Openvpn server config

Hi guys,
I have just finished configuring openvpn server following this guide https://openwrt.org/docs/guide-user/services/vpn/openvpn/basic

Everything works fine without issue.
I would like to create 2 client profile:
-Full-vpn
When I'm outside I will use my openvpn server to reach internet,without being able to reach any of my lan device at home.
-Split vpn
When I'm outside I will use my openvpn server only to reach my lan devices,while I continue surfing the entire internet with my internet connection.

In the basic guide linked above tun0 is configured not in a new zone but as list device on lan configuration.
I know that in order to make a split vpn I can put this inside the client configuration

route-nopull
route 192.168.1.0 255.255.255.0

But even If I put or leave this configuration,I can always reach my lan devices on a 192.168.1.0/24 subnet.
My vpn subnet is 10.0.8.0/24

How can I have a full vpn configuration working preventing me to reach any of my lan devices on 192.168.1.0/24 subnet?
Since the tun0 is defined inside the lan zone as reported by the guide, it's needed a new zone?
Thank you in advance guys!

There may be multiple approaches to this problem. One way to do this is to create a second instance of OpenVPN server in your router (tun1), create a new firewall zone for it, and do not allow forwarding from that vpn zone to the lan. This would need to be on a different port, though, so it is maybe not the most ideal.
There may be other, better ways to do this. Hopefully others can chime in.

Network > Firewall > Trafic rules > Add:
Name: Reject LAN xx
Protocol: Any
Source zone: Any zone
Source address: (Defalt)
Destination zone: Any zone (forward)
Destination address: "chose your pc on lan that not will show "
my case: 192.168.1.82
Action: reject

so, in this fall any client that conecct to vpn have not access to owns this pc(192.168.1.82) in your network.