Thanks for the network diagram, this is much clearer now.
Is your default gateway the FW or the cisco router for the devices in the site?
Ideally, you do NOT want to have two routers in the same LAN as devices as indicated in your diagram. There should be one router for ingress/egress to the device LAN and the two routers should have a routed link between them to insure symmetrical routing for all flows in and out of the LAN.
The blocked traffic is dropped because you have asymmetrical sessions on the FW. On the NS side you probably have disabled the check for symmetrical sessions, which is a bad idea that lowers the security of the FW inspections.
Basically, you have two choices:
1-Connect one router to the LAN
Whichever device is the default gateway should be the only one connected to the LAN (preferably the FW.
Then move the cable from the Cisco from the LAN to a port on the FW and setup a routed link between them.
Add routes on the FW and Cisco so that the correc traffic passes these links.
All traffic will
2-Modify all the hosts in the LAN with static routes
If keep both routers in the LAN, all the hosts will need static routes pointing to the non-default gateway device for the appropriate routes. This will insure they do not send this traffic to the default gateway then over to the router but to the correct router directly.