In Kuberentes the Pod networking should ensure other Pods could communicate to each other. That's basically it. It was not designed to allow serving incoming requests out of the box. As you may see the Pod's IP range 10.244.0.0/16 is a private one i.e. is not routable over the Internet.

As already mentioned the correct approach is to expose your pods using Services. While you are on bare metal cluster the NodePort type could be a quick way to go (assuming you have kubectl connectivity to your cluster through vpn):

kubectl expose po <your-pod-name> --port=<port> --type=NodePort --name=MyService

Another option might be to run something like busybox pod with built-in wget tool to access inter-pod network within the cluster.

kubectl run -i --tty busybox --image=busybox --restart=Never -- sh
# wget <your-pod-ip>

Of course the preferred way for production-grade cluster should be something like Ingress pointing to your Service-backed Pods supported by appropriate Ingress Controller. Again while you are on bare metal and don't have LoadBalancer service out-of-the box like in most clouds, you Ingress Controller might do the load balancing job as well.

I would like to reach pod network (i use calico-canal) with vpn and be able to communicate with my pods directly(e.g from browser).

This is not possible if you don't expose the pod. You need a service that will expose the pod, later you may use that servers in ingress so you are able to connect to if from the browser.

How can i connect inside pod network and reach my services directly from vpn client ?

I would setup a pod and expose it via service. Later I would use this service as a gateway to access other pods.

I would recommend you go over the documentation for Cluster Networking, it explains how the model works and it's briefly talking about number of CNI's. Maybe you will find something that will be more helpful.