Okay, perfect, I think I've got everything. This right here is a pretty common misconception with OpenVPN. Let me see if I can simplify it a little bit.
Let's say that your Lab Subnet is 192.168.100.0/24.
Now OpenVPN gives you an encrypted subnet, and in this case it's 10.8.0.0/24.
Your client machine, say your laptop, is at the local Starbuck's on 192.168.0.0/24.
Your client machine connects to OpenVPN and gets 10.8.0.6. But in your server's OpenVPN configuration file, you've got this line...
push "route 192.168.100.0 255.255.255.0"
That tells your client machine that it can use the OpenVPN server (as far as your client knows, it's 10.8.0.1) to reach the 192.168.100.0 network. Happy!
Because NAT and routing is enabled on your OpenVPN server, that server will handle all of the routing to and fro, but the key piece at this point is to make sure that the machines in your Lab Subnet know to direct traffic intended for 10.8.0.0/24 to your OpenVPN server. Otherwise your machines will get the traffic, but won't be able to respond and it will look like something is wrong with your OpenVPN setup, when really you have a routing problem.
That is why it's very very very important when you're troubleshooting to not assume that traffic isn't reaching your Lab Subnet just because your client isn't getting a response. Get a packet sniffer on a machine in your Lab Subnet, and verify whether or not packets from your client machine are actually hitting your Lab Subnet.
I worked with a network admin once who phrased it perfectly. A client would send her a Wireshark trace of what a server was receiving from a client PC and ask her to troubleshoot it. To which she would say, "Great, we've got what the server is receiving. But that's only half of the conversation. We need the other half."
Edit:
Also, to give another example. Here's a setup I have running right now, though the numbers have been changed to protect the innocent.
Work network: 192.168.0.0/24
Encrypted subnet: 10.254.254.0
My network: 192.168.15.0/24
I use my machine at 192.168.15.13 to connect to my work network's OpenVPN service. My machine gets 10.254.254.6. I can now open my browser and hit up an internal only web server at 192.168.0.150, or a printer at 192.168.0.75. All because of the OpenVPN configuration file pushing the route for 192.168.0.0/24 to me the client, and the default gateway on the work network knowing what server to route 10.254.254.0/24 traffic to.
Hopefully one of these giant blocks of texts helps to clear things up.