I am able to connect to the VPN successfully, and I am able to ping all the default gateways for each VLAN. However, I do not see any pattern with what I can ping and what I cannot. I can ping a few clients in VLAN 100, and a few in 200. The few that I can ping are laptops, desktops, mobile phones, APs, etc. But I also cannot ping a few desktops, laptops (of the same model and OS).
For example, right now I am trying to remote desktop from a VPN client into a wired windows desktop on VLAN 100. I allowed remote desktop connections on the windows machine. I can remote into it from another windows machine on the same VLAN, but not from the VPN client.
I just barely implemented this network less than a week ago, so I have not added any firewall rules. All connections between SSIDs are allowed. Is there something else I can check for?