not that you didn’t do this, but when playing with different configurations its best to perfom a reboot before running test scenarios not that it needs it but it cant hurt.
try not to use the same client machine for testing use two separate machines.
let me throw some ideas and see if one hits.
what hardware were you using?
did (direct to wan) mean ethernet -wan-connected or wireless repeater connnected to wan? (just making sure) assuming the first.
if you were wwan did you have a dualband router where wireless clients into router on 2g and wwan from router to another router on 5g
did you try a ethernet client for lan networks?
you can configure two ways were the wan is your vpn clients and your guest is your local internet access clients
were you using dns over tls cloudflare or dnscrypt-proxy? if so disable on test
were you overriding dns for all clients? if so, disable for test