Sorry for the long wait in reply. I was able to get this working by forwarding all my traffic through the VPN like this:
My configuration is a VPS server running Virtuozzo 3. MASQUERADE is not virtualized on Virtuozzo 3, so I used SNAT instead. Also, most other places had eth0 instead of venet0 on the postrouting iptables command, and my server needed venet0. I made those changes, including my changes in the server.conf file (below), and it works fine.
Run the following commands:
iptables -F -t nat (gets rid of previous iptables entries)
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to 220.127.116.11 #This is where you put your server IP address
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
In the server.conf file, I changed these settings to make it work:
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# the TUN/TAP interface to the internet in
# order for this to work properly).
# CAVEAT: May break client's network config if
# client's local DHCP server packets get routed
# through the tunnel. Solution: make sure
# client's local DHCP server is reachable via
# a more specific route than the default route
# of 0.0.0.0/0.0.0.0.
push "redirect-gateway def1"
# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
push "dhcp-option DNS 18.104.22.168"
push "dhcp-option DNS 22.214.171.124"
;push "dhcp-option WINS 10.8.0.1"
126.96.36.199 and 188.8.131.52 Are google's public DNS, and will work fine for anyone's needs. You don't need to change those values.
I finally got it working! I'm in Mainland China, and am subsequently blocked from youtube, facebook, hulu, twitter, etc... so this was a good way to get access to those sites and services.