There is an alternative solution, where you route everything above a certain IP address back to your normal IP address and the rest uses the VPN, in order to make use of this you need to:
- Add these lines to your openvpn.conf file (or whatever your openVPN .conf file is called) and delete any other route-pull lines:
route-nopull
route-noexec
up /etc/openvpn/cg/up-script.sh
down /etc/openvpn/cg/down-script.sh
up-script.sh - the up-script (Will need creating)
ip rule add from 192.168.1.128/25 priority 10 table vpn
ip route add 192.168.1.128/25 dev tun1 table vpn
ip route add default via $ifconfig_remote dev tun1 table vpn
ip route flush cache
down-script.sh - the down-script: (Will need creating)
rm /etc/openvpn/cg/up
touch /etc/openvpn/cg/down
ip rule del from 192.168.1.128/25
Change the 192.168.1.128/25 in both scripts to reflect the local IP addresses of the devices you don’t want to be using VPN (so in this case above .128 goes to the host network, and below goes via the VPN)
h/t to Pedro Lopez at NordVPN for helping me with this (giving it to me)
Its far more elegant and does’t rely on resolved IP addresses - OK if you don’t live in the UK its not that helpful