 to the MAPPED address 126.96.36.199 when 10.1.1.22 sends traffic to the 188.8.131.52/28 network: