The scenario I am trying to pull off, in theory is rather simple I'd assume. I must be missing something small. What I am trying to do is, route a public IP over a VPN to the gateway of the other end of the VPN. The following URL contains a diagram of what I am trying to do. http://www.flukex.com/network/network.jpg The Office computer contains the network 72.232.50.42-46 The VPN ip's are Office (tap0) 30.20.1.1 Home router (tap0) 30.20.1.2 I would like to route 72.232.50.45 over the VPN to the home router. Using the following rule on the "office" router, I can get the packets to get to the home router 30.20.1.2. iptables -t nat -A PREROUTING -i eth0 -d 72.232.50.45 -j DNAT --to-destination 30.20.1.2 I see clearly that the packets are in fact reaching 30.20.1.2 (home router). The problem at this point is that the packets, seeing as they have public source IP's are then routing out the default gateway on the home router, rather then going back out on the VPN path as I would like it to do. I guess the overall question is, how can I make it so that packets coming in on one interface go back out on the exact same interface regardless of the default gateway. Once this if figured out, I can handle the routing to the actual internal network myself. I am suspecting some sort of configuration relying on connection tracking is required. I just cannot figure out how. Any help would be grateful. Thanks. Darryl Romano
