When using Tunnelblick, or Viscosity in Mac OS X (both use OpenVPN underneath), my local traffic was not routed via the VPN.

This happened despite enabling the options “route all traffic through VPN”, or adding push "redirect-gateway def1" to my VPN server options as suggested by https://askubuntu.com/questions/462533/route-all-traffic-through-openvpn

After some research, I found out what is happening, and I’ve come up with a temporary fix. I believe the root cause is a bug either on Mac OS X, or on OpenVPN, but this solution circumvents it.

First, disconnected from your VPN, your routing table should look like this:

netstat -nr

Routing tables

Internet:
Destination        Gateway            Flags        Netif Expire
default            192.168.1.1        UGSc           en0
127                127.0.0.1          UCS            lo0
127.0.0.1          127.0.0.1          UH             lo0

After connecting to the VPN, running netstat -nr yields:

netstat -nr

Routing tables

Internet:
Destination Gateway Flags Netif Expire
0/1 10.0.8.1 UGSc utun10
default 192.168.1.1 UGSc en0
10.0.8/24 10.0.8.2 UGSc utun10
10.0.8.2 10.0.8.2 UH utun10

The problem is that the default route goes through 192.168.1.1, and not 10.0.8.1.
This latter being our VPN gateway.

One solution to this is to explicitly add a route via the VPN gateway to individual local clients.
For instance, to access 192.168.1.112, a local client in the remote network, we run:

sudo route add 192.168.1.112 10.0.8.1

You can add as many clients as needed, and also add groups of them with IP/Masks. After this, you should be able to access local clients in the remote network.