GL-AR750S VPN into LAN setup

I have OpenVPN into my LAN from my cell phones data network. I want this phone to only access one single IP address and do not want the VPN subnet to access all of my LAN subnet. What route do I need to specify to do this? (I tried a few and they didn’t work)

LAN IP on the GL-AR750S slate router:
VPN Server TUN0 IP:
My Phone’s internal IP when I VPN into my router:

IP on my local LAN that I want to access from my phone when I connect to VPN:


Not sure about your set up. In the default setup, should your phone get an IP 10.2.2.x?

Why it get IP directly from your vpn server?

I installed OpenVpn app on my phone and uploaded the default config that I got from the router VPN server page. OpenVPN on my phone connected from the internet to my router and gave it that VPN IP as the internal IP and my Internet provider IP on the WAN of the router for my external IP. I can acess the internet from my phone after that but not my LAN, unless I click “Allow Local Access” in the Router VPN settings, which gave a warning that every node on my network could view all files. So, I thought to make it more secure maybe I could route my phone to just one computer that I wanted it to access and not allow local access to whatever I was allowing it to. I guess all VPN ips? or maybe all LAN and VPN ips.

Just to confirm once more: AR750s is the openvpn server, not client, right?