Eh. Quad-core ARM/MIPS is lightweight. Just grab a Xeon-D off eBay or a fanless 1165G7 off AliExpress and don’t worry about encrypted bandwidth for the foreseeable future. 500mbps is easy 
SmurfGLiNET said:
many things
Ok. Interesting.
The path is the first one, except 10.8.0.3 rather than 10.8.0.2 (probably because your iPhone or something else got assigned 10.8.0.2 - not a big deal). The other addresses (192.168.128.252 and 192.168.0.1) are related to the network that your Slate AX is connected to. The VPN tunnel creates a kind of fiction where you don’t really see any of the addresses between the two tunnel points, even though there are a lot. You just see the tunnel entry point (10.8.0.3 in your case) and the tunnel exit point (10.8.0.1 in your case).
Just to confirm what I think you’re saying, you are able to ping 10.8.0.1 (0% packet loss) but not 192.168.1.1 (100% packet loss) from a device connected to the Slate AX, correct?
If that’s the case, it feels like the problem is actually on the ASUS Merlin side, not on the Slate AX. Said differently, 10.8.0.1 is the OpenVPN address on the ASUS, and 192.168.1.1 is the main router address on the ASUS, so it looks like something (firewall or routing) is blocking the transition from OVPN to LAN on the ASUS. I’m not super familiar with how Merlin implements things, and I think I’ve thrown away all my routers that are compatible with that firmware, though I may have one up in an attic somewhere. It does sound like elorimer may be more helpful than me there.