Of course I do, but its very conditional in your case. For the record, I did miss that you had port forwarding enabled already and read your post as if you were just trying to connect to the open internet and see any traffic going to some rando servers. That would be a very different situation.

How is the traffic proxied locally? Does the VPN client even allow inbound connections? Is a virtual interface configured for the VPN and is there an inbound port open?

What makes this situation conditional is that there are several ways your VPN client could be configured and it is my guess that it is the bottleneck in this case. If you tried every address that you could find and saw nothing, chances are, there is no traffic to be seen. Any stateful firewall will drop an inbound SYN or traffic not related to an established connection.

Your routing table may give some good clues as to where traffic is going as well. For example, the VPN client could be creating a local default gateway IP. Unless there is a split path configured, all traffic should be traversing that IP, regardless of what it is.

So, can you elaborate more on the route your traffic is taking? Listening on 0.0.0.0 can sometimes work, but usually a specific interface needs to be defined as well. In some cases, tcpdump setting the interface to promiscuous mode can break things.

Also, it’s a VPN. How traffic is getting routed in through the tunnel could be problematic. I have just been assuming that everything is fine up to the client you use and the computer sending traffic to inside your network is part of the VPN.