Like Trendy said, in R1 you need to install a route 10.8.0.0/24 via 192.168.1.X where X is R2's IP on the R1 LAN. Then when Internet or LAN request packets from the phone 10.8.0.2 appear on the R1 LAN, R1 knows to send the replies to R2 so they can be forwarded into the VPN tunnel and sent back to the phone.
The other approach is to use NAT in R2, which requires re-enabling the firewall and setting up two firewall zones such as vpn and lan and enabling forwarding from vpn to lan, and enable masquerade on lan. Now an Internet request from the phone will be translated inside R2 to appear to be from R2's interface on the 192.168.1.0 LAN, and R1 can deal with it directly without an additional route.