Wed Dec 22, 2010 11:52 pm
On the router configured for 10.14.21.1/24 insert a static route for 10.0.0.2/32 via 10.14.21.80, or source NAT the traffic from the client (10.0.0.2) on the RouterBOARD to 10.14.21.80.
The remote client can send traffic to the machines on the office network just fine. That traffic gets to the office machines as sourced from 10.0.0.2. The office machines look at their IP addressing and realize that 10.0.0.2 isn't on their local network, so they send the reply to their default gateway at 10.14.21.1. That router looks at the packet and either decides to throw it away since private addresses shouldn't go on the public Internet, or sends it to your ISP which throws it away for you - depending on how smart that router is.
When you insert a static route on that network's default gateway it will see the destination address of 10.0.0.2, and have a more specific route for the packet and send it to the RouterBOARD. That RouterBOARD then in turn actually knows how to send packets back to 10.0.0.2 via the PPTP tunnel.
Alternatively you can NAT the packet from the remote client to the office network to 10.14.21.80. Office machines would then see the traffic as originating from 10.14.21.80 (which means you cannot log the true IP of the remote client anymore - one downside to NAT) and send replies straight back to the RouterBOARD, which would then undo the NAT operation and rewrite the destination back to 10.0.0.2 and forward the packet via the tunnel.
Hope that helps.