hi everybody I'm having a, I'd like to think a "regular" VPN with IPsec/xl2tpd and it all works OK, except.. One thing that I never needed but now I do and I wonder.... is it my iptables, or/and routing or maybe VPN server config..? vpn clients with established tunnels can get to VPN server's NICs/IPs but cannot get through to the net behind the server. Well... they can, but only if on a host (eg. 192.168.2.33) on VPN server's net I do: route add -host 192.168.2.10 gw 192.168.2.100 # 192.168.2.10 is VPN client I thought this I'd not need since that local net (eg. 192.168.2.33) use VPN server's 192.168.2.100 as the default gw. is it by design and nature of that VPN solution it works this way or I actually have missed/messed up something? I hope the latter and adding routing on per "to host" basis is redundant. many thanks