So from memory I didn't fix the problem completely, I sorta just fixed it for my specific use case. I found that as soon as I enabled NAT on my openVPN server side of things, the VMs and jails lost DNS access. However when this was disabled the jail's and VMs went back online.Your ticket indicates you "found the culprit"... what did you need to fix?
The NAT setting on the openVPN server enables the computer which is tunneling in to access any other device on the LAN. Turning it off means the computer can only access the IP address of the system hosting the OpenVPN server.
My solution was simply to turn off NAT and then have a VM on the host machine which I can VNC into and use as a device on the home LAN. Not the best fix but at least I isolated the issue. Hope this helps.