Here is my problem:

2.2.2.1 +--------------+
Internet------------------| Remote Linux |
| +--------------+
| |
| |
| VPN via Internet
| |
| | 2.2.2.129
+-------------+ +-------------+
| ADSL Router | | Local Linux |
+-------------+ +-------------+
| 1.1.1.1 | 1.1.1.2
---------------+---------------+-----------+--------
| 2.2.2.130
+----------+
| Local WS |
+----------+


I've got a local LAN with a few public IP (1.1.1.*),
and a remote LAN with other public IP (2.2.2.128/25).

On the local LAN, I've got some workstation on a subnet of the remote
LAN (a range 2.2.2.128/25), this subnet is bridged thru a VPN between
the "Local Linux" box and the "Remote Linux" box.

The problem is how to set up the "Local Linux" box so as to route
packages coming from the local 2.2.2.128/25 range to "Remote Linux"
via the VPN, while at the same time keeping the default route for this
"Local Linux" thru the 1.1.1.1 ADSL Router (the local Internet
connection)?

The local (1.1.1.*) traffic should be routed locally, while the remote
range (2.2.2.128/25) should be routed thru the VPN.



On "Local Linux" I tried:

route default gw 1.1.1.1
iptables -A FORWARD --source 2.2.2.128/25 -o ppp0

but it seems that -o only "selects" the packets and does not modify
their routing.

I would like to speficy that packets coming from 2.2.2.128/25 should
be routed to 2.2.2.1 (ie. via the ppp0 VPN interface), and packets
coming from other IP (including generated locally) should be routed
normally (with the default to 1.1.1.1). How can I do that?


--
__Pascal_Bourguignon__ http://www.informatimago.com/
There is no worse tyranny than to force a man to pay for what he doesn't
want merely because you think it would be good for him.--Robert Heinlein
http://www.theadvocates.org/