Hello guys, I have a problem that I can't solve, has anyone seen this scenario.

RB1 (OpenVPN Server)
RB2 (Tunnel with RB1)
VPN Client (HomeOffice)

IPSEC tunnel between (RB1)OFFICE1 and (RB2)OFFICE2 Established and communicating, Lan Office1 communicates with Lan Office2

Problem: Office 1 connection through VPN cannot see Office2 LAN

Hi, I think you should check for NAT: If RB1 or RB2 is performing NAT (Network Address Translation) on the traffic between the LANs of Office1 and Office2, this could be causing the issue. Make sure that NAT is not interfering with the traffic between the VPN client and the LAN of Office2.

The two Routers, have their respective NAT with the internet.
I created a NAT rule accepting everything that is 172.19.25.0/24 into my Office2 LAN network 10.1.101.0/24, but it didn't work.
I also put the transmission of packets 10.1.101.0/24 to OpenVPN 172.19.25.0/24 within the same PEER on both sides of the connection, even so it did not work

IPSEC tunnel between the 2 offices must know the subnet 172.19.25.0/24 in its IPSEC policies
also
in both offices Must need to have NAT exceptions for traffic towards Remote LAN's

I believe it is already that way, I did not understand the issue of the NAT Exception.
Basically my configuration is like this but it doesn't work

RB1 > IPSEC > Policies
PEER To RB2 > Local Lan RB1 to Local Lan RB2
PEER to RB2 > Local Lan OpenVPN Server to Local Lan RB2
IP > Firewall > NAT > SRC LAN RB1 > DST LAN RB2 > Accept
IP > NAT > SRC LAN VPN > DST LAN RB2 Accept

RB2 > IPSEC > Policies
PEER to RB1 > Local Lan RB2 to Local Lan RB1
PEER to RB1 > Local Lan RB2 to Local Lan VPN
IP > Firewall > NAT > SRC LAN RB2 > DST LAN RB1 > Accept
IP > NAT > SRC LAN RB2 > DST LAN VPN Accept

you can try viewing in connection tracking or by putting a raw passthrough rule on r2 to see how far are you going ie If you don't see anything on r2 it means that is not leaving r1, and start from there. raw rule will be earlier in case that is a filter issue

in openvpn are you pushing routes or just a default?

VPN traffic is not leaving my RB1 to RB2.
On the other hand, I can only see the RB's local network, I can't see the VPN's local network.
Every time I try to ping it, it fails.
My VPN configuration is default, I don't have any route configured

I believe I have managed to solve it this way.
Before I couldn't ping VPN LAN to Remote LAN
After I put the Route inside the Secret in PPP I got ping. But I don't know if it's the correct solution, because when I removed the Secrets route I continued to ping without problems.
In my service, if I put the route and it dripped, as soon as I removed it, it was supposed to stop communicating, but it continued communicating.
As soon as I connect I can see an automatic wheel being created, Dst Address: Remote LAN and Gateway VPN user connected.
My question is, is it correct that way, is there any way to say that all VPN traffic has to be routed to the remote LAN at the other end of the IPSEC?