Customer said that they used our vpn client l2tp dial successful, but can’t ping any headquarter address.
Check the client, it has added the internal network segment’s routing.
Check the lns configuration, found there is no stopped policy.
At last in the configuration found that the address pool of l2tp is the same with the address pool of ssl vpn network expansion. Change the l2tp address pool network segment, dialing to access internal network successfully and can ping vt port’s IP.
Doubt it is that the client didn’t add routing or the firewall’s policy stopped.
The different vpn’s address pool must be set in different network segment.