linux

OpenVPN doesn't need me the entire subnet behind the server?

I'll try to describe the situation, if there is not enough information, ask, don't throw stones right away, I'm just learning.
So. The network, let's say at the enterprise, consists of two subnets, let's say 192.168.1. ... and 192.168.2 ..., with its own DNS, the question of remote access arises.
A virtual machine, it has an ubuntu server, the first interface with an external IP address to which to knock from, say, another country. The internal tap address of the server is 192.168.3.1, all clients receive an IP for the TAP adapter from 192.168.3.100 to 192.168.3.200.
After the server, I can see two subnets, it is written in server.conf:
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
But the task is brewing if I need to close the first subnet (if it’s completely clear, I commented it out and there’s no access to it), I need to leave several computers for use from outside, I heard somehow you can prescribe individual hosts, it’s not entirely clear how it is do.