On Wed, Apr 28, 2010 at 6:55 AM, Rudi Ahlers <rudiahlers at gmail.com> wrote: > Mark, > > We, in South Africa sit with a huge problem in that our clients can't > connect to the rest of the world cause SEACOM is down. i.e. our client > can, for the past 3 days, only surf local (i.e. local in South Africa) > websites, email, etc. > > So, I want to reroute all their traffic via one of our other servers > > <ADSL client> - <Limited internet> - <server> - <full internet> I'm rather rusty on the details of this, but isn't the correct way to handle this to have <server> publish an ARP route indicating that it provides routing to (the IP space containing) <ADSL client>? Any mere proxy or VPN hosted at <server> will allow <ADSL client> to transparently establish connections, but won't allow <full internet> to reach the IP address of <ADSL client> (nor anything else in <Limited internet>). Maybe that's not needed here.