Here's what I think is a simple question with hopefully a simple answer.

I have a branch office network of 192.168.0.x and a corporate HQ
network of 10.0.0.x.  Both of these subnets are connected via an
IPsec tunnel using m0n0walls at each location.  Users on the
192.168.0.x network can happily access resources on the 10.0.0.x
network with no problem and whenever they need to get access to the
public Internet they go out the m0n0wall at their branch office
location.  How would I go about forcing all branch office LAN traffic
to go through the VPN tunnel and out the firewall (which is a 3rd  
m0n0wall)
of our corporate HQ?

Many thanks.