How do I stop the VPN server from initiating requests and accessing my network? I am also looking for any security recommendations for a VPN client. At a minimum, I would like to;
Stop New Incoming Connections from the VPN server but still allow the server to respond to client side request.
Stop the VPN server from accessing anything on the client network.
Any other relevant firewall for VPN client setting or configurations I should think about?
If tun0 is the name of the zone which includes the vpn client, then you only need to remove wan zone from forwardings.
One more thing, you probably don't need to masquerade the vpn zone, which seems to be a server for accessing your home network from outside.