Your openwrt router needs a vpn server or similar that is to be connected to... expressvpn is a client outgoing connection... you don't get back into your network this way ( using typical consumer vpn products )....
You should read;
openvpn server ( wiki )
openvpn client ( wiki )
Technically you could direct port forward the incoming FreeNAS sftp/ssh... but it's a less secure and less scalable option.
In fact the question should have been : Can I get accès to OpenWrt AND the FreeNas that is connected to it. In other words, get accès to my whole network form WAN.
So if I understand you well, I should install OpenVPN server on both the OpenWrt router and FreeNas Server if I want access to them both, right?
The reason the question is confusing is because in my mind, when you have ExpressVPN installed for outgoing connections (OpenVPN is already installed) it may prevents connections from WAN to the routeur :
here is where I got help with it : Unable to run OpenVPN on a TP-LINK Archer C7 v2 Router
@eduperez would you please help me with OpenVPN or Wireguard so that I could access to the router and FreeNAS?
Can you please update the topic title (scroll to top, then click the pencil behind the topic), in order to make it less vague, and somewhat related to your question?
I'm not sure you need policy based routing, sounds like it's getting a little over complicated. Are you wanting to get remote access to your LAN from a device you own? Laptop, mobile phone, etc? If so, you should be able to achieve what you want by just setting up Wireguard on each device. The necessary routes should get added automatically by Wireguard without affecting all other traffic going through ExpressVPN.
I want solutions and help with whatever method that will get me the results.
And I know that if I follow your instructions it will work so I will follow your method, even if it is simpler will Wireguard.
For now I wan't to access documents, apps etc. of my FreeNAS server from my phone. But if it is not tricky i would love to be able te do than through other computers. But one step at a time.
If your aim is to get it working on your phone then why spend time trying to get OpenVPN and policy based routing when you can do it much more simply with Wireguard? Especially if you want to add additional devices at a later date.
Mainly because it will help me understand more about OpenVPN, OpenWrt and routing for further tweaking.
I read here and there that one of the options to achieve what I want is OpenVPN Server. Since it is widely used I'll go for it.
It doesn't mean that I will not try Wireguard later maybe but I'm confident about @ulmwind method and want to go for it.
You don't (or shouldn't) need policy based routing to achieve what you want to do. There's nothing particularly fancy routing-wise about it and whatever VPN you end up using should add the required rules.