OpenVPN connect on both. I load the .ovpn-file that is exported from the server and that’s it.

Personally I would have gone for OpenVPN access server on Debian. Fairly simple and well documented for those starting out.

I have used and worked with OpenVPN connect on android, PC and Mac.

By making a bridge in the opensense interfaces you have created a layer2 network. This means that all the devices connected on that network are broadcasting their Mac addresses and are added to the ARP table on the opensense. Since they all are on the same physical network and the same subnet, none of the traffic will ever hit the layer 3 rules on your opensense.

If you want opensense to handle the rules of the traffic you will need to put the devices on different subnets and separate clans. Create a gateway address for every vlan on the opensense and point your devices to the opensense as their gateway.