This is a bit complicated so let me layout my setup first. I have a 5510 ASA for my firewall. On it I have the following interfaces configured:
Outside - x.x.x.x
Inside - 192.168.200.210
DMZ1 - 192.168.0.1
This is a list of my routes:
Gateway of last resort is x.x.x.x to network 0.0.0.0
S 192.168.211.0 255.255.255.0 [1/0] via 192.168.200.4, Inside
C x.x.x.x y.y.y.y is directly connected, Outside
C 127.0.0.0 255.255.0.0 is directly connected, cplane
S 192.168.216.0 255.255.255.0 [1/0] via 192.168.200.4, Inside
S 10.10.0.0 255.255.0.0 [1/0] via 192.168.200.4, Inside
C 192.168.0.0 255.255.255.0 is directly connected, DMZ1
S 192.168.50.0 255.255.255.0 [1/0] via 192.168.200.4, Inside
S 192.168.100.0 255.255.255.0 [1/0] via 192.168.200.4, Inside
S* 0.0.0.0 0.0.0.0 [1/0] via 188.8.131.52, Outside
C 192.168.200.0 255.255.248.0 is directly connected, Inside
S 192.168.16.0 255.255.248.0 [1/0] via 192.168.200.4, Inside
192.168.200.4 is my LAN gateway router (Cisco 2811) and these are its directly connected networks:
C 192.168.216.0/24 is directly connected, Loopback0
C 192.168.50.0 is directly connected, FastEthernet0/1
C 192.168.200.0/21 is directly connected, FastEthernet0/0
I'm trying to get traffic to pass from my DMZ (specifically 192.168.0.25) to 192.168.50.2 which is a directly connected network on my GW router. Access-lists are correct and increment on the expected lines when I try to pass traffic. What I believe is happening is that when 192.168.0.25 tries to ping 192.168.50.2 the ASA is passing the traffic out the Outside interface into the world instead of routing it through to my GW router as defined in the ASA static routes.
I don't have a problem with accessing any of the resources that reside in other networks that are defined by the static routes. During one test I did get the following alert from my Cisco MARS device that provided some insight to the fact that the ASA is routing the traffic out the default route instead of the static route.
"No ARP for host. Routing failed to locate next hop for icmp from NP Identity Ifc:192.168.0.1/0 to DMZ1:192.168.50.2/0"