When i connect to VPN I can get a connection, but internet isn't accessible and I can't ping network. Please see attached conf. Thanks!

# nov/04/2018 07:09:25 by RouterOS 6.43.4
# software id = UC9F-Z20G
#
# model = 2011UiAS-2HnD
# serial number = ********
/caps-man channel
add band=2ghz-b/g/n control-channel-width=20mhz frequency=2412 name=channel1 \
tx-power=12
add band=2ghz-b/g/n control-channel-width=20mhz frequency=2437 name=channel6 \
tx-power=12
add band=2ghz-b/g/n control-channel-width=20mhz frequency=2462 name=channel11 \
tx-power=12
add band=5ghz-a/n/ac control-channel-width=40mhz-turbo frequency=5580 name=\
channel116 tx-power=12
add band=5ghz-a/n/ac control-channel-width=40mhz-turbo frequency=5180 name=\
channel36 tx-power=12
/caps-man datapath
add client-to-client-forwarding=no name=datapath2
/caps-man configuration
add country="united states" datapath=datapath2 mode=ap name="2.4 cfg Guest" \
ssid=********
/interface bridge
add admin-mac=******* arp=proxy-arp auto-mac=no fast-forward=no \
name=bridge1
/interface ethernet
set [ find default-name=ether1 ] comment=WAN speed=100Mbps
set [ find default-name=ether2 ] comment=\
"LAN - Ports 2-5 are switched off of ether2" speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full comment=\
"LAN2 - Ports 6-10 are switched off of ether 6"
set [ find default-name=ether7 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface pptp-server
add name=pptp-in1 user=""
/caps-man datapath
add bridge=bridge1 client-to-client-forwarding=yes name=datapath1
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
group-key-update=1h name=WPA2 passphrase=********
add authentication-types=wpa2-psk encryption=aes-ccm name=Guest passphrase=\
********
/caps-man configuration
add country="united states3" datapath=datapath1 distance=indoors hw-retries=4 \
max-sta-count=15 mode=ap name="2.4 cfg" security=WPA2 ssid=*****
add country="united states3" datapath=datapath1 distance=indoors hw-retries=4 \
max-sta-count=15 mode=ap name="5 cfg" security=WPA2 ssid=*****
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" group-key-update=1h \
management-protection=allowed mode=dynamic-keys name=WPA2 \
supplicant-identity="" wpa-pre-shared-key=******** wpa2-pre-shared-key=\
********
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] band=2ghz-b/g/n country="united states" mode=\
ap-bridge security-profile=WPA2 ssid=***** tx-power=12 tx-power-mode=\
all-rates-fixed wireless-protocol=802.11
/interface wireless nstreme
# managed by CAPsMAN
set wlan1 enable-nstreme=yes
/ip hotspot profile
add dns-name=********* hotspot-address=192.168.1.1 name=hsprof1
/ip pool
add name=dhcp ranges=192.168.1.2-192.168.1.250
add name=vpn next-pool=dhcp ranges=192.168.1.251-192.168.1.254
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=\
bridge1 name=dhcp1
/ppp profile
set *FFFFFFFE dns-server=8.8.8.8,8.8.4.4 local-address=192.168.1.1 \
remote-address=vpn
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/caps-man access-list
add action=accept allow-signal-out-of-range=2s disabled=no signal-range=\
-94..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=2s disabled=no signal-range=\
-120..-95 ssid-regexp=""
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
"2.4 cfg" name-format=identity
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=\
"5 cfg" name-format=identity
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface=ether9
add bridge=bridge1 interface=ether10
add bridge=bridge1 interface=sfp1
/interface l2tp-server server
set ipsec-secret=********** use-ipsec=yes
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/interface pptp-server server
set enabled=yes
/interface sstp-server server
set default-profile=default-encryption
/interface wireless access-list
add allow-signal-out-of-range=2s interface=wlan1 signal-range=-88..120 \
vlan-mode=no-tag
/interface wireless cap
#
set caps-man-addresses=127.0.0.1 discovery-interfaces=bridge1 enabled=yes \
interfaces=wlan1
/ip address
add address=192.168.1.1/24 comment="LAN IP Subnet" interface=ether2 network=\
192.168.1.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.1.107 mac-address=28:F3:66:51:58:01 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes servers=\
1.1.1.1,1.0.0.1,208.67.222.222,208.67.220.220
/ip firewall filter
add action=drop chain=forward comment=\
"Drop all invaild connections to the LAN" connection-state=invalid
add action=fasttrack-connection chain=forward connection-state=\
established,related
add action=accept chain=forward comment=\
"Allow established and related connections from the LAN" \
connection-state=established,related
add action=accept chain=input comment=\
"Allow access to the router from the LAN using address list" \
src-address-list="Local LAN"
add action=accept chain=forward comment="Allow new connections from the LAN" \
connection-state=new in-interface=bridge1
add action=accept chain=input comment=\
"Allow established connections to the router" connection-state=\
established
add action=accept chain=input comment=\
"Allow related connections to the router" connection-state=related
add action=accept chain=input comment="allow IPsec NAT" disabled=yes \
dst-port=4500 protocol=udp
add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp
add action=accept chain=input comment="allow l2tp" disabled=yes dst-port=1701 \
protocol=udp
add action=accept chain=input comment="VPN Rule" dst-port=1723 protocol=tcp
add action=accept chain=input comment="VPN Rule" protocol=gre
add action=drop chain=forward comment="Drop all other connections"
add action=accept chain=input comment="allow sstp" dst-port=443 protocol=tcp
add action=drop chain=input comment="Drop all other traffic to the router"
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat out-interface=ether1 src-address-list=\
"Local LAN"
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\
192.168.1.0/24
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\
192.168.89.0/24
/ip firewall raw
add action=drop chain=prerouting comment="sbl dshield" src-address-list=\
"sbl dshield"
add action=drop chain=prerouting comment="sbl spamhaus" src-address-list=\
"sbl spamhaus"
add action=drop chain=prerouting comment="sbl blocklist.de" src-address-list=\
"sbl blocklist.de"
/ip hotspot user
add name=admin
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
/lcd
set enabled=no time-interval=hour touch-screen=disabled
/lcd interface pages
set 0 interfaces="sfp1,ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8\
,ether9,ether10"
/ppp secret
add name=**** password=******* profile=default-encryption service=\
pptp
/system clock
set time-zone-name=America/Detroit
/system identity
set name="Local MikroTik"
/system logging
add topics=wireless
/system ntp client
set enabled=yes primary-ntp=66.135.44.92 secondary-ntp=171.66.97.123
/system routerboard settings
set silent-boot=no
/system scheduler
add interval=30m name="fetch drop malicious sbl" on-event="/tool fetch address\
=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/do\
wnloads/drop.malicious.rsc" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
apr/24/2018 start-time=21:00:00
add interval=30m name="import drop malicious" on-event=\
"import drop.malicious.rsc" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
apr/24/2018 start-time=21:01:00
/tool romon port
add

First you have to set different pool for vpn and different local adress. Vpn adresses are virtual and can not be part of the local level 2 broadcast domain. pptp is considered unsecure. I can't see your /ip route configuration also. There maybe other wrongs in your config but that was what i noticed with a short inspection

Thanks for the pool info. I will get that changed. I know pptp is not secure, I was just trying to get one of them to work first. I will export my /ip route config as well. Thanks again.