L2TP after dialed can’t access the internal network segment, can only ping the virtual template address.
Check the configuration of the client, found the virtual template located area is different from the internal network located area, and hasn’t opened the accessing policy between the two areas, there are two solutions:
1, add the virtual template into the turst area (it is in the same area with internal network)
2, develop accessing policy between the virtual template located area and internal network located area.
The possible reasons are as follows:
1, hasn’t opened the access policy of the inter domain.
2, the virtual template is added to the wrong security area.
3, the internal network equipment fault.