After setting up ocserv(openconnect server),I cannot access the external network.how to fix it?

After setting, anyconnect can connect successfully, but cannot access google.com. How to fix this problem? Or how to troubleshoot this problem?Below is the server configuration information and service status I deployed.

root@xxx:~# ufw statusStatus: inactive

Routing table when connection is successful

default via 181.214.136.1 dev eth0 proto static10.12.0.86 dev vpns0 proto kernel scope link src 10.12.0.1181.214.136.0/24 dev eth0 proto kernel scope link src 181.214.136.245

Network card information

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host       valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000    link/ether bc:24:11:ba:a9:68 brd ff:ff:ff:ff:ff:ff    altname enp0s18    altname ens18    inet 181.214.136.245/24 brd 181.214.136.255 scope global eth0       valid_lft forever preferred_lft forever    inet6 2a12:f8c1:50:8::1124/64 scope global       valid_lft forever preferred_lft forever    inet6 fe80::be24:11ff:feba:a968/64 scope link       valid_lft forever preferred_lft forever17: vpns0: <POINTOPOINT,UP,LOWER_UP> mtu 1392 qdisc fq state UNKNOWN group default qlen 500    link/none    inet 10.12.0.1 peer 10.12.0.86/32 scope global vpns0       valid_lft forever preferred_lft forever    inet6 fe80::ef03:f3a7:d7ab:dd7c/64 scope link stable-privacy       valid_lft forever preferred_lft forever

ocserv log

Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* suggesting DPD of 300 secsAug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* configured link MTU is 1420Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* peer's link MTU is 1500Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* sending IPv4 10.12.0.86Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* adding DNS 8.8.8.8Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* adding DNS 1.1.1.1Aug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* adding special split DNS for AppleAug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* Link MTU is 1420 bytesAug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* selected DTLS compression method lzsAug 08 06:08:23 adolph ocserv[72628]: worker[passfirewall]: *.*.*.* selected CSTP compression method lzs

ocserv config

auth = "plain[passwd=/etc/ocserv/ocpasswd]"enable-auth = "certificate"tcp-port = 443run-as-user = nobodyrun-as-group = daemonsocket-file = /run/ocserv.socketserver-cert = /root/.acme.sh/passfirewall.xyz_ecc/passfirewall.xyz.cerserver-key = /root/.acme.sh/passfirewall.xyz_ecc/passfirewall.xyz.keyca-cert = /etc/ocserv/cert/ca-cert.pemisolate-workers = truemax-clients = 1024max-same-clients = 0server-stats-reset-time = 604800keepalive = 300dpd = 60mobile-dpd = 300switch-to-tcp-timeout = 25try-mtu-discovery = truecert-user-oid = 0.9.2342.19200300.100.1.1crl = /etc/ocserv/cert/crl.pemcompression = trueno-compress-limit = 256tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-RSA:-VERS-SSL3.0:-ARCFOUR-128"auth-timeout = 240idle-timeout = 1200mobile-idle-timeout = 1800min-reauth-time = 300max-ban-score = 80ban-reset-time = 300cookie-timeout = 300deny-roaming = falserekey-time = 172800rekey-method = ssluse-occtl = truepid-file = /run/ocserv.piddevice = vpnspredictable-ips = truedefault-domain = example.comipv4-network = 10.12.0.0ipv4-netmask = 255.255.255.0dns = 8.8.8.8dns = 1.1.1.1ping-leases = falsemtu = 1420cisco-client-compat = truedtls-legacy = true