I have a simple setup with the Router connected via Mobile. I can ping the the WAN interface and the LAN Default Gateway from the WAN.
However I am not able to ping the LAN devices from from the Router Diagnostics or the router itself (logged in user SSH). Devices on the LAN can ping each other and the LAN Gateway, however they can not ping outbound to the WAN.
I've enabled Zone Forwarding (LAN--> WAN and WAN-->LAN). I've also enabled "Allow-passthrought-traffic" in the Traffic rules.