This is the documentation for the 19.02 version. Looking for the documentation of the latest version? Have a look here.
The IPsec interface allows the peers to talk directly, but in most cases with IPsec there is more interesting traffic to handle. For example, a larger subnet on the LAN side of each peer that must communicate securely.
tnsr(config)# route ipv4 table ipv4-VRF:0 tnsr(config-rt-table-v4)# route 10.25.0.0/16 tnsr(config-rt4-next-hop)# next-hop 0 via 220.127.116.11 ipsec0 tnsr(config-rt4-next-hop)# exit tnsr(config-rt-table-v4)# exit tnsr(config)# exit
In this example, a route is added to the main IPv4 routing table for a subnet
located behind the peer. Any traffic trying to reach a host inside the
10.25.0.0/16 subnet will be routed through the
ipsec0 interface using
the peer’s address in that subnet (
18.104.22.168) as the next hop.