Enable host-inbound-traffic on all security zones. Security rule for host inbound traffic is required only when the incoming interface is not the destination of the traffic. I.e you are trying to ping B zone interface but the traffic is coming via A zone interface. In this case you need security policy from A zone to B which allows the traffic and host-inbound-traffic on B zone also should be allowed.
Thanks, Nellikka JNCIE x3 (SEC #321; SP #2839; ENT #790) Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!