I have the following setup for remote access
VPN concentrator public interface connected to the internet; private interface connected to the firewall dmz. The vpn clients get an ip address from the pool which is on the same subnet as the private interface.
VPN clients receive public IP. The internal network is private IP and I have no nat configured for internal network to the DMZ. VPN clients do not have any problem accessing anything. But users on the inside cannot ping the VPN client addresses. The firewall is permitting ICMP. It seems like the concentrator is blocking it. The tunnel default gateway is the DMZ interface of the firewall. The def. gateway is the external router.
Does anyone know why I am not able to ping the client IP addresses from inside?