Another quick one after all this time.
If you use a vpn like vpnc (Cisco VPN) and also iptables on a gateway server, and you are having trouble and/or would like to make the vpn available to your private network, don't forget to include this on your iptables script:
(replace "tun0" with however your tunnel device is named)
iptables -A FORWARD -o tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
