Network config question

[Jay Mallar]

I have a networking issue I need some help with.   I have a local intranet using 192.168.0.X addressing, currently with 9 IPs assigned.  Everyone on the network can see everyone else perfectly.  192.168.0.1 is my gateway, which happens to be my external router/firewall box, and is connected to the 'Net via DSL.  I have a printer attached to my most-used machine, 192.168.0.10.  The printer is connected to a parallel port on 192.168.0.10 and therefore does not have it's own IP.  Everyone on the network can see and use my printer without issue.    Until....   I use 192.168.0.10 to connect via VPN to my office.  When I do so, the VPN software automatically excludes my local intranet traffic, so 192.168.0.10 can no longer see my internal network.  The rest of my local net is unaffected but can no longer see 192.168.0.10 - and this is my main issue - because 192.168.0.10 is disconnected from the local intranet, the other machines can no longer access my printer.   I could just move the printer, but then I wouldn't be able to use it from 192.168.0.10 when connected to my VPN, which is more important than having the rest of the local net have access to it.   What I want is for 192.168.0.10 to be able to connect to my VPN but at the same time have traffice routed to and from my intranet still go through (even if it's just to the printer.).  I thought I could just add another IP to a second NIC in the machine and route it to 192.168.0.1, but that doesn't work because my VPN connection changes the default gateway.  Also, I'd still like to prevent traffic from crossing from the intranet to the VPN tunnel so I'm not bypassing the secure VPN.   I have another NIC (eth1) inside 192.168.0.10 that's not being used right now, if that helps.   Here's some info on my configs.   Before connecting to the VPN:   # ifconfig eth0 eth0      Link encap:Ethernet  HWaddr 00:20:78:12:58:19           inet addr:192.168.0.10  Bcast:192.168.0.255  Mask:255.255.255.0           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1           RX packets:2811880 errors:0 dropped:0 overruns:0 frame:0           TX packets:2167740 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:100           RX bytes:1049413772 (1000.7 Mb)  TX bytes:466690702 (445.0 Mb)           Interrupt:11 Base address:0xbc00   # route Kernel IP routing table Destination     Gateway         Genmask         Flags Metric Ref    Use Iface 192.168.0.0     *               255.255.255.0   U     0      0        0 eth0 169.254.0.0     *               255.255.0.0     U     0      0        0 eth0 127.0.0.0       *               255.0.0.0       U     0      0        0 lo default         192.168.0.1     0.0.0.0         UG    0      0        0 eth0   After connectiong to the VPN:   # ifconfig eth0 eth0      Link encap:Ethernet  HWaddr 00:20:78:12:58:19           inet addr:192.168.0.10  Bcast:192.168.0.255  Mask:255.255.255.0           UP BROADCAST RUNNING MULTICAST  MTU:1400  Metric:1           RX packets:2823363 errors:0 dropped:0 overruns:0 frame:0           TX packets:2180572 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:100           RX bytes:1053079143 (1004.2 Mb)  TX bytes:468995988 (447.2 Mb)           Interrupt:11 Base address:0xbc00   # route Kernel IP routing table Destination     Gateway         Genmask         Flags Metric Ref    Use Iface 192.168.0.0     *               255.255.255.0   U     0      0        0 eth0 169.254.0.0     *               255.255.0.0     U     0      0        0 eth0 127.0.0.0       *               255.0.0.0       U     0      0        0 lo default         <namehidden>    0.0.0.0         UG    0      0        0 eth0   Note that I've removed the DNS entry in the default route for security reasons, but it's now pointing to my VPN, not 192.168.0.1.   Is there anything I can do?   Thanks in advance, Jay