This hack will enable your client machines to basically use the internet entirely through the vpn.
On the server add the following to your openvpn config file:
push "redirect-gateway def1" push "dhcp-option DNS 192.168.1.1"
If your vpn is for example your home gateway, you’ll definitely want to use the gateway address.
If your vpn server is on a remote server somewhere and it doesn’t run its own dns server or you don’t have a dns server running on the vpn network, you’ll want to just use a public dns server address such as Google’s 126.96.36.199⁄188.8.131.52
Then on the server, you need to enable forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
And enable masquerading of packets:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
Where 10.8.0.0/24 is your vm network and eth0 is the main external interface of the server.