Basically you would need both what was in the original setup, plus what you did for the VPN. So you would need to create VLAN, interfaces and firewall zones, so that you have:
lan > wan
lanvpn > tun
The following thread can provide some illustrations