Clients after nat cannot ping each other's virtual vpn address

[lizeyou0203]

I have a server with a public IP. All clients behind NAT are only configured to connect to this public IP server. Every client after NAT can ping the virtual vpn address of the public IP, but NAT The later client cannot ping the virtual vpn addresses of other clients.

Server configuration with public IP:

device:
type: tap
name: vpncloud%d
path: ~
fix-rp-filter: true
ip: 192.168.18.34
ifup: ~
ifdown: ~
crypto:
password: juuy5534fsa.
private-key: ~
public-key: ~
trusted-keys: []
algorithms: []
listen: "3390"
peers:
peer-timeout: 300
keepalive: ~
beacon:
store: ~
load: ~
interval: 3600
password: ~
mode: normal
switch-timeout: 300
auto-claim: true
claims:

• 192.168.18.0/24
  port-forwarding: true
  pid-file: ~
  stats-file: ~
  statsd:
  server: ~
  prefix: ~
  user: ~
  group: ~
  hook: ~
  hooks: {}

Client 1 configuration:

device:
type: tap
name: vpncloud%d
path: ~
fix-rp-filter: true
ip: 192.168.18.1
ifup: ~
ifdown: ~
crypto:
password: juuy5534fsa.
private-key: ~
public-key: ~
trusted-keys: []
algorithms: []
listen: "3390"
peers:

• 192.168.5.34:3390
  peer-timeout: 300
  keepalive: ~
  beacon:
  store: ~
  load: ~
  interval: 3600
  password: ~
  mode: normal
  switch-timeout: 300
  auto-claim: true
  port-forwarding: true
  pid-file: ~
  stats-file: ~
  statsd:
  server: ~
  prefix: ~
  user: ~
  group: ~
  hook: ~
  hooks: {}

Client 2 configuration:

device:
type: tap
name: vpncloud%d
path: ~
fix-rp-filter: true
ip: 192.168.18.186
ifup: ~
ifdown: ~
crypto:
password: juuy5534fsa.
private-key: ~
public-key: ~
trusted-keys: []
algorithms: []
listen: "3390"
peers:

• 192.168.5.34:3390
  peer-timeout: 300
  keepalive: ~
  beacon:
  store: ~
  load: ~
  interval: 3600
  password: ~
  mode: normal
  switch-timeout: 300
  auto-claim: true
  port-forwarding: true
  pid-file: ~
  stats-file: ~
  statsd:
  server: ~
  prefix: ~
  user: ~
  group: ~
  hook: ~
  hooks: {}

Server status with public IP:
peers:

• "192.168.15.1:3390": { ttl_secs: 254, crypto: CHACHA20 }
• "192.168.5.186:3390": { ttl_secs: 259, crypto: CHACHA20 }
• "192.168.5.1:3390": { ttl_secs: 248, crypto: CHACHA20 }

forwarding_table:
claims:
cache:

peer_traffic:

• peer: "192.168.5.1:3390"
  in: { display: "3 B/s", bytes: 224, packets: 2 }
  out: { display: "1 B/s", bytes: 99, packets: 1 }
• peer: "192.168.15.1:3390"
  in: { display: "3 B/s", bytes: 212, packets: 2 }
  out: { display: "1 B/s", bytes: 99, packets: 1 }
• peer: "192.168.5.186:3390"
  in: { display: "1 B/s", bytes: 113, packets: 1 }
  out: { display: "1 B/s", bytes: 99, packets: 1 }

payload_traffic:

invalid_protocol_traffic: { display: "0 B/s", bytes: 0, packets: 0 }
dropped_payload_traffic: { display: "0 B/s", bytes: 0, packets: 0 }

Client 1 status:
peers:

• "192.168.5.34:3390": { ttl_secs: 245, crypto: CHACHA20 }

forwarding_table:
claims:
- "192.168.18.0/24": { peer: "192.168.5.34:3390", timeout: 245 }
cache:

peer_traffic:

• peer: "192.168.2.186:3390"
  in: { display: "0 B/s", bytes: 0, packets: 0 }
  out: { display: "80 B/s", bytes: 4805, packets: 31 }
• peer: "10.0.4.13:3390"
  in: { display: "0 B/s", bytes: 0, packets: 0 }
  out: { display: "80 B/s", bytes: 4805, packets: 31 }
• peer: "192.168.5.34:3390"
  in: { display: "3 B/s", bytes: 201, packets: 1 }
  out: { display: "2 B/s", bytes: 125, packets: 1 }

payload_traffic:

invalid_protocol_traffic: { display: "0 B/s", bytes: 0, packets: 0 }
dropped_payload_traffic: { display: "0 B/s", bytes: 0, packets: 0 }

The clients can communicate with server smoothly,but can't communicate with other clients
192.168.18.1 can only ping 192.168.18.34
192.168.18.1 cannot ping 192.168.18.186