Is there a way that I can prevent an entire subnet from using internal routing. The VPN server is supposed to be a way to access the company's intranet websites for some people, while for others it is supposed to do routing to the outside only and therefore not having access to any internal websites.

The VPN server has a DNS on the actual server but not all should be using this DNS. Some of the users should be directly sent out of the server to the internet.

Example:

10.0.0.1 is the DNS on the server, gateway for the VPN

10.0.0.2 is a user (A) on the VPN having access to the intranet websites (subnet is 10.0.0.0/25)

10.0.0.192 is a user (B) only needing routing and no access to intranet websites (subnet is 10.0.0.192/26)

All traffic of user B should be directly rerouted out of the server.

I have tried several iptables but without success.