SIP phones (OBI etc.) and OpenVPN client

Hi there,

My goal is to encrypt all outgoing traffic on the gateway router via OpenVPN client on the router to PIA or iVPN or similar VPN service providers. Ideally, I'd like to use the least amount of devices possible. I read somewhere that SIP should work with encryption, but it might be provider specific etc. I am having trouble getting this to work. The SIP adapters fail to register once I use VPN service.

I am running a few SIP numbers within the network with various providers, currently mostly GoogleVoice and Sipgate.de. All configured on OBI 202 adapters right now, but I tried this with a Grandstream 496 and a Linksys RTP300 before a well. I know OBI/GV will stop on the 15th and already switched one line to PhonePower to test. 

Here is what I tried so far:

1) All on one gateway router. If I encrypt all outgoing traffic on a router, say the AC68U, the SIP lines won't register/work any longer. Phones don't ring for incoming calls etc.

2) When I put the OBI as the gateway (e.g. before the actual router) WAN traffic speed is slow. Phones work though. The OBI is just not a high power switch. I lost 75% of my internet bandwidth. 

3) I tried to put the OBI into the DMZ on the gateway router (so it would be exposed to the external internet, which static DHCP and exposing that IP. Surprisingly, that still did not work. Somehow the OpenVPN client still interferes with it I guess. This is the setup to experiement with, I believe. Maybe some port forwarding or some custom firewall script.

4) Using two (2) routers works fine. Using one router as a gateway router and connect the OBI to that one. Use a second (LAN) router behind the gateway router and have that one use OpenVPN and all traffic going through this one works. So I have a working solution, but it requires two boxes. 

I thought I should be able to simplify this using one box. Any thoughts or experience with this? Would be open to any firmware/setup that could make this work and eliminate an extra box. Thanks!