As it is, the second rule is making the first redundant. And you don’t want to allow everything from vpn to lan.
iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
This would be more sensible.