Well, I give it a shot:
I'm not sure of how to get only some traffic to go through I can solve your problem, but it would take a little changing of your setup. I'm assuming your Mac has two network interfaces, let's call them eth0 and eth1 :-)
we'll assume that eth0 is connected to your work network and has an internal (work network) address of 13.1.1.6, subnet 255.0.0.0.
we'll also assume that eth1 is connected to your WiFi X and has an address (eth1 <---> WiFi X network) of 192.168.1.10, subnet 255.0.0.0, to keep things simple.
I've setup VPN servers on BSD and Linux, but not Mac, however the concept will still be the same, you have options, I'll list one:
1)Ensure that the routing table on the Mac has an entry as follows:
$>sudo route add 13.0.0.0/8 eth0
What this will do is make sure any traffic coming in over the WiFi X or VPN interface that is destined for your company's network (the 13 network) will make it there. Without this, the Mac (which provides the bridge) really has no way to know how to route traffic between the two interfaces, and by default it will try to send it out of whatever interface is the default, which is WiFi X you stated.
I would undo what you did to the VPN routing table above and try this if its not (hopefully) already there.
If the above doesn't do it please update w/ your VPN Server's routing table and ip address list, or update w/ any fix you came across. Hope this points you in the right direction.
You must enable IPv4 forwarding
on the host, which is OS-specific. Just Google it.
You also need to determine whether your hosts have a routing rule providing a default route through your host. It should exist, in which case you are all set. If it does not exist, you will have to do it by hand, and this too is OS-specific. But you can Google change default gateway in Windows/Mac OS/Linux/FreeBSD/whatever
easily.
EDIT:
In order to enable IPv4 forwarding on your Windows host machine do the following:
1) Start Registry Editor (Regedit.exe).
2) In Registry Editor, locate the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
3) Set the following registry value:
Value Name: IPEnableRouter
Value type: REG_DWORD
Value Data: 1
A value of 1 enables TCP/IP forwarding for all network connections that are installed and used by this computer.
4) Quit Registry Editor.
Now try pinging any IP address (8.8.8.8, for instance) from your guests, it should work.
Best Answer
Create the file /etc/ppp/ip-up with following content:
replacing
<SUBNET>
with subnet, you want to route through VPN (for ex. 192.168.0.0/16)execute as root:
This file will be executed each time you connect to VPN.
The parameters given to the script:
$1
: The VPN interface (e.g.ppp0
)$2
: Unknown, was0
in my case$3
: IP of the VPN server$4
: VPN gateway address$5
: Regular (non-vpn) gateway for your lan connections