On Sat, 12 Sep 2009, Maverick wrote: > Ok, but that POSTROUTING rule i added after I detected the problem, I just > removed it again and I still can't access the machines on the other side of > the tunnel. The other one is also a problem. You need to exlude the remote subnet from being NAT'ed using -d \!a.b.c.0/24 Paul