How to create IPsec route on Sophos Firewall

Normally, the firewall itself recognizes through which tunnel it must send the traffic. After all, the remote network was specified when the tunnel was created, so the information is known. At least with a policy-based VPN, with a route-based VPN, a static route must be created manually.

Now, if you have the problem that the firewall does not send the traffic through the IPsec tunnel, but into the WAN or somewhere else, you can create an IPsec route to define the path exactly.

To do this, connect to the Firewall Console and create the route:

system ipsec_route add host 10.33.46.69 tunnelname Azure_CH

To have a look at the routes, the following command helps:

system ipsec_route show