For the ip address pool you are entering a range of addresses.
These addresses are used on the client at connect time and will be the source address of those internet requests that are not currently working.
So we need to create a policy with source nat interface from all the possible addresses you put there to any untrust address with source nat interface enabled on the policy.
You need to create an address object with a subnet that covers every possible address in the pool. Then use this as the source on that policy.