inside level 100:192.168.10.0,dmz level 50:192.168.100.0, test level 40:192.168.0.0

there is acl:

access-list split extended permit ip 192.168.10.0 255.255.255.0 any

access-list split extended permit ip 192.168.100.0 255.255.255.0 any

access-list split extended permit ip 192.168.0.0 255.255.255.0 any

is this inbound acl?

but,no apply to inside interface(no access-group)

there is dmz, security level 50, inside can access dmz,but unable access security level 40.

An ACL with the name 'split' sounds like it will be used for remote access VPN.

Can you confirm if devices connected to the test interface are receiving packets from he inside interface? Do the devices on the test subnet have the correct subnet mask and gateway address?

ip local pool vpnpool 10.10.10.1-10.10.10.254

!
interface GigabitEthernet0/0
nameif Outside
security-level 0
ip address x.x.x.x 255.255.255.252
!
interface GigabitEthernet0/1
nameif Inside
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface GigabitEthernet0/2
nameif DMZ
security-level 50
ip address 192.168.100.1 255.255.255.0
!
interface GigabitEthernet0/3
nameif Test
security-level 40
ip address 192.168.0.1 255.255.255.0

object network pool
subnet 192.168.0.0 255.255.0.0

object network 192.168.0.11-9802
host 192.168.0.11
object network 192.168.0.11-9803
host 192.168.0.11
object network 192.168.0.11-9804
host 192.168.0.11
object network 192.168.100.88-8999
host 192.168.100.88

access-list Outside-in extended permit tcp any host 192.168.0.11 eq 9802
access-list Outside-in extended permit tcp any host 192.168.0.11 eq 9803
access-list Outside-in extended permit tcp any host 192.168.0.11 eq 9804
access-list Outside-in extended permit tcp any host 192.168.100.88 eq 8999

object network 192.168.0.11-9802
nat (Test,Outside) static interface service tcp 9802 9802
object network 192.168.0.11-9803
nat (Test,Outside) static interface service tcp 9803 9803
object network 192.168.0.11-9804
nat (Test,Outside) static interface service tcp 9804 9804
object network 192.168.100.88-8999
nat (DMZ,Outside) static interface service tcp 8999 8999

nat (Inside,Outside) after-auto source dynamic any interface
nat (Test,Outside) after-auto source dynamic any interface
access-group Outside-in in interface Outside

thanks!

You can always run the Packet Tracer to see what is blocking traffic. Packet Tracer is available in ASDM and you can also run it from CLI.

You can search for Packet Tracer.

Bhaggu

packet tracer

from 192.168.10.26, in inside network 

to 192.168.0.181,in test network,why destination is outside?

It seems that your Gig 0/3 (TEST) is not up or having some issue. Can your post the output of 

Show route 

Show int ip brief

Show nameif 

Sorry for delayed response.

Bhaggu 

bhargavdesaith,thanks

test interface is up, public ip can access host which in test network.(port forward).

please see attach file

Can you post packet tracer log from SSH session. Moreover is there any Firepower PBR or other thing is picture. 

packet-tracer input Inside tcp 192.168.10.26 12345 192.168.0.181 9804 detailed

We need to know that is causing the destination to be on OUTSIDE rather than more specific TEST interface. 

Bhaggu.

object network vpndest1
subnet 192.168.0.0 255.255.255.0

there is definition in asa

nat (DMZ,Outside) source static vpnsource vpnsource destination static vpndest1

According to the output the below rule may be causing issue.

nat (Inside,Outside) source static vpnsource1 vpnsource1 destination static vpndest1 vpndest1

Can you just share full configuration or try disabling the above NAT rule. 

Bhaggu