cant ping from VPN concentrator

Obvious questions are:  What changed?  What have you done to try to resolve it?  When you did that, what happened?  

only an admin password - nothing that i know of. if i vpn in and tracert to a  remote subnet it routes the packets out the public interface when it should goto the default router 172.16.1.1 not 4.x.x.x.
From the 172.16.1.1 router you can get to anything.

If you look at how it really operates, tracert is basically a hack.  It does not follow the VPN path.  And, it many cases, it offers a best guess of the path.  It is a good troubleshooting tool, but don't believe everything it tells you, especially when looking at a VPN.

You say this happened all of a sudden.  I assume from that statement that what isn't working now was working before it suddenly didn't.  Something changed to make thsi happen.

Why don't you connect, do a "ipconfig /all" and past the results here.  Do the same with "route print".  That could get us started.

ok we figured it out - i was locking down routers last week and i disabled proxy arp on the router next to the vpn. i have static routes that were pointing to the destination as "interface" so we changed it to "router address" under "configuration"  "static routes" and we were back up agin.
i had to open a TAC case - i would have never put those two together.
thanks for the replys.