Hi guys, I have a question about of route-map with linux, I have two routers linux, one for Internet Trafic and other for VPN traffic, both routers have public IP''s address. Internet with nat VPN with nat eth0 200.244.10.1 eth0 200.244.10.2 ---- ---- ----- ------ eth1 10.10.1.1 gw1 eth1 10.10.1.254 gw2 I have created the following route-map echo 100 gw2 >> /etc/iproute2/rt_tables ip route add default via 10.10.1.254 table gw2 proto static ip rule add from 10.10.1.5 table gw2 Where 10.10.1.5 is my computer. Public IP address are ficticious. With this configuration my PC going out to Internet for gw2, my PC is nat with IP public 200.244.10.2, but I need change it, I need that my PC going out via gw2 only for ssh traffic, I change my rules: echo 100 gw2 >> /etc/iproute2/rt_tables ip route add default via 10.10.1.254 table gw2 proto static ip rule add from all fwmark 1 table gw2 iptables -I PREROUTING -t mangle -i eth1 -s 10.10.1.5 -p tcp --dport 22 -j MARK --set-mark 1 However, it does not work, because when I make a ssh conexion to remote host, I can see that I am going to nat with IP 200.244.10.1 Anyone can help me with this configuration, excuse me for my english.