Re: VPN to LAN

The routes look correct there.  You can see where for 192.168.10.0 255.255.255.0 it knows the gateway is 192.168.9.1 . It looks like the machine's IP is 192.168.13.79 so that shouldn't be interfering with things.

I really don't think it's your firewall.  Here are my firewall rules.  For my WAN_IN firewall I have the two default firewall rules plus a 3rd rule (rule 30) for my site-to-site IPsec VPN.  I have had my OpenVPN setup for longer, and I did not have this rule back then and the VPN worked fine.

eppj@router# show firewall name WAN_IN
 default-action drop
 description "WAN to internal"
 rule 10 {
     action accept
     description "Allow established/related"
     state {
         established enable
         related enable
     }
 }
 rule 20 {
     action drop
     description "Drop invalid state"
     log disable
     state {
         invalid enable
     }
 }
 rule 30 {
     action accept
     description "VPN traffic"
     destination {
         address 192.168.1.0/24
     }
     ipsec {
         match-ipsec
     }
     log disable
     protocol all
     source {
         group {
             address-group REMOTE_SUBNETS
         }
     }
 }

For WAN_LOCAL, again, rules 30 through 60 were not in place when I first successfully set up my OpenVPN server.  The only rule I needed was rule 70

eppj@router# show firewall name WAN_LOCAL
 default-action drop
 description "WAN to router"
 rule 10 {
     action accept
     description "Allow established/related"
     state {
         established enable
         related enable
     }
 }
 rule 20 {
     action drop
     description "Drop invalid state"
     state {
         invalid enable
     }
 }
 rule 30 {
     action accept
     description "VPN traffic local"
     destination {
         address 192.168.1.1
     }
     ipsec {
         match-ipsec
     }
     log disable
     protocol all
     source {
         group {
             address-group REMOTE_SUBNETS
         }
     }
 }
 rule 40 {
     action accept
     description "VPN IKE"
     destination {
         group {
             address-group ADDRv4_eth1
         }
         port 500
     }
     log disable
     protocol udp
     source {
         port 500
     }
 }
 rule 50 {
     action accept
     description "VPN ESP"
     destination {
         group {
             address-group ADDRv4_eth1
         }
     }
     log disable
     protocol esp
 }
 rule 60 {
     action accept
     description "VPN NAT-T"
     destination {
         group {
             address-group ADDRv4_eth1
         }
         port 4500
     }
     log disable
     protocol udp
     source {
         port 4500
     }
 }
 rule 70 {
     action accept
     description "OpenVPN Server"
     destination {
         group {
             address-group ADDRv4_eth1
         }
         port 1200
     }
     log disable
     protocol udp
 }

A couple things you can try:

- try pinging 192.168.9.1 (the gateway you are pushing).  If you can ping it then there is a routing issue of some kind, if you can't ping it then I think it's more likely an OpenVPN config or possibly as you say a firewall issue

- if you still think it's the firewall, turn on logging for all your rules that cause a drop (including the "default" log if it is a drop rule like your WAN_IN and WAN_LOCAL probably are) and take a look in the system log when you connect.

- post your entire config so someone can go through it to see if something else in there is causing this issue.  You can remove sensitive items like your external IP or login info