The setup I'm aiming for (where a single port gets VLANd off and becomes the only available to connect to the inside of the VPN at work) is trivial to do and I'm 98% sure one of the guys at work has already done it (although probably with some slightly different software, I'm not sure).
I run OpenWRT WHITE RUSSIAN 0.9 on my Linksys, which was the latest at the time I installed it. I believe there is a new development release, but this still seems to be quite current.
First step was getting vpnc installed with the necessary bits and pieces. OpenWRT comes equipped with what can only be described as a very streamlined version of apt: ipkg. I searched for vpnc over at http://www.ipkg.be, found a hit and as such added the necessary line to my /etc/ipkg.conf file. A quick update and I could install vpnc, kmod-tun and libgcrypt as required.
With my VPN config file in place, I quickly received an error:
/etc/vpnc/vpnc-script: 222: Syntax error: Bad for loop variable
What's on line 222?
for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do
I did some searching and it seems this is perfectly valid Bourne syntax, so what gives? Well, OpenWRT uses ash as the default shell, not bash or sh. I decided to replace it with something equivalent:
i = 0;
while [ "$i" -lt CISCO_SPLIT_INC ]; do
// there was some stuff here, I added the next line just before the "done"
i = `expr $i + 1`
I had to make this fix a little further down too, but this did the trick and vpnc now correctly adds all of the default routes and properly updates the /etc/resolv.conf.