Source NAT is configured and it's not possible to ping an external interface from an internal host.
Cause
Pinging from an internal host to an external interface when using source NAT is an incorrect test method. Packets are dropped since the source address is the external address of the firewall and the destination address is the same. Packets are dropped by a security measure called a LAND attack.
In the CLI, global counters can reveal any LAND attacks caused by misconfigured NAT rules :
> show counter global filter packet-filter yes | match nat_land
flow_policy_nat_land drop Session setup: source NAT IP allocation result in LAND attack
Resolution
Create Address Object for External IP.
2. Create a rule with No Translation for traffic destined for that IP Address.