How to access LAN behind VPN client from server?

I have a cloud VM running an OpenVPN serverOn the other side, I have a Synology NAS inside a private network.

I would like to access the client's LAN (192.168.1.0/24) from the server.

On the server, I fixed its VPN IP, and iroute to the client:

$ cat /etc/openvpn/ccd/hodorifconfig-push 192.168.2.142 255.255.255.0iroute 192.168.1.0 255.255.255.0

Also I configured in /etc/openvpn/server/server.conf a route to the client:

push "route 192.168.1.0 255.255.255.0"route 192.168.1.0 255.255.255.0

So I am now able to ping the client (192.168.2.142 and 192.168.1.20) from the server:

server$ ping -c1 192.168.1.20PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=14.8 msserver$ ping -c1 192.168.2.142PING 192.168.2.142 (192.168.2.142) 56(84) bytes of data.64 bytes from 192.168.2.142: icmp_seq=1 ttl=64 time=14.1 ms

From the client I can see the ARP request:

client$ tcpdump -i tun0tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on tun0, link-type RAW (Raw IP), capture size 262144 bytes20:37:17.666777 IP 192.168.2.1 > 192.168.1.20: ICMP echo request, id 14, seq 1, length 6420:37:17.666813 IP 192.168.1.20 > 192.168.2.1: ICMP echo reply, id 14, seq 1, length 6420:37:21.022983 IP 192.168.2.1 > 192.168.2.142: ICMP echo request, id 15, seq 1, length 6420:37:21.023026 IP 192.168.2.142 > 192.168.2.1: ICMP echo reply, id 15, seq 1, length 64

However, I cannot access/ping the other devices on the client's LAN interface, but I have plenty of them:

client$ sudo ip neigh192.168.1.31 dev ovs_eth3 lladdr a8:a1:59:83:83:0c REACHABLE192.168.1.3 dev ovs_eth3 lladdr 3c:6a:9d:13:d1:86 STALE192.168.1.2 dev ovs_eth3 lladdr ec:b5:fa:09:07:ac STALE172.17.0.4 dev docker0 lladdr 02:42:ac:11:00:04 STALE192.168.1.1 dev ovs_eth3 lladdr 44:fe:3b:f9:05:1a REACHABLE172.17.0.6 dev docker0 lladdr 02:42:ac:11:00:06 STALE192.168.1.18 dev ovs_eth3 lladdr 02:11:32:20:17:25 REACHABLE172.17.0.2 dev docker0 lladdr 02:42:ac:11:00:02 STALE192.168.1.11 dev ovs_eth3 lladdr 60:fb:00:8f:cb:8e REACHABLE172.17.0.3 dev docker0 lladdr 02:42:ac:11:00:03 REACHABLE192.168.1.9 dev ovs_eth3 lladdr 5c:ea:1d:74:fa:bb STALE192.168.1.15 dev ovs_eth3 lladdr 9e:12:c6:2f:1a:0b STALE

Of course, I can access/ping my devices from the client side.

How can I configure my NAS to allow the VPN server to access the client's devices?