Hello I have in mind to configure VPN for two different zones. The first router (WRT54GL v1.1, TomatoUSB v1.28) is connected to a DSL modem (WAN) and should publish a QNAP NAS (DMZ) and WAN-Users should be able to conncet using VPN1 (VPN1-certificates clientx). Second there is a second router (WRT54G v3.1, TomatoVPN v1.27, with another IP-Range, DHCP-Server for the LAN) connected to the first Router (Router1 LAN -> Router2 WAN). And this Router should make VPN2 (VPN2-certificates clientx) available only to me, so that I can connect to my QNAP NAS in the LAN and mount SMB-Shares. Third: the router publish the DMZ should be reachable using www.foo1.org and the router publish the LAN should be reachable using www.foo2.org. Both foo1.org and foo2.org are published by zoneedit.com. I managed the case with only one router well, but I have no idee for the scenario above. So any hint would really be appreciated. Kind regards, go4unkwn.