Router configuration is that:
[USG2100]ip route-static 192.168.2.0 24 Ethernet 1/0/0 172.16.0.2
[USG2100]ip route-static 192.168.3.0 24 Ethernet 1/0/0 172.16.0.2
Layer 3 switch has default router to the firewall gateway, and PC has his gateway. The PC between two network segment fail to ping on firewall, and the PC fails to ping firewall.
We find that the customer’s internal network is the vlanif interface. But the router adds the layer 2 physical interface. You can solve the problem by deleting the outbound interface of the router or change the layer 2 interface to layer 3 interface on vlanif .