You have :
- more than one interface configured for different IP networks
- each interface has its own ip-default-gateway on its respective network
- return-to-sender inbound enabled
- a workstation from a remote network sends continuous ICMP PING to the first interface of the ProxySG
As there are more than 1 ip-default-gateway configured, the ProxySG will load balance through all the configured ip-default-gateways.
Note: The return-to-sender setting does not affect ICMP
If response to certain ICMP request must be done from any particular IP gateway, we can get around this by entering a static route for the source subnet via one of the SG gateways.
!- BEGIN networking
interface 0:0 ;mode
ip-address 192.168.101.2 255.255.255.0 <<<<< Network A
interface 1:0 ;mode
ip-address 192.168.102.2 255.255.255.0 <<<<< Network B
ip-default-gateway 192.168.101.1 1 100 <<<<< Default gateway via Network A
ip-default-gateway 192.168.102.1 1 100 <<<<< Default gateway via Network B
When a remote workstation sends continuous ICMP PING requests to 192.168.101.2, ProxySG will send ICMP PING replies via interface 0:0 and interface 1:0. As we assigned an equal weight to both the ip-default-gateways, ProxySG will send ICMP replies via each interface alternately.
If you need ProxySG to reply via a single interface, you can add a static route to the remote workstation through a specific gateway. For example :
SG200#(config)inline static-route-table eof
172.22.22.22 255.255.255.255 10.105.13.1