Update package lists.
sudo apt-get update
Install resolvconf. 
sudo apt-get install resolvconf(If you do not wish to install resolvconf then please see footnotes. )
- /etc/openvpn/update-resolv-conf uses resolvconf. You will need to install resolvconf in order for the lines beginning with script-security, up, and down to function properly.
In /etc/openvpn/openvpn.conf file change...
script-security 2 up "/etc/openvpn/update-resolv-conf script_type=up dev=tun0" down "/etc/openvpn/update-resolv-conf script_type=down dev=tun0"
to this (i.e. remove or out comment the lines beginning with "up" and "down" and change the 2 to a 1)
Open /etc/resolv.conf in an editor with root rights.
## Riseup.net OpenVPN DNS server nameserver 172.27.100.1
If you are not using riseup, you need to replace 172.27.100.1 and enter the virtual LAN IP address of your VPN providers DNS server. You might be able to obtain it from your VPN provider. You can also try to infer it after successfully connecting to the VPN from running "sudo route". The first destination default gateway should function as DNS server also.
If you want to be sure, that /etc/resolv.conf does not get overwritten by other packages. (Such as DHCP or resolvconf.)
sudo chattr +i /etc/resolv.conf
If you ever want to remove it, use -i.
Ignore /etc/resolv.conf instructions below.