OpenWrt OpenVPN server

Hello, I'm trying to setup a VPN server on my OpenWrt router.

I followed every step described here https://openwrt.org/docs/guide-user/services/vpn/openvpn/server

At the end of the configuration I created the backup and tried to connect by importing /etc/openvpn/client.ovpn file into OpenVPN Connect client.

The conection failes with following errors: "No route to host" and "Host is down"

If I look at System Log all I get is:

Sun Jan  9 15:43:52 2022 daemon.warn openvpn(server)[2530]: --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Sun Jan  9 15:43:52 2022 daemon.notice procd: /etc/rc.d/S96led: setting up led WAN
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: OpenVPN 2.5.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: library versions: OpenSSL 1.1.1m  14 Dec 2021, LZO 2.10
Sun Jan  9 15:43:52 2022 daemon.warn openvpn(server)[2530]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Jan  9 15:43:52 2022 daemon.notice procd: /etc/rc.d/S96led: setting up led USB 1
Sun Jan  9 15:43:52 2022 daemon.notice procd: /etc/rc.d/S96led: setting up led USB 2
Sun Jan  9 15:43:52 2022 daemon.notice procd: /etc/rc.d/S96led: setting up led USB 2 SS
Sun Jan  9 15:43:52 2022 daemon.notice procd: /etc/rc.d/S99bootcount: Boot count sucessfully reset to zero.
Sun Jan  9 15:43:52 2022 daemon.info procd: - init complete -
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: TUN/TAP device tun0 opened
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: net_iface_mtu_set: mtu 1500 for tun0
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: net_iface_up: set tun0 up
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: net_addr_v4_add: 192.168.8.1/24 dev tun0
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: /usr/libexec/openvpn-hotplug up server tun0 1500 1621 192.168.8.1 255.255.255.0 init
Sun Jan  9 15:43:52 2022 daemon.warn openvpn(server)[2530]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: UDPv4 link local (bound): [AF_INET][undef]:1194
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: UDPv4 link remote: [AF_UNSPEC]
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: GID set to nogroup
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: UID set to nobody
Sun Jan  9 15:43:52 2022 daemon.notice openvpn(server)[2530]: Initialization Sequence Completed

Please can someone tell me what am I doing wrong?

1. Are your trying to connect from outside of your LAN?
2. Are you sure you have a public IP on your WAN interface?

It would be great to connect from outside of my LAN but I didn't tried yet because I couldn't connect even from my LAN

That is not working because of the firewall configuration!
So try from outside (e.g. via Hotspot from mobile phone).
Also assume that you have WAN IP configured respectively with either fixed IP or DDNS

Sorry if it is not of your interest and you need OpenVPN.

But, have you tried Wireguard?

It would be a much more light system and much quicker in data transmission.

It is just a secure link where you assigne a link address for each connected device and need its public key.
A bit cumbersome to configure each device. But if there are few and you have a fix set of devices, it works great.
You need access to each device to configure wireguard in it, as the average user won't be able to configure it correctly, or give them detailed instructions or a tool to automatically configure it (a config file you have prepared for them, for example).

It has not so many options as OpenVPN, you can not integrate it with an active directory and usually you don't use DHCP for link addresses, but it is quick and easy once you understand how it works.