bear with me:
HostA clients: 192.168.5/24
HostA IP(eth1): 192.168.5.1
HostA pub(eth0): 512.123.0.A
HostA gw(eth0): 512.123.0.Agw
HostA tun(tun0): 10.0.10.1
HostB clients: 192.168.6/24
HostB IP(eth1): 192.168.6.1
HostB pub(eth0): 321.215.0.B
HostB gw(eth0): 321.215.0.Bgw
HostB tun(tun0): 10.0.10.2
assuming your tunnel is operational and A and B can communicate through it without incident...
if Host A is your default gw to the world then clients should already have it set as their default gw so you should just be able to set a route to 192.168.6/24 via tun0
if not, then HostA should have ip_forward enabled and clients either use it as default gw or clients get a static route set to route 192.168.6/24 via HostA 192.168.5.1
HostA
Code:
ip route add 192.168.6.0/24 dev tun0
same applies for HostB and 192.168.6/24 routing to HostA and 192.168.4/24;
HostB
Code:
ip route add 192.168.5.0/24 dev tun0
for routing all HostB and 192.168.6/24 through HostA tun, something like this... (there may be more magic that needs to take place)
(DNS, SMTP, HTTP, not sure what all else is at play here or how it would be affected... or considered...)
HostB
Code:
ip route add 512.123.0.A via 321.215.0.Bgw dev eth0
ip route del default via 321.215.0.Bgw dev eth0
ip route add default via 10.0.10.1 dev tun0
Hopefully this gets you on the right path.
Understand that I've made some gross assumptions about your configuration that you'll need to consider and I'm sure I'm missing quite a bit...
:-)
Might a more robust VPN solution (?openvpn?) not be better suited for your task?