Hi, Currently I have a arch linux server running PPTP VPN (for iOS devices only), and I forward all PPTP VPN packets to local eth0: iptables -A POSTROUTING -s -o eth0 -j MASQUERADE Now I got a external proxy, and I want all the traffic currently through the PPTP VPN then through that extenal proxy (it's a http proxy, and requires authentication). If my description is confusing, please consult this chart: iOS --> Server 1 (PPTP VPN) --> Server 2 (http proxy, authentication required) --> Web Server {1,2} both have dedicated external IP address. I have root permission for Server 1, and nothing for Server 2 (except for the http proxy account). I'm thinking about running a http server that handles all the authentication for Server 2 (such as dante?), then forward all packets to that server (running in Server 1). But I don't know how to write corresponding iptables rules. So how to write such rules? Regards.