Remote Access Device on LAN of LEDE (GoldenOrb) Router using OpenVPN

Before using VPN.....I could access the device on the Router's LAN using basic Port Forwarding as the Cellular Router was provisioned with a Public Static IP Address

I signed up with a 3rd Party OpenVPN Service and received 4 Clients

Using OpenVPN GUI on a couple of laptops I can connect to the OpenVPN and successfully ping each other using the VPN IP Address.

I can tell from the System Log that the Router is successfully connected to the OpenVPN and then I can successfully ping the laptops using the VPN IP Address. My laptops can successfully ping the Cellular Public Static IP Address, but when I ping the VPN IP Address of the Router I get the response "Destination Port Unreachable".

Lastly I cannot reach the device connected to the LAN of the Router any longer unless I disable the VPN. I assume it's settings on the Router that I have not correctly configured. Any documentation I can take a look at to better familiarize myself on how to troubleshoot this?

If this is a private subnet, you may have to place a static route to the other IP.

I'm not sure why you needed multiple VPN accounts for one router, though.

Sorry one OpenVPN Client for the Router. The others are for the devices that will be connecting to the Router (i.e. Laptop, Android, iOS devices) to access the device (PLC).

Remote monitoring (SCADA) type of connection. I've been using Public Static IP on several sites over the years to access and monitor levels/pressure, but attempting to circle back around and secure the connections using a VPN.

Yes, but why do you need mutiple VPN clients???

You should only need one - to connect the Router, everything else is on the router's LAN, so it uses the router's VPN...unless I don't understand what you're trying to solve.

This is very important to solving your issue...why do you need more than one VPN connection to fix the security issue???

There is only 1 device (PLC) that is connected to the Router's LAN. This Router is say at Site A. The other devices (PC, Android, iOS) used for remote accessing the router are at Site B, C, D etc.

You may wish to use Wireguard instead, it's better suited for point-to-multipoint VPNs, as it knows the IPs of each peer.

But...for OpenVPN, you likely need to make sure that you properly subnet and place static routes to all devices on macines: A, B, C, D, etc.

I'll take a look at Wireguard. They were able to give me a Static IP within the VPN Tunnel so I'm aware of the IP Address of each OpenVPN Client that I use.

There is an article at wiki for setting up OpenVPN Client and Server on the router at the same time.

I'm not wanting to run a Client and Server on the Router at the same time. The OpenVPN Server is at another Site (say Site M). The current thinking is to run a OpenVPN Client (Client A / Site A / VPN IP / Cellular Public Static IP with a device (PLC) to the LAN ( of the Router. The device (PLC) has a IP address of on the LAN of the Router. I want to be able to connect with Client B (Site B VPN IP or Client C (Site C VPN IP remotely connect to the device (PLC) and monitor it. I'm able to connect using basic Port Forwarding with the OpenVPN disabled because of the Public Static IP. I'm able to ping the Client B with Client C (and vice versa) when OpenVPN Clients are running on those devices so I can deduce that the OpenVPN Server (Site M) is set up for Client to Client traffice I can confirm the OpenVPN Client is running on the Router. I haven't checked to see if the Router can ping either device or itself be pinged, but will shortly. I cannot however connect remotely to the device (PLC) with the OpenVPN Client running on the router with basic Port Forwarding.