I have the same issue with an almost identical setup.
Client network | OpenVPN
PLC <------------------> RUT240 <---------> OVPN Server <----------> OpenVPN Client (laptop)
LAN: 192.168.1.3:502 192.168.1.250
OpenVPN: 10.9.0.90 10.9.0.1 10.9.0.5
Port forwarding:
LAN port: 502 to LAN device 192.168.1.3
WAN port: 6502 from any device
I need to forward the Modbus port (same as @Zapnologica asked for), but the answers provided aren¿t applicable, because the internal LAN segment (192.168.1.x) is too common and will conflict with other client's own private networks, so pushing LAN routes from the OpenVPN server is forbidden. (in case you ask, No: I cannot change the client's private LAN segment addressing).
What I need is to establich the VPN connection from the RUT240 (which is already running Ok) and just reach this router, not the internal LAN.
With port forwarding I could reach the internal devices (the PLC at port 502) through the Router's OpenVPN address and external port (6502).
The latter isn't working and cannot find why.
EDIT: We have found that apparently the problem resides on the PLC in the LAN not having a defined gateway and so, cannot be "found" from the VPN, even though port forwarding is active and set correctly.
Question remains why? Why can't the RUT240 address the device through port forwarding?
Please note that the RUT240 can actually communicate with the PLC at 192.168.1.3 (It responds to 'ping'), but other devices cannot access it from the VPN.