You won't have checksums at all when capturing on any host with hardware checksum offloading enabled. That's added by the NIC right before it hits the wire. It's normal (Wireshark even gives you a note as such). You do have the correct checksum there, 0x0000 is what it really is at that stage. With a 96 byte snap length you will get the full IP and TCP headers (plus some), which will have the full checksums.
So the second capture shows the firewall is sending all those packets out of LAN that disappear somewhere. Short of the checksum that gets added by the hardware, what you're capturing on LAN is what is on the wire. It's passing it to the internal host.
Those captures show it's more than just large packets not getting through, SYNs are even getting retransmitted multiple times. Unless you had some odd filter on that capture, you have some broken routing somewhere. Note there is no traffic going from 192.168.200.16 back to any outside IP on that LAN capture. Which probably means that host's default gateway is set to something else, which isn't going to work correctly.