How to route LAN traffic to VPN for one target host? LAN>VPN>TARGET

[marshalleq]

Dear all, I have a target IP address on a VPN which hosts an NFS mount that I'm using as a backup target.  I need an internal host to be able to connect to that 24x7 through the firewall.

It's using OpenConnect as it's a Cisco VPN, which for the most part seems to be working.  I can ping the host with the NFS mount from the OPNsense host.

I do not own the remote network, though I can ring up and get support for it e.g. to understand the topology.  However I'm stuck wondering on a few points.

If I am to add a static route to direct traffic to the foreign address, the route requires a gateway which appears does not exist in the drop down list.  I would have thought there was some kind of dynamic gateway added, but I can't find it. 

So I assume I have to manually add a gateway under System, Gateways.

Question: What do I put in the IP address field?  The target VPN connects with a 172.16. address and the host is a 10.12 address.  Must I create a new address in the first of this range?  Or can I add a third subnet that routes through the other two, given that they are not networks that belong to me?

Any other advice that I might need?

I am a bit nervous working on this remotely and trying to be careful I don't lock myself out (I currently connect via VPN). This box sits in my home and I am stuck in another country due to COVID-19. Conversely, this backup is so that if something happens to that box, I can get to it from another place while stuck overseas and bring back up the critical services! (The downsides of self hosting the first months of a new startup!)

Many thanks,

Marshalleq