routing trouble

[Frithjof Hammer]

Hello list!

I have a good and well working tinc network connecting five subnets: 
172.23.[42-46].0. Each is a /24 network. One of the nodes (172.23.43.1) should 
provide a openvpn-dialin access on the net 10.10.10.0/24 to the 172.23.
[42-46].0 network. I configured a static route on each tinc-node: 

route add 10.10.10.0/24 via 172.23.43.1

Everthing looks fine, but it is not working: Pings are routed through the 
tinc-interface, but rejected there. 

Lets assume the following net topology: 

172.23.42.1 ===(tinc-mesh)===172.23.43.1===(openvpn-dialin)===10.10.10.2

If I ping 172.23.42.1 from a host, connected via openvpn as 10.10.10.2, the 
packtes flow from the host 10.10.10.2 to 172.23.43.1. The host 172.23.43.1 
will route the packets to the tinc interface (just wonderfull) and arrive at 
172.23.42.1. 172.23.42.1 will generate a echo-reply. But the echo-reply will 
never make it back to 172.23.43.1:

MarkTwain:~# tcpdump -i tinc -n
tcpdump: WARNING: arptype 65534 not supported by libpcap - falling back to 
cooked socket
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode              
listening on tinc, link-type LINUX_SLL (Linux cooked), capture size 96 bytes             
20:20:59.878230 IP 10.10.10.2 > 172.23.42.1: ICMP echo request, id 15626, seq 
234, length 64
20:20:59.878370 IP 172.23.42.1 > 10.10.10.2: ICMP echo reply, id 15626, seq 
234, length 64  
20:20:59.878453 IP 10.10.10.2 > 172.23.42.1: ICMP net 172.19.88.6 unreachable 
- unknown, length 92

At this point, i wondering if this is a tinc related behavour, or if this is a 
misconfiguration of my own. Can someone put me in the right direction?
I suppose its tinc related, because the echo-replys never made it back to 
172.23.43.1 or 10.10.10.2 (other then the tcpdump output indicates).

Greetings

frithjof