You will need to enable Source-NAT on the policy. You can enable logging on the policy to check as well.
Current:
set policy id 12 from "Public" to "Untrust" "Any" "Any" "ANY" permit [log]
Change to:
set policy id 12 from "Public" to "Untrust" "Any" "Any" "ANY" nat src permit [log]
By default, only traffic from "trust" zone is source-NAT'ed if the interface is set to "nat" (set interface ethernet1 nat). For custom zones, the nat/route setting has no effect. Need to explicitly specify NAT.
Hope this helps.
Regards,
Sam