A policy allowing the communication was not installed on the Virtual System. Note that after creating a Virtual System, it has a Default Policy that blocks all traffic.

Install a policy on the Virtual System that enables the traffic. Check with the Logs & Monitor view that the Virtual System is allowing the traffic.

There is the VLAN configuration problem on a switch, or physical cable problem.

Check the switch configuration. Make sure that VLAN tag configured on the switch is the same as used for the Virtual System VLAN interface.

Check the cables, and make sure that you have plugged the cable from the switch to the correct port on the VSX Gateway / VSX Cluster Members.

Incorrect routing on adjacent routers or hosts.

Check the routing tables on intermediate routers and hosts. You can use tcpdump command on the relevant VLAN interface on the VSX Gateway / VSX Cluster Members to make sure that the traffic arrives to and leaves the VSX Gateway / VSX Cluster Members.

Incorrect IP address or net mask defined on the Virtual System VLAN interface.

Check the IP address and the net mask assigned to the Virtual System internal VLAN interface.