Ok, to get this up you will need NAT/Filtering changes. You have to implement SNAT on the work-pc since the return path for the lm-server is probably not your work computer itself. Plus, it gives the server the impression that it is talking to an IP address on your work network. Enable forwarding at your work computer Then add something like the following: # Include a rule for each maximum number of VPN interfaces you allow in, though I assume that you would just need one. <VPN Interface> == ppp0, or ppp1, etc.. iptables -t nat -A POSTROUTING -o <VPN Interface> -j MASQUERADE iptables -P FORWARD DROP iptables -A FORWARD -i <VPN Interface> -o <LAN interface> -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i <VPN Interface> -o <LAN interface> --destination <lm server> -p udp --dport <lm_port> -j ACCEPT # If the state filter doesn't conntrack your UDP connection for some bazaar reason, use the following rule as well. iptables -A FORWARD -i <LAN Interface> -o <VPN interface> --destination <lm server> -p udp --sport <lm_port> -j ACCEPT # This is assuming that your lm's protocol is a straight single port->port path. The protocol may introduce some ugliness through other methods. You may have to open more to accommodate for that.
