Followed instruction provided in documentation. LEDE/OpenWRT newbie. Perhaps these comments will be useful to others.
After following reading in the 'here' document to set up interface/dhcp/firewall, you must follow it up with a "uci commit" before the configuration takes effect.
And you have to go into network/interfaces -> edit -> guest/physical_settings and make sure your wireless network is attached to you guest interface. And then, reboot your router.
You shouldn't need to reboot your router, just issue cd /etc/init.d && ./network restart && ./odhcpd restart && ./dnsmasq restart && ./firewall restart
reboot is much quicker to type and has the same effect, hence being a welcome simple alternative to restarting each service separately, especially for newcomers who "just want to get this to work".
It is by no means obvious that the save&exit contained in 3-f apparently has a side effect of "uci commit".
Furthermore, in my opinion it would be more robust and familiar to a larger number of users to provide a simple standalone script instead of a "here" document to set up the network/firewall/dhcp.
And finally, one of the big challenges of being a newbie is you're swimming a sea of uncertainty. The system is not operating as expected and seemingly contrary to the configuration. You're not sure what needs to be reset let alone knowing for sure how to do it. Hence, the sledgehammer.
It's the roughly the same command, just in different formats.. You would use uci commit if making changes via SSH/Serial, or Save & Apply if via the WebUI (since this was apart of the wiki instructions, it makes it user error for not following the wiki).
Whenever changes are made via the WebUI or SSH/Serial, they're queued and are not applied until the changes have been applied (i.e. Save & Apply, uci commit, restarting the relevent daemons in /etc/init.d/, or rebooting the router).
I personally am not a big fan of uci, as it's inefficient unless utilized in heavy scripting, coupled with making configs altogether more difficult to read/examine (I believe in aligned configs, something that uci doesn't do, as it makes managing configs incredibly easier).
config openvpn 'VPNserver'
option enabled '1'
option dev 'tun0'
option topology 'subnet'
option proto 'udp'
option port '5000'
option server '10.1.1.0 255.255.255.240'
option ifconfig '10.1.1.1 255.255.255.240'
option ccd_exclusive '1'
option ifconfig_pool_persist '/etc/openvpn/clients/admin/ipp.txt'
option client_config_dir '/etc/openvpn/clients/admin'
list push 'route 192.168.20.0 255.255.255.192'
list push 'route 192.168.20.64 255.255.255.192'
list push 'dhcp-option DNS 192.168.20.60'
list push 'dhcp-option WINS 192.168.20.60'
list push 'dhcp-option DNS 208.67.222.222'
list push 'dhcp-option DNS 208.67.220.220'
list push 'dhcp-option NTP 129.6.15.30'
list push 'sndbuf 393216'
list push 'rcvbuf 393216'
option dh '/etc/ssl/openvpn/dh2048.pem'
option pkcs12 '/etc/ssl/openvpn/wrt1900acs-vpn_server.p12'
option cipher 'AES-256-CBC'
option auth 'SHA512'
option tls_auth '/etc/ssl/openvpn/tls-auth.key 0'
option tls_version_min '1.2'
option tls_cipher 'TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!SHA:!EXP:!PSK:!SRP:!DSS:!RC4:!kRSA'
option log '/tmp/openvpn-server.log'
option status '/tmp/openvpn-server-status.log'
option keepalive '10 120'
option comp_lzo 'yes'
option client_to_client '1'
option persist_key '1'
option persist_tun '1'
option sndbuf '393216'
option rcvbuf '393216'
option fragment '0'
option mssfix '0'
option tun_mtu '48000'
option user 'nobody'
option group 'nogroup'
option verb '4'
.
Had the wiki also included an either/or wrap tab in the wiki for simply the config file additions, one wouldn't need to go into the WebUI at all, thereby negating the need for Save & Apply.
.
As to a standalone script, the reason I, and I assume other wiki writers, do not include one is because users need to understand what is being added to a config and what it does. Not understanding what one is adding to a config is the user selling themselves short, as it will make their life more difficult if something needs to be troubleshooted due to the config additions/edits.
.
As to the challenges of being a new user, provided one follows whatever wiki they're using, problems shouldn't occur when following the wiki steps.