But it is - See in sk104760: ATRG: VPN Core:
VPN Routing - Way of directing communication through a specific VPN tunnel in order to enhance existing connectivity or security. In addition, VPN routing can be used to reduce connectivity costs.
Domain Based VPN - VPN traffic is routed within the VPN community based on the encryption domain behind each Security Gateway in the community. In a Star community, this allows satellite Security Gateways to communicate with each other through central Security Gateways. Configuration for Domain Based VPN is performed directly through SmartDashboard.
Route Based VPN - VPN traffic is routed within the VPN community based on the routing information, static or dynamic, configured on the Operating Systems of the Security Gateways.
SmartDashboard configuration allows routing the traffic between Satellites via the Center and between Satellites and the Internet (route all traffic via the center). "Manual" routing configuration is available via the $FWDIR/conf/vpn_route.conf file on the Security Management Server.
VPN Routing is supported only with a Simplified VPN Mode Security Policy.
If both Domain Based VPN and Route Based VPN are configured, then Domain Based VPN will take precedence.
Route Based VPN is not supported with IKEv2.
$FWDIR/conf/vpn_route.conf - configuration file on Security Management Server / Domain Management Server used for granular control over Domain Based VPN routing between Security Gateways.
The file format is: Destination, Next hop router, Install on Security Gateway, Force Override (optional field)
Fields must be separated by tabs.
All entries must be objects that exist in the Management database. The names must match object names exactly.
CCSE CCTE CCSM SMB Specialist