We have a network that consist of the following networks
10.247.32.0/255.255.240.0
10.247.16.0/255.255.240.0
10.247.0.0/255.255.240.0
10.150.0.0/255.255.255.0

Vpn clients have the following
10.247.50.0/255.255.255.0

The routing table is as following when connecting ping 10.150.0.50 throw
vpn.
10.247.0.2 bm 3.8
10.247.0.1
10.247.32.2
10.151.253.251 (linux firewall).
10.150.0.50

Our problem is that servers on the network 10.150.0.0 are able to ping
the vpn clients.
These clients are not able to ping the servers on the 10.150.0.0 net
unless nat is enabled on the private interface of the bm 3.8 server. The
problem is that we canít access resources directly on the internet when
not enabling nat on the public interface.