When the VPN shows online, but you cannot access the host on the remote network, here's are some troubleshooting tips.
First, ping requests might be blocked by the PC's firewall by default, and that might be the reason why we couldn't get ping replies. Try some other hosts on the remote network or change the PC's firewall settings.
You can see the router's routing table at Diagnostics > Routing Table. In the routing table of, we need to have the route to the remote LAN network via interface VPN.
If there's no correct routing to the remote network, please check the TCP/IP Network Settings in the VPN profile.
If a PC has more than one network interface, the traffic might be sent to the interface not connecting to the router, and therefore will not go through the VPN and reach the remote network. To verify if the traffic is sending to the right interface, we may use command “tracert” to see if the first hop is the IP of the router. If it's not, you will need to add a route on the PC manually.
Check both the VPN peer routers' firewall settings and see if there's something that may block the traffic from or to the remote network. We may also disable Data Filter on both routers for a try.
Check Route Policies and Static Routes on both VPN peers and see if the router might send the traffic to another interface rather than the VPN. We may also disable Route Oolicy for a try.
Please note that if the IP of Local Network and Remote VPN Network are the same, we should translate them before establishing a VPN, or it will cause a routing conflict. (See the article here for detailed instructions.)
Please note that IPsec with AH cannot pass through NAT, so if any of the routers is behind NAT, it is necessary to create the IPsec tunnel with ESP instead.
Was this helpful?