I did more tests
having LAN forwarding to VPN and WAN, wifi connected devices are working fine.
Then I remove forward to WAN and I just have LAN forwards to VPN zone.
What happens on the wifi connected devices is the following: if browser is still open on a website pre-loaded, e.g. www.apple.com, then the navigation within apple.com domain continues as normal, however if I try to fire a new page, e.g. microsoft.com, it does not work. Looks like the wifi connected device (a Macbook) had cashed the resolved IP for apple.com and still navigate as normal. When tries to resolve a new address that was not pre-loaded into browser window, then fails.
On LAN device configuration, advanced settings, I set “Use custom DNS servers” and put 8.8.8.8, but above problem persists.
Seems a problem of DNS resolution. One more thing, I connected through wifi a Windows PC through a LAN cable to the LAN1 of the OpenWRT router, Windows says that my DNS is 192.168.2.1 (unencrypted), 192.168.2.1. is also the default static gateway address I assigned to the the LAN interface for OpenWRT router
Note: for all tests done the redirect-gateway def1 is still there, no differences noticed with or without it.