L2TP VPN can't connects but access LAN or WAN via browser or RDP

Question

I have created an L2TP VPN. I can connect to it and authenticate successfully using the the Microsoft VPN setup in Windows 7 and 10. From the client on the VPN I can ping servers and the XG's LAN interface. However I cannot access the LAN interface on the XG, a web app on an internal server or RDP to any internal servers. I did create the following firewall rules: 
 Source=VPN/Any; Destination=LAN Any; Service=Any Source=LAN/Any; Destination=VPN Any; Service=Any Source=VPN/Any; Destination=WAN Any; Service=Any 
 I also set up device access for the GUI from the VPN: 
 Device access VPN/HTTPS and matches the rest of the settings for the LAN access. 
 I have spet a week trying various things from the forum, with no luck. Can someone please help me? 
 
 Thank you very much.

sachingurung · Answer

Hi Mathew, 
 Did you capture any drop logs verifying #1 in the guide? The FW-rule comes into picture after the connection hence, we will concentrate on establishing a connection with the XG first. 
 Follow these points and let me know if they help: 
 1. As the XG is behind a NAT device can you configure the Local L2TP port to * and the remote L2TP port to 1701. Back in the day, this was one of the workarounds to a bug-faced in Cyberoam. 
 2. Change the L2TP policy from Default to AES128_MD5. Read my answer in this post : https://community.sophos.com/products/xg-firewall/f/vpn/78308/problem-connecting-to-l2tp-vpn-from-android 
 Alongside, remove MASQ in the rule id 8. 
 If nothing helps then, I would like to see the internal settings of the L2TP adapter on the system trying to connect. Also, show me L2TP logs from the shell. 
 Thanks