The allow in a firewall rule is for a new connection only hit once. subsequent packets will use the established/related rule. So removing the openvpn allow rule won't shut down an already connected openvpn.
Moreover, which site initiates the connection? That side sends outs the 1st initial packet, that has to be allowed on the remote WAN_LOCAL. All further packets will take esteb/related rule on both sides.
