OpenVPN - LAN working - Internet not working

Hello, this will be yet another OpenVPN thread regarding Internet access.
I've followed the quick guide and got a OpenVPNserver running on my router.
My home setup is really easy with my ADSL modem in front of my router.
I've managed to work out dynamic dns before doing OpenVPN tutorial, and by using the .ovpn file created on my router on my iPhone I can connect.

I've been googling this issue for so long that I don't see any other ways than asking you guys.

The last two rules in the firewall are me trying to get to the internet by using openvpn.. Zones I've messed a little bit with but I think they are as original.

I also added network for routing, I've not added anything, maybe that's where the issue is.

Update
I shared internet from my iphone to my laptop and started OpenVPN gui and connected to my router. Now internet is working fine!
So, it's only my iPhone now that don't have internet while openvpn is connected

Thanks for any help with this!

My config files follows.

client ovpn file:

verb 3
nobind
dev tun
client
remote .mooo.com 1194
fast-io
compress lzo
auth-nocache
remote-cert-tls server

Server config:

config openvpn 'vpnserver'
        option enabled '1'
        option dev 'tun0'
        option port '1194'
        option server '192.168.200.0 255.255.255.0'
        option client_to_client '1'
        option compress 'lzo'
        option keepalive '10 120'
        option persist_tun '1'
        option persist_key '1'
        option dh '/etc/openvpn/dh.pem'
        option tls_crypt '/etc/openvpn/tc.pem'
        option ca '/etc/openvpn/ca.crt'
        option cert '/etc/openvpn/vpnserver.crt'
        option key '/etc/openvpn/vpnserver.key'
        option duplicate_cn '1'
        list push 'compress lzo'
        list push 'dhcp-option DNS 192.168.1.1'
        list push 'dhcp-option DOMAIN lan'
        list push 'persist-key'
        list push 'persist-tun'
        list push 'redirect-gateway def1'
        list push 'route 192.168.1.0 255.255.255.0'
        option verb '5'

Firewall:

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config include 'miniupnpd'
        option type 'script'
        option path '/usr/share/miniupnpd/firewall.include'
        option family 'any'
        option reload '1'

config include 'bcp38'
        option type 'script'
        option path '/usr/lib/bcp38/run.sh'
        option family 'IPv4'
        option reload '1'

config rule
        option name 'Allow-OpenVPN'
        option src 'wan'
        option dest_port '1194'
        option proto 'tcp udp'
        option target 'ACCEPT'

config zone
        option name 'vpnserver'
        option output 'ACCEPT'
        option network 'vpnserver'
        option input 'ACCEPT'
        option forward 'ACCEPT'

config forwarding
        option dest 'wan'
        option src 'lan'

config forwarding
        option dest 'wan'
        option src 'vpnserver'

config rule
        option target 'ACCEPT'
        option src 'vpnserver'
        option name 'vpnwan'
        option dest 'wan'

config rule
        option target 'ACCEPT'
        option src 'wan'
        option name 'wanvpn'
        option dest 'vpnserver'

Network:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd00:d727:0342::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option ifname 'eth1.2'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth1.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0 1 2 3 5t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '4 6t'

config interface 'vpnserver'
        option ifname 'tun0'
        option proto 'none'

You never clearly state an issue; but from this sentence, I surmise you want your DDNS to use your WAN without VPN.

Now that you made the firewall ruels, you need to make policy-based routes and rules.

See:

https://openwrt.org/docs/guide-user/network/ip_rules

and

Remember that you'll also need to make rules for any device/server you wish to use the WAN too. You can do that by individual IP or by [the router's] receiving interfaces.

Thank you for your quick reply, will check it out. I've used my iphone as a test device, clearly I could have spent fewer hours using another laptop

All I wanted was my OpenVPN connection to also give me Internet (for geolocation types of usage, television etc).
That is working on my PC now, and probably has for a long time.

I will read up on the policy based routes and rules, not sure what is is and if I really need it?
I will only use 1 laptop or iPad/phone at the time when travelling I guess..

I did check myip.com, and it says I have ipv4 same as my router but also ipv6 in a city close by. I'm sharing internet from my iphone now, maybe that is using both ipv4 and 6..?