Hi
Here is the output of the debug
Thanks for your assistance.
==============================================
van-pbhk-r-> get db st
****** 810422.0: <Trust/bgroup0> packet received [52]******
ipid = 20411(4fbb), @03940450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63742->10.0.20.33/443,6<Root>
no session found
flow_first_sanity_check: in <bgroup0>, out <N/A>
[ Dest] 7.route 192.168.16.110->0.0.0.0, to bgroup0
chose interface bgroup0 as incoming nat if.
flow_first_routing: in <bgroup0>, out <N/A>
search route to (bgroup0, 192.168.16.110->10.0.20.33) in vr trust-vr for vsd-0/flag-0/ifp-null
cached route 19 for 10.0.20.33
[ Dest] 19.route 10.0.20.33->216.18.65.50, to ethernet0/0
routed (x_dst_ip 10.0.20.33) from bgroup0 (bgroup0 in 0) to ethernet0/0
policy search from zone 2-> zone 1
policy_flow_search policy search nat_crt from zone 2-> zone 1
RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 10.0.20.33, port 443, proto 6)
No SW RPC rule match, search HW rule
swrs_search_ip: wildcard pid/index 18/0, hw pid/index 1/7
swrs_search_ip: policy matched id/idx/action = 18/0/0x9
Permitted by policy 18
found reversed mip/vip 216.18.65.49 for 192.168.16.110 (on ethernet0/0)
hip xlate: 192.168.16.110->216.18.65.49 at ethernet0/0 (vs. ethernet0/0)
choose interface ethernet0/0 as outgoing phy if
no loop on ifp ethernet0/0.
session application type 49, name None, nas_id 0, timeout 1800sec
service lookup identified service 0.
flow_first_final_check: in <bgroup0>, out <ethernet0/0>
existing vector list 3-4293f2c.
Session (id:6448) created for first pak 3
flow_first_install_session======>
route to 216.18.65.50
cached arp entry with MAC 00d0c0a9b400 for 216.18.65.50
arp entry found for 216.18.65.50
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800800, tunnel ffffffff, rc 1
outgoing wing prepared, ready
handle cleartext reverse route
search route to (ethernet0/0, 10.0.20.33->192.168.16.110) in vr trust-vr for vsd-0/flag-3000/ifp-bgroup0
cached route 7 for 192.168.16.110
[ Dest] 7.route 192.168.16.110->192.168.16.110, to bgroup0
route to 192.168.16.110
cached arp entry with MAC 002264f869f8 for 192.168.16.110
arp entry found for 192.168.16.110
ifp2 bgroup0, out_ifp bgroup0, flag 00800801, tunnel ffffffff, rc 1
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp ethernet0/0
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810422.0: <Trust/bgroup0> packet received [52]******
ipid = 20421(4fc5), @03950450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63743->10.0.20.33/443,6<Root>
no session found
flow_first_sanity_check: in <bgroup0>, out <N/A>
[ Dest] 7.route 192.168.16.110->0.0.0.0, to bgroup0
chose interface bgroup0 as incoming nat if.
flow_first_routing: in <bgroup0>, out <N/A>
search route to (bgroup0, 192.168.16.110->10.0.20.33) in vr trust-vr for vsd-0/flag-0/ifp-null
cached route 19 for 10.0.20.33
[ Dest] 19.route 10.0.20.33->216.18.65.50, to ethernet0/0
routed (x_dst_ip 10.0.20.33) from bgroup0 (bgroup0 in 0) to ethernet0/0
policy search from zone 2-> zone 1
policy_flow_search policy search nat_crt from zone 2-> zone 1
RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 10.0.20.33, port 443, proto 6)
No SW RPC rule match, search HW rule
swrs_search_ip: wildcard pid/index 18/0, hw pid/index 1/7
swrs_search_ip: policy matched id/idx/action = 18/0/0x9
Permitted by policy 18
found reversed mip/vip 216.18.65.49 for 192.168.16.110 (on ethernet0/0)
hip xlate: 192.168.16.110->216.18.65.49 at ethernet0/0 (vs. ethernet0/0)
choose interface ethernet0/0 as outgoing phy if
no loop on ifp ethernet0/0.
session application type 49, name None, nas_id 0, timeout 1800sec
service lookup identified service 0.
flow_first_final_check: in <bgroup0>, out <ethernet0/0>
existing vector list 3-4293f2c.
Session (id:7941) created for first pak 3
flow_first_install_session======>
route to 216.18.65.50
cached arp entry with MAC 00d0c0a9b400 for 216.18.65.50
arp entry found for 216.18.65.50
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800800, tunnel ffffffff, rc 1
outgoing wing prepared, ready
handle cleartext reverse route
search route to (ethernet0/0, 10.0.20.33->192.168.16.110) in vr trust-vr for vsd-0/flag-3000/ifp-bgroup0
cached route 7 for 192.168.16.110
[ Dest] 7.route 192.168.16.110->192.168.16.110, to bgroup0
route to 192.168.16.110
cached arp entry with MAC 002264f869f8 for 192.168.16.110
arp entry found for 192.168.16.110
ifp2 bgroup0, out_ifp bgroup0, flag 00800801, tunnel ffffffff, rc 1
flow got session.
flow session id 7941
flow_main_body_vector in ifp bgroup0 out ifp ethernet0/0
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810425.0: <Trust/bgroup0> packet received [52]******
ipid = 20466(4ff2), @038d2c50
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63742->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810425.0: <Trust/bgroup0> packet received [52]******
ipid = 20470(4ff6), @038e7450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63743->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 7941
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810431.0: <Trust/bgroup0> packet received [48]******
ipid = 20580(5064), @03883450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63742->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810431.0: <Trust/bgroup0> packet received [48]******
ipid = 20584(5068), @0389c450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63743->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 7941
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810443.0: <Trust/bgroup0> packet received [52]******
ipid = 20786(5132), @03863450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63744->10.0.20.33/443,6<Root>
no session found
flow_first_sanity_check: in <bgroup0>, out <N/A>
[ Dest] 7.route 192.168.16.110->0.0.0.0, to bgroup0
chose interface bgroup0 as incoming nat if.
flow_first_routing: in <bgroup0>, out <N/A>
search route to (bgroup0, 192.168.16.110->10.0.20.33) in vr trust-vr for vsd-0/flag-0/ifp-null
cached route 19 for 10.0.20.33
[ Dest] 19.route 10.0.20.33->216.18.65.50, to ethernet0/0
routed (x_dst_ip 10.0.20.33) from bgroup0 (bgroup0 in 0) to ethernet0/0
policy search from zone 2-> zone 1
policy_flow_search policy search nat_crt from zone 2-> zone 1
RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 10.0.20.33, port 443, proto 6)
No SW RPC rule match, search HW rule
swrs_search_ip: wildcard pid/index 18/0, hw pid/index 1/7
swrs_search_ip: policy matched id/idx/action = 18/0/0x9
Permitted by policy 18
found reversed mip/vip 216.18.65.49 for 192.168.16.110 (on ethernet0/0)
hip xlate: 192.168.16.110->216.18.65.49 at ethernet0/0 (vs. ethernet0/0)
choose interface ethernet0/0 as outgoing phy if
no loop on ifp ethernet0/0.
session application type 49, name None, nas_id 0, timeout 1800sec
service lookup identified service 0.
flow_first_final_check: in <bgroup0>, out <ethernet0/0>
existing vector list 3-4293f2c.
Session (id:6448) created for first pak 3
flow_first_install_session======>
route to 216.18.65.50
cached arp entry with MAC 00d0c0a9b400 for 216.18.65.50
arp entry found for 216.18.65.50
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800800, tunnel ffffffff, rc 1
outgoing wing prepared, ready
handle cleartext reverse route
search route to (ethernet0/0, 10.0.20.33->192.168.16.110) in vr trust-vr for vsd-0/flag-3000/ifp-bgroup0
cached route 0 for 192.168.16.110
add route 7 for 192.168.16.110 to route cache table
[ Dest] 7.route 192.168.16.110->192.168.16.110, to bgroup0
route to 192.168.16.110
cached arp entry with MAC 000000000000 for 192.168.16.110
add arp entry with MAC 002264f869f8 for 192.168.16.110 to cache table
arp entry found for 192.168.16.110
ifp2 bgroup0, out_ifp bgroup0, flag 00800801, tunnel ffffffff, rc 1
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp ethernet0/0
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810446.0: <Trust/bgroup0> packet received [52]******
ipid = 20804(5144), @03909c50
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63744->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
****** 810452.0: <Trust/bgroup0> packet received [48]******
ipid = 20813(514d), @03946450
packet passed sanity check.
flow_decap_vector IPv4 process
bgroup0:192.168.16.110/63744->10.0.20.33/443,6<Root>
existing session found. sess token 3
flow got session.
flow session id 6448
flow_main_body_vector in ifp bgroup0 out ifp N/A
flow vector index 0x3, vector addr 0x1ff2a38, orig vector 0x1ff2a38
post addr xlation: 216.18.65.49->10.0.20.33.
=================================================