I've been at this for a couple of evenings now and need some help. What I'm trying to achieve is some destinations route through VPN client 1, some through VPN client 2, and the default route is to the wan gateway. Challenge one: getting everything to default through the wan gateway. My solution so far is to just delete the default route added when a VPN client starts. e.g. ip route del 0.0.0.0/1. This gives odd behaviour and so it appears I need to delete all routes for the client device. Is there a way to stop these routes from being created? Or a better way to do this? Challenge two: nslookup doesn't work when I delete the default created routes for a VPN client More a nuisance, as client connected machines work but this is stopping me from making a script that runs when the VPN client is started as I can't get the IPs to route. I've worked around this, but it means I have to stop the VPN client to update the IP list. Challenge three: Two VPN clients at the same time. I can work around the above and get something mostly working, but I cannot get two VPN clients to work at the same time. Are there settings I need to get 2 VPN clients connected at the same time? e.g. redirect internet traffic is unchecked. Do I have to turn off NAT? etc. I'm pretty convinced I'm solving an easy problem a really hard way. Is there a better way I can approach this? Thanks.