you should probably start by switching the LAN subnet on your RPi, to something else than 192.168.1
and move the LAN port to the wan zone, to make it a proper router.
make sure internet access still works afterwards, then read Raspberry Pi Access Point VPN