JohnGalt wrote:
For example, if your LAN is 192.168.1.1/24, and 192.168.10.1/24 is totally irrelevant to you and you probably won't use it, you can put it in the remote network/mask. You could also make the mask smaller so it will have less effect in the routing table (e.g., 192.168.10.1/30). And then, go to route policy to specify which LAN clients should go via the VPN tunnel.

Tried following this, fell at the first hurdle.

I can set remote network to 192.168.10.1 but I can't set the Remote Network Mask, it's not a user-selectable option, it's a fixed list on 2862.

I'm not trying to do anything complex here. I have one normal IP range (192.168.1.1 -> 255 ) behind a NAT, a single VPN, single WAN, and I just want to to route some traffic via the VPN, some not based on routing rules.

My routing table looks like this (internet IP address changed to xx.xx.xx.xx)

Key Destination Gateway Interface

---

* 0.0.0.0/ 0.0.0.0 via 195.166.130.248 WAN1
S xx.xx.xx.xx/ 255.255.255.255 via xx.xx.xx.xx WAN1
S 192.168.10.0/ 255.255.255.0 via 100.99.0.1 VPN-1
C 100.99.0.1/ 255.255.255.255 directly connected VPN-1
C~ 192.168.1.0/ 255.255.255.0 directly connected LAN1
* 195.166.130.248/ 255.255.255.255 via 195.166.130.248 WAN1

and my VPN Network settings are currently:

My WAN IP 0.0.0.0
Remote Gateway IP 0.0.0.0
Remote Network IP 192.168.10.1
Remote Network Mask 255.255.255.0 / 24
Local Network IP 192.168.1.1
Local Network Mask 255.255.255.0 / 24

From first subnet to remote network, you have to do NAT
Change default route to this VPN tunnel No

Any routing rule I set to route through the VPN doesn't work. If I set default route, everything goes through the VPN. I can't get it to selectively route. I guess something that' not been discussed, when setting the routing rule, what gateway should I be using? default gateway? Something else? (tried 192.168.10.1)