openVPN allows you to specify a DNS server along with the VPN-IP address. if you control this DNS-server, you can easily create an ACL that will return 10.8.0.1
for queries originating from the VPN network, and the public IP address when the queries come from outside of this network.
in the openVPN config, you would add something like the following (assuming your DNS-server has the IP 10.8.0.53
)
push "dhcp-option DNS 10.8.0.53"
how to configure your DNS-server will obviously depend on the actual server you are using (which you didn't mention).
in bind9
it would look similar to the following:
acl authenticated { 10.8.0.0/24; };
view "authenticated" {
match-clients { authenticated; };
zone "mysite.com" {
type master;
file "/etc/bind/db.authenticated";
};
};
view "anonymous" {
match-clients { any; }
zone "mysite.com" {
type master;
file "/etc/bind/db.anonymous";
};
}