split tunnel vpn access point

I have not been able to find out how to do this.

I have a vpn access point which uses openconnect and hostapd with the following vpn iptables rules

pi@raspberrypi:~ $ cat /etc/iptables.ipv4.vpn.nat
# Generated by iptables-save v1.4.21 on Sun Sep  4 02:28:21 2016
*filter
:INPUT ACCEPT [2:152]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2:152] 
-A FORWARD -i tun0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wlan1 -o tun0 -j ACCEPT
COMMIT
# Completed on Sun Sep  4 02:28:21 2016 
# Generated by iptables-save v1.4.21 on Sun Sep  4 02:28:21 2016
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [5:380]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o tun0 -j MASQUERADE
COMMIT
# Completed on Sun Sep  4 02:28:21 2016

and the following non vpn'd access point

# Generated by iptables-save v1.4.21 on Sun Sep  4 02:28:21 2016
*filter
:INPUT ACCEPT [2:152]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2:152]
-A FORWARD -i wlan1 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -i wlan0 -o wlan1 -j ACCEPT
COMMIT
# Completed on Sun Sep  4 02:28:21 2016
# Generated by iptables-save v1.4.21 on Sun Sep  4 02:28:21 2016
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [5:380] 
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o wlan1 -j MASQUERADE
COMMIT
# Completed on Sun Sep  4 02:28:21 2016

There are a few IP's that are not accessible from within the VPN so what I want to do is send all traffic through the vpn except for x.x.x.x and x.x.x.y for instance. For that traffic I just want it regularly nat'd so I can access it through the access point but not through the vpn.

Any idea how I can do this?