Clients can't access internet when VPN connected

When I enable one of my OpenVPN connections, I’m unable to access the internet from my workstation. When the VPN is not running, everything works as expected.

Symptoms from client (workstation) when VPN is active:

$ ping
PING ( 56 data bytes
92 bytes from turris.lan ( Destination Port Unreachable
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 5400 c4cb   0 0000  3f  01 43a8 

$ host has address has IPv6 address 2607:f8b0:4009:804::200e mail is handled by 10 mail is handled by 20 mail is handled by 30 mail is handled by 40 mail is handled by 50

From the Turris when the VPN is active:

# ping
PING ( 56 data bytes
64 bytes from seq=0 ttl=57 time=12.341 ms
64 bytes from seq=1 ttl=57 time=12.231 ms
64 bytes from seq=2 ttl=57 time=12.621 ms

I’m guessing this is DNS related.

How do I resolve this?

Sometimes using 192.168.x.x network cause routing problems from/to gate(vpngate) and correspond services on lan and/or inside the tunnel. You can set your network to something totally not so generic to make routing more friendly. You can also use “list push” to specify which wins/dns/gate/dhcp can be used.
( at this moment i still have it with that default network , i am planning to change it because of several issues reported by my ovpn clients, so in below sample i still have 192.168.x.x )
something like:

   list push 'redirect-gateway def1'  # forcing all client traffic to go via tunnel/correspond gate
   list push 'dhcp-option DNS'  # pushing dns setup from dhcp server 
   list push 'route'  # you can force routing from correspond network(s)
   list push 'dhcp-option DNS' # if you have turris, why not use it for dns 
   list push 'dhcp-option WINS' # not needed but helps when you want to use samba inside ovpn
   list push 'dhcp-option DNS' # same dns as it is on dhcp
   list push 'dhcp-option DNS' # same dns as it is on dhcp

Thanks for your response.

Would you add this to the script that runs when the VPN starts? Wouldn’t you need to undo these changes when the VPN stops?

Wouldn’t it make sense to use the VPN provider’s DNS servers, rather than Google’s when the VPN is active to prevent DNS leaks?

If is routed through the VPN…

Sorry for the nOOb question, but where do you add the list push commands?

There is config file for openVPN /etc/config/openvpn .