UPnP uses a disovery protocol called “Simple Service Discovery Protocol” (SSDP) that broadcasts on IP address 239.255.255.250. OpenVPN will treat this as a public IP address and therefore route it through the VPN tunnel, tun0, rather than to the local network.
Please run the following from the command line:
sudo apt-get update
sudo apt-get install iproute2
Assuming your Pi is on a wired connection (eth0), please then run:
sudo ip route add 239.255.255.250 dev eth0
If this works, you need to make it a permanent feature of your system. Adding it to /etc/rc.local might work or, alternatively, you could run it when OpenVPN starts. To do so, add these two lines to the VPN .conf file
script-security 2
up /path/to/script
where the script will contain the ip route command. Make it executable and owned by root:root. It should run with root privilege so doesn’t need sudo.