Here are the few things you need to check while configuring the RA VPN:
++ IPSEC blade enabled.
++ GW object --> VPN client --> Office mode:
> Allow Office Mode to all users.
> Select the Manual Office Pool. If cluster then GW object --> Cluster Member --> Edit GW object --> VPN --> Check the Office Manual Office Mode.
++ GW object --> VPN client --> Remote Access --> Check Support Mode.
++ Ensure Gateway is added in the Remote Access community.
++ "All users*" should be allowed under the same Remote Access community.
++ Encryption domains should be defined then only you all access destination resources over RA VPN.
GW object --> Expand Network Management --> VPN domain --> Set specific domain for community --> Remote access and set the Network group.
++ Access which allows traffic from the Office Mode pool towards the destination which you want to access.
++ Once the user has authenticated check "cmd> route print".
This output should show the destination IP route towards Office Mode IP, which destination IP traffic will go over the VPN towards the gateway.
++ Check Smart console logs for the same connection. It should be allowed on the access rule and under the same you can get an interface where this traffic is handled.
++ Usually you do not need any routing changes but ensure the gateway should be reached destination resources than on RAVPN client can access the resources.