I’m working in a case with I am using a VPN IPsec between two sites
Site 1

• Public IP : 195.1.1.1
• VPN LAN IP 1 : 10.28.x.0/24
• VPN LAN IP 2 : 10.28.y.0/21

Site 2

• Public IP: 51.2.2.2

• Pfsense Virtual Network : 10.29.183.192/26
          o Internal IP : 172.16.0.14
          o Virtual IP 1 : 10.29.183.193
          o Virtual IP 2 : 10.29.183.194

• LAN IP : 172.16.0.0/16
          o Server 1 : 172.16.0.8

• The  VPN corrects correctly

• The server 1 (172.16.0.8 ) and the server 2 (172.16.0.11) can ping the Pfsense Virtual Network : 10.29.183.192/26 I have added the route

• When I’m connect on the Pfsense console (Site 2), I can ping
          o the VPN LAN on the site 1
          o the 172.16.0.0 on the site 2

• On the server I have rewritten the routes :

• Persistent Routes:
    Network Address          Netmask  Gateway Address  Metric
        10.28.x.0    255.255.255.0      172.16.0.14      1
        10.28.y.0    255.255.248.0      172.16.0.14      1
            0.0.0.0          0.0.0.0        x.x.x.x   Default
      10.29.183.192  255.255.255.192    172.16.0.14      1

The NAT 1:1 is enable

But the server 1 (172.16.0.8 | site 2) can’t ping a server in the site 1.
Have you any idea ?