As a network administrator managing hybrid connectivity, your team needs to access a Cloud SQL instance in the us-west1 region within a Shared VPC. You've set up a Dedicated Interconnect connection and a Cloud Router in us-west1, confirming successful connectivity between the Shared VPC and on-premises data center. After establishing a private services access connection for Cloud SQL using the reserved IP range with default settings, on-premises users still cannot reach the instance. How do you troubleshoot and resolve this issue?