Cant access to ipsec vpn tunnel from pc/vlan (but from firewall i can ping it)

Check the packet capture of this firewall, if the correct firewall rule hits and the traffic is routed. 

the problem is, we dont see a packet in the log when we ping or want to access the vpn.

If packet capture do not see any packets, basically the firewall does not see the packet. Seems like this issue is not a firewall issue, instead a VLAN / Switch issue. Packet capture is a filter on the interface. Basically before anything else can alter the packet. Therefore check the switch ,if there is a invalid VLAN config. 

but why is this only on vpn ipsec? all is working fine in the vlan! SSL VPN is working fine. But for this solution is ipsec needed.

I cannot see the relationship between those? If the Firewall does not see packets, as you mentioned, the client is not sending it to the firewall. There is a reason behind this, you should figure out, which does not seems to be related to the firewall.

Of course this is only true, if the packet capture does not show any packets at all. This is the first step to check. 

I cannot see the relationship between those? If the Firewall does not see packets, as you mentioned, the client is not sending it to the firewall. There is a reason behind this, you should figure out, which does not seems to be related to the firewall.

Of course this is only true, if the packet capture does not show any packets at all. This is the first step to check. 

ok maybe i told wrong.

we see a packet. 

it says allowed when we ping. But the ping self says all packet lost in the cmd console.

This is a different story. 

Check Firewall Rule 29 and NAT Rule 39. What are those rules doing? 

The Firewall rule says in and outbound traffic from the vpn to the vlan (and then vlan to vpn). the NAT rule says allow all via masq!

Is this capture of the logviewer or packet capture? You should check the packet capture. 

this was log viewer. Yeah, thats the problem. I dont see a packet in packet capture with destination ip 10.0.0.10 or from the source ip bound to the destination ip.

Do it with the BPF String ICMP: 

made it, and dont find any record. thats strange. why we dont see any package.

In general the firewall should ping once every 60 seconds. You do not even see those packets? 

this is what i see

You can read this from bottom to top. So the packet arrives and there is a packet leaving. This looks from this perspective fine to me? 

If you are able to use the CLI, check the tcpdump as well. tcpdump -ni any icmp    Check the ICMP status codes and the interfaces used.