> My situation is vaguely similar... I've one high-speed link at home > with only dynamic IP - and I've got rack-mounted server with multiple > static IPs, one of which I want to use from home in order to run a > mail-server, revision control service and various web-services... > keeping all the data on hardware I physically control... access is > always encrypted - so I retain my privacy, no matter what happens to > my remotely hosted service (including packet-sniffing etc.) and the > worst case scenario is denial of service - which is an acceptable > risk. > > While I've established the tunnel, I'm tearing my hair out trying to > configure routing so that only remote access to services on my home > box (and not my home box's web-browsing etc.) are routed over the > VPN. I'm sure it has to be more straightforward than it appears. > :-S
If i understand what you've written, you need a static route on your home box for the server pointing to the VPN, and on the server you need a static route to your home box pointing to the VPN. So no need for anything funky, like iptables/iproute2.
