openvpn

What Firewall rules should be set when using openvpn?

Hello! I'm starting to get acquainted with openwrt and Linux in general, so please don't scold me for stupid questions.
There is a tp-link wr 842nd router stitched with OpenWrt Chaos Calmer r44053.
And there is a desire to organize a secure channel to it from anywhere.
Here is what I got:
server config
port 1199
proto tcp-server
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh2048.pem
cipher BF-CBC
auth MD5
server 132.1.1.0 255.255.255.0
keepalive 10 120
comp-lzo
max-clients 100
persist-key
log /var/log/openvpn.log
verb 3
-------------
Client
client
port 1199
remote my static ip
proto tcp
dev tun
ca C:\Program Files\OpenVPN\keys\ca.crt
cert C:\Program Files\OpenVPN\ keys\acer.crt
key C:\Program Files\OpenVPN\keys\acer.key
cipher BF-CBC
auth MD5
comp-lzo
persist-key
persist-tun
verb 3
-------------- ----
Rule in /etc/config/firewall
config 'rule'
option 'src' 'wan'
option 'target' 'ACCEPT'
option 'proto' 'tcp'
option 'dest_port' '1199'
------ -----------
The result is not good, the client could not connect to the server. The connection doesn't even start.
For the sake of verification, I tried to forward port 80. Successfully. When I logged in to (my static ip), the Luci admin panel opened.
Where could I have made a mistake? Before writing here, I double-checked everything that was enough knowledge. Please point to that place.
I want to understand routing. After all, is she the problem?
Thank you!