Re: Internal cannot reach internet

Hello pradkm,

The real settings as below 

ethernet0/4, DMZ, IP 10.10.20.1

A computer with IP 10.10.20.2

When ping 8.8.8.8 from 10.10.20.2. get session show below logs

SSG140(M)-> get session src-ip 10.10.20.2
alloc 813/max 48064, alloc failed 0, mcast alloc 0, di alloc failed 0
total reserved 0, free sessions in shared pool 47251
Total 31 sessions according filtering criteria.
id 41497/s**,vsys 0,flag 00000040/0000/0001/0000,policy 50,time 5, dip 0 module 0
 if 8(nspflag 800801):10.10.20.2/27->8.8.8.8/2251,1,0050568af8c4,sess token 13,vlan 0,tun 0,vsd 0,route 25
 if 22(nspflag 800800):10.10.20.2/27<-8.8.8.8/2251,1,54e03296dbc1,sess token 4,vlan 0,tun 0,vsd 0,route 1
id 41698/s**,vsys 0,flag 00000040/0000/0001/0000,policy 50,time 6, dip 0 module 0
 if 8(nspflag 800801):10.10.20.2/31->8.8.8.8/2251,1,0050568af8c4,sess token 13,vlan 0,tun 0,vsd 0,route 25
 if 22(nspflag 800800):10.10.20.2/31<-8.8.8.8/2251,1,54e03296dbc1,sess token 4,vlan 0,tun 0,vsd 0,route 1
id 42014/s**,vsys 0,flag 00000040/0000/0001/0000,policy 50,time 5, dip 0 module 0

directly ping from gateway interface by "ping 8.8.8.8 from ethernet0/4" failed too.

According to route id

route 1 is the default route

--------------------------------------------------------------------------------------
         ID          IP-Prefix      Interface         Gateway   P Pref    Mtr     Vsys
--------------------------------------------------------------------------------------
*         1          0.0.0.0/0      ethernet0/0  123.123.123.123  SP   20      1     Root

route 25 is auto created by SSG itself when I enabled the ethernet0/4

--------------------------------------------------------------------------------------
         ID          IP-Prefix      Interface         Gateway   P Pref    Mtr     Vsys
--------------------------------------------------------------------------------------
*        25      10.10.20.0/24         eth0/4         0.0.0.0   C    0      0     Root