OpenVPN Hardening and Best Practice

Good morning - I'm very keen to get some expert advice; I would describe myself as a new user, having transitioned from DD-WRT. My only prior experience with OpenWRT is with GL.inet routers that run Luci/Lede and manage everything with a nice GUI.

I have moved to stock OpenWRT on my Linksys WRT32X; I also run a Teltonika RUT240 and Teltonika RUT950.

I'll admit I resisted the move from GL.inet as their VPN setup is so simple - drop in the cert, activate, it self manages.

The current configuration I am using is based on this guide: https://www.ivpn.net/setup/router/openwrt-openvpn/

I did not create a new interface for the tunnel, instead opting to enter "tun+" under the OpenVPN firewall zone 'Covered Devices'.

The problem: frequent disconnects with no auto-reconnect. Is there a way around this? I was hoping to get some input on the best practice for settings up OpenVPN on an OpenWRT router (I've tried most of the guides) to produce the most robust connection - I did not have these same issues with DD-WRT.

Current OpenVPN config:

client
dev tun
proto udp
remote uk-london.privacy.network 1197
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-256-cbc
auth sha256
tls-client
remote-cert-tls server
keepalive 10 60

auth-user-pass /etc/openvpn/PIALondon.auth
compress
verb 1
reneg-sec 3600
<crl-verify>
-----BEGIN X509 CRL-----

*Removed*

-----END X509 CRL-----
</crl-verify>

# PLEX route
# If necessary, change 192.168.1.1 to your gateway
route plex.tv 255.255.255.0 192.168.1.1

<ca>
-----BEGIN CERTIFICATE-----

*Removed*

-----END CERTIFICATE-----