OpenVPN on Asus Router (DSL-AC88U) - No internet for client

[KingsGambit]

Hi all, I setup a new Asus router (DSL-AC88U) and have configured all my LAN, WiFi, internet settings, etc. I wanted to setup an OpenVPN server on it also. I configured it and exported a config file for my android phone. It connects and I can browse local clients, but there are two issues.

• I get this error when I go to connect in the OpenVPN app on the phone. It works when I hit Continue but happens every time. Any way to fix or suppress this?
• The Internet doesn't work on my phone. It doesn't work on mobile data and it doesn't work via the VPN. These are my settings. I wonder if it's a DNS issue rather than a Net connection? My DNS server at home is a PiHole with an internal 192.168.X.X IP. Could that be it?

Ideally, I'd like to have three clients, one of which I do NOT want to use the Internet, and two of which I do. Is this possible? I used to run an OpenVPN server on a Raspberry Pi (same as the PiHole) and it worked well, but I'd like to run it directly on the router if I can. So what would the settings be to have the client work using the vpn for internet, and for not using the vpn for internet, because right now, the web doesn't work at all? (I have tried WhatsApp as an example, and that works just fine.)

A final question, is there a recommended cipher or other settings to get a better and/or more secure connection? Many thanks all for your kind attention and in advance for any tips or advice.

 

[KingsGambit]

I was able to solve the first issue above by choosing No on "Username/Password auth. only". But the internet still doesn't work properly.
I've tried settin "Advertise DNS to clients" to No, and then the web works and IP lookup is the IP address of the router. What is the effect of this?

What I'd like is for the phone to use the VPN for both internet and access to network, I'd like to connect another Asus router to it as a client, essentially linking two locations. I don't want that router to get internet from this first one, just access to LAN, and vice versa.

 

[KingsGambit]

The best I seem able to manage is access to the LAN only, with Internet working as normal with WiFi/mobile data on the android phone. As soon as I put Advertise DNS to Client on, my phone won't view any web pages. WhatsApp however does work, as does browsing clients on the home network. Is there any way to get the Internet to work thru the router?