As your suggestion I set the following rules for Teltonika:
vpn to lan accept forward traffic
lan to vpn accept forward traffic
I try to connect a computer from the server lan (with putty or winscp) to the computer 192.168.2.34 with its firewall disable: no success (but ping ok).
I also tried filezilla but filezilla uses udp → no success → normal
For the time beeing only the ping command can access to a client computer.
And always the message “write to TUN/TAP:invalid argument (code=22)” every x minutes in the Teltonika log.