Change the TCP-MSS value. The fault persists.
Access www.baidu.com and capture packets.
No HTTP Response packet is received.
Check session information.
http VPN:public --> public
Zone: trust--> untrust TTL: 00:10:00 Left: 00:09:58
Interface: GigabitEthernet0/0/1 NextHop: 18.104.22.168 MAC: 00-23-ff-21-4d-ae
<--packets:1 bytes:52 -->packets:6 bytes:252
The routes are sent through the next hop of 22.214.171.124.
Check whether the PBR is matched. Modify the PBR configuration, and the fault is rectified.