I can't seem to figure this out. The server runs on a VPS with private networking. I need to reach another VPS on the same datacenter from the client via the OpenVPN server. The server's LAN IP is 10.128.182.211 and the box I need to reach is 10. I can ping the server's LAN from the client. I'm pushing the route and I can see it in the client:

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.8.0.5        128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.2.1     0.0.0.0         UG    303    0        0 wlan0
10.8.0.1        10.8.0.5        255.255.255.255 UGH   0      0        0 tun0
10.8.0.5        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
128.0.0.0       10.8.0.5        128.0.0.0       UG    0      0        0 tun
192.168.2.0     0.0.0.0         255.255.255.0   U     303    0        0 wlan0
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

I've tried these two rules on the server:

iptables -A FORWARD -i tun0 -o ens4v1 -j ACCEPT
iptables -A FORWARD -i ens4v1 -o tun0 -j ACCEPT

But still nothing. I currently route all the client's traffic through the VPN and IP forwarding is enabled and working.

UPDATE

Figured this out.. so obvious really. I needed a MASQUERADE rule just like the one I use to get out to the internet.

-A POSTROUTING -o ens3 -j MASQUERADE
-A POSTROUTING -o ens4v1 -j MASQUERADE