Hi, Basically, on MX you should set a static route for all internal networks to point to the internal L3 switch. On the internal switch side, you should set a static route for the client VPN subnet to point to the MX IP. In this way, you could have two-way traffic between client VPN subnet and the internal subnet.
... View more
