I just noticed that some of the rules you were trying had protocol TCP selected. So they were not effective, because your OpenVPN (as is normal and best practice) is using UDP.
That is a bit of a trick when making new rules - the protocol field defaults to TCP, rather than "any".
Jesus. How couldn't I notice. You're right and it's so obvious but somehow I managed to ignore that field when checking the rules. Should've taken a closer look at pfBlocker's rule aswell: **IPv4 ***
Nevertheless I posted this issue at OpenVPN forum also because I'd like to know what exactly this IP was doing? Does the log entry mean, the IP connected to my OpenVPN but without correct auth. data? Or is it just about the ta.key as I've read somewhere when searching for this message.