Forward PiVPN Client requests to localhost

I set up DietPi on a Raspi 3 running LAMP with MariaDB (hostname: RaspiDB, IP:
I have 3 clients connecting to the database over the internet.
To protect the transferred data, I set up a PiVPN and connect the clients via OpenVPN.
The Clients can surf the internet, but can not access the MariaDB running on the same Raspi.
How can I forward incoming requests from the clients (IP: 10.8.0.x) to the MariaDB or just to or I don’t want to make all clients in the LAN available, just this one.

As I also access the MariaDB regularly from the local LAN, I would like to use the IP or the hostname of the Raspi also when connected via VPN.
I read some forums that I have to set up iptables, but as I am new to this and I don’t want to create open doors, due to my lack of experience, I would be happy if someone could help me with this or provide an tutorial “iptables guide for dummies”. Thank you very much!

The PiVPN is currently a workaround until I solved my issue setting up SSL on MariaDB with YaSSL.