It might be possible to setup OpenVPN in a way that does not change the
default gateway to be addressed through the /dev/tunX device and then
to setup that device as gateway interface for a/some specified networks.
But this can not be done for the net traffic of specific user accounts.
iptables is meant to filter/redirect/etc. packets based on attributes
of those packets and their (TCP/pseudo-)connections,
but user ids are not part of these.
I think Your best bet is to use SSH port forwarding instead.
Read up on options "-L" and "-R" in the ssh(1) man page and(or
An alternative might be prtunnel
I hope this helps.