Turris Shield: Ultimative Firewall !?!

Hi
my setup is
ISP <-> router <-> Turris shield <-> computer
(the router and the Turris shield serve different IP- ranges via DHCP).
DNSSEC is not working and therefore turned off. DNS is working on the Turris shield as well as on my computer (via the Turris shield).

But I cannot ping anything but the Turris shield from my computer!

If I turn on an openVPN client on the Turris shield, I can ping inside the remote network from the Turris shield. This is not possible from my computer either.

I therefore assume, the Turris shield might be missing some firewall-rules, which allow LAN-traffic to access the WAN / VPN-tunnel.

What can I do to get it working as expected?
Since the interface is VERY basic, I cannot see, what I misconfigured …