I'm no expert here, but this how I've done it. SSH VPN between Network1 (10.0.0.0/24) and Network2 (10.0.1.0/24) As root (or other privileged user) from end point node on Network1 ( host.network1):
ssh -fw0:0 host.network2 "ifconfig tun0 10.0.2.1 netmask 255.255.255.252 \ ; echo 1 > /proc/sys/net/ipv4/ip_forward \ ; /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE \ ; route add -net 10.0.0.0/24 gw 10.0.2.2 dev tun0" ifconfig tun0 10.0.2.2 netmask 255.255.255.252 echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE route add -net 10.0.1.0/24 gw 10.0.2.1 dev tun0 You can leave out the iptables bits if the tunnel end points (host.network1 and host.network2 in the example) are the default route for their respective networks, or if you want to put static routes on all the systems on each network.
