hint000 ,
totally agree, it's worth checking and maybe adding to the question. It is also interesting where the dhcp server is installed, whether address collisions happen if two different servers distribute addresses from the same network. And while I was writing this, I thought about routing, it turns out that the network 192.168.10.0/24 is available through 2 interfaces, which means it is entered into the routing table 2 times. So, when the kernel checks where to put the packet, it always takes one of the 2 roots, and I will assume that one of them has a lower metric (root to the local network), which means it is always used.
It turns out the following: the client sends a ping to the client on the local network via vpn, that is, the packet goes from the address, say 192.168.10.4 to 192.168.10.3, arrives at the server, the server checks the routes, selects the best one, sends it to the client in the LAN, it accepts, sends a response via its standard root, the answer comes to the server and then an error occurs, the server again looks for the best root for the network 192.168.10.0 and again finds the root in the local network. This can be checked fairly easily by running tcpdump to listen for pings on all client servers.
Bottom line: try to use another network, check the roots, maybe add them here to check.