1) From which machine you are initiating this ping request.

Ping from  PM1(10.61.53.3), PM2(192.168.1.40→10.61.53.5), the router(10.61.53.1\192.168.1.1)and itself(192.168.1.41→10.61.53.2). if ping by 10.61.53.2, all the above return time out.If use tracert commad, the ICMP frame arrived 10.61.53.1 then disappeared. If ping by 192.168.1.41 from router and PM2, it works well. Ping by 10.61.53.4 from 10.61.53.3 is quite normal and Web client can be open normally on PM1 by "https://10.61.53.4".

2) Is printing working fine from VM1 ?

Printer is work well on VM1, It can be directly used in VM1 and well shared.On PM2, can use ‘’\\192.168.1.41\print“ print remotely, but use “\\10.61.53.2\print” returns can't find the printer.

Thank you,

Are you able to RDP to the VM from PM2 and Print?

If use the NATed IP(10.61.53.2), PM2 also can't use the print service, but use the raw IP in subnet(192.168.1.41) is OK. If make PM1 access to the subnet(Access to the wlan), PM1 can also access the print service by VM‘s raw IP.

It seems that PM1‘s soft firewall、NAT function and VM's inside soft firewall are all work well, feeling like ESXI ‘refused’ all the connections from subnets which it not belongs to except RDP. 

Once I shutdown the firewall of VM windows 10, problem is solved,thank you very much.

good morning, glad to know issue is resolved.