Android OpenVPN отключает туннель SSH

I want to tunnel my OpenVPN traffic through an SSH tunnel. I have

• An OpenVPN server behind a router running on port 4321
• SSH server on the same machine on port 22
• Router forwards ports to the server's IP to 1234->22 and 4321->4321

The server is configured this way:

dev tun
proto tcp
port 4321
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server_eqg0yy05M8ZkQjyy.crt
key /etc/openvpn/easy-rsa/pki/private/server_eqg0yy05M8ZkQjyy.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "block-outside-dns"
push "redirect-gateway def1"
client-to-client
keepalive 10 120
remote-cert-tls client
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3

And my client side looks like this:

client
dev tun
proto tcp-client
remote localhost 4321
route [my public IP] 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_eqg0yy05M8ZkQjyy name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 3
<ca>
-----BEGIN CERTIFICATE-----

If I use these server and client conf files on my Ubuntu laptop, and execute

ssh user@[my public IP] -p 1234 -L 4321:localhost:4321

and

sudo openvpn --config client1.ovpn

it works!

But on Android I can't get it working. I use ConnectBot (which was advised by many people), on which I am able to setup a connection to my SSH server and I have a local port forward 4321 -> localhost:4321.

When I have the SSH with active port forwarding running, I try to connect my OpenVPN with the official app (actually both official apps and two Androipd phones), ConnectBot says "Connection lost", breaking my tunnel. Why does the connection cut with the same configuration with "route [my public IP] 255.255.255.255 net_gateway" that works on my PC?