L2TP Server Connected with No Network Access

Hi, I followed this guide: https://help.ubnt.com/hc/en-us/articles/204959404-EdgeMAX-Set-up-L2TP-over-IPsec-VPN-server

To create L2TP Server on EdgeOS 1.9 over Dynamic IP PPPoE.

I sucessful connect the L2TP server, which is the router itself, the internet is ok and I can log into the router itself (192.168.1.1).

But I cannot ping any devices on the network. Is there any wrong with my setup?

vpn {
    ipsec {
        auto-firewall-nat-exclude disable
        ipsec-interfaces {
            interface eth0
        }
        nat-networks {
            allowed-network 0.0.0.0/0 {
            }
        }
        nat-traversal enable
    }
    l2tp {
        remote-access {
            authentication {
                local-users {
                    username paul {
                        password paulwang
                    }
                }
                mode local
            }
            client-ip-pool {
                start 10.10.10.1
                stop 10.10.10.5
            }
            dns-servers {
                server-1 192.168.1.1
                server-2 192.168.1.1
            }
            ipsec-settings {
                authentication {
                    mode pre-shared-secret
                    pre-shared-secret paul830619
                }
                ike-lifetime 3600
            }
            mtu 1492
            outside-address 0.0.0.0
        }
    }
}

firewall {
    all-ping enable
    broadcast-ping disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name VPN {
        default-action accept
        description ""
    }
    name WAN_IN {
        default-action accept
        description "WAN to internal"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action accept
            description "Drop invalid state"
            log disable
            state {
                invalid enable
            }
        }
    }
    name WAN_LOCAL {
        default-action accept
        description "WAN to router"
        rule 10 {
            action accept
            description "Allow L2TP Port 500"
            destination {
                port 500
            }
            log disable
            protocol udp
        }
        rule 20 {
            action accept
            description "Allow L2TP Port 1701"
            destination {
                port 1701
            }
            log disable
            protocol udp
        }
        rule 30 {
            action accept
            description "Allow L2TP Port 4500"
            destination {
                port 4500
            }
            log disable
            protocol udp
        }
        rule 40 {
            action accept
            description "Allow L2TP Protocol ESP"
            log disable
            protocol esp
        }
        rule 50 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 60 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
    }
    options {
        mss-clamp {
            mss 1412
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
}