I followed your recommendations, and stopped the firewall before I resetted both units, RUTX11 and RUT955. Stopping the firewall did not solve the problem. After reconfiguring RUTX911 from scratch, all unnecessary routes disappeared, but it was almost impossible, to get the missing route from 10.0.0.2 to target 192.168.1.0/24 recognised by the router. After definig the static route, it was not visible in the routing table, also rebooting did not help. Only after I changed the Network Type in the route configuration from x11opvpn -> lan -> wan -> and back to x11opvpn, the correct routing was suddenly shown in the routing table! But this did not change the general behaviour of RUTX11! I still was not able to see the RUT955 Network, only the GUI of RUT955 was acessable via the virtual IP 10.0.0.6.
I also tried to configure another RUTX11 unit with older firmware the same way, but failed because of other limitations/bugs. With updated firmware, I faced the same issue as with the other unit!
I then tried OpenVPN Authentification with Static Key. Within a few minutes, traffic in both directions was possible!
What else can I do to get OpenVPN working on TLS? Will the next firmware fix it?