If you use Firefox, you could use FoxyProxy to only use a configured proxy for certain sites, certain URL patterns.
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc
file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
Best Answer
-You might need to run ssh over port 443 if your employer is blocking port 22
-This will only tunnel traffic for your browser. To tunnel all traffic you can setup OpenVPN. OpenVPN cannot be filtered since it uses standard protocols. This would be a more complicated option.
The ssh/putty route is really easy.