In the section "7. Configuring the routing table" of this guide, precisely in the code listing 7.2, there's a small typo: the correct command should be # route add -net 192.168.125.0 netmask 255.255.255.0 dev tun0 as the DNS server that we're trying to reach is included in the .125.0/24 subnet and not in the .160.0/24 one. As a side note, IMO should be explicitly explained why we need to add the route that lets the data reach the subnet .160.0/24 (the subnet that includes the IP address received by the TUN/TAP virtual device). At the present state, the document states only that "you should add any additional routes for known networks", without focusing the attention of the reader on the detail exposed above. Reproducible: Always Steps to Reproduce: 1. Open http://www.gentoo.org/doc/en/vpnc-howto.xml ;)
Sorry to bother you again, but I have found another typo in the same guide :) Line 635 of vpnc-howto.xml (inside code listing 7.3) should be --- intranet1.example.org ping statistics --- since "intranet1", and not "intranet", is the name assigned to the target machine in the example code.
Fixed typos, and added your explanation more or less as-is for the additional subnets bit. Thanks for reporting; fixed in CVS.
