A simple test - on the policy where you see traffic on one side - enable Source-NAT > Use egress interface IP (under Advanced section of policy config). If this is a routing issue on your internal network, this NAT will serve as a workaround. You can then figure out where th trouble is and fix.
↧