Bridged VPN procedure does not work when HDA is not gateway

[bluegold92]

I've followed the procedure here to set up my VPN server in bridged mode
http://wiki.amahi.org/index.php/VPN_Bridging
Afterwards, however, I noticed that I lost outgoing IP connectivity from the server, i.e., I could not resolve names or contact hosts from the server to the WAN. Note that my Amahi server is NOT my network gateway nor my dhcp server. It is only on my LAN and must connect through my existing gateway to route to the internet. I solved the problem with the command "sudo hda-change-gw x.x.x.x" where the IP address is my LAN gateway. Problem is this does not persist after reboot, so I need to modify the provided code appropriately. Any ideas on how best to do this?

Also, why can I not have the device that connects through the tap0 device instead get a dhcp lease from my existing dhcp server instead of using a static address? Could I not simply route the tap0 traffic to the existing DHCP server and gateway instead and then allow hosts that connect to become hosts on my existing network?

Finally, I'd really like to lock this all down with a certificate system like I have my ssh server locked down. On ssh, I have root logins and passwords logins completely disabled. Only certificate logins are allowed, plus I have denyhosts running to ban any repeat brute-force offending hosts. Any wiki on how to accomplish this?