Did you set , in the zeroshell , the Default GW as 192.168.194.1 ? I’ve just tried a config like yours , but instead of a pc , I used an alix board , and the 2960 , with a soft config…
int range fa0/1 – 10 , switchport mode access , switchport access vlan 1 , spanning tree portfast
int range fa0/11 – 24 , switchport mode access , switchport access vlan 2 , spanning tree portfast
int gi0/1 switchport mode trunk.
on fa0/1 is linked my router connected to the internet , (192.168.194.1) from fa0/2 till fa0/10 some hosts member of the internal network (192.168.194.0/24) , on gi0/1 is linked the zeroshell ( ETH00 , 192.168.194.2 and ETH00.2, 192.168.20.1) , I enabled the dhcp on ETH00.2 in zeroshell , enabled nat on ETH00 , setted the default router as 192.168.194.1 ,
Fw policy all default , only add , in forward chain ,
in ETH00.2 out ETH00 proto all s. ip 192.168.20.0/24 d. ip 192.168.194.0/24 action DROP
then I connected a laptop in a vlan2 port of the catalyst , I obtained the correct ip address from the zeroshell , I’m able to surf, ping the internet , but no access to the vlan 1