hi @Jakezxz1
From what I understand, your VPN policy is based on tunnel interfaces, correct? Why not consider using a site-to-site connection?
A site-to-site connection is more straightforward and automatically adds routes. The configuration for this is provided below:
Authentication Method: IKE using Preshared Secret
For Proposals:
I believe that using this way it is easier to manage and configure
Get in touch if you need more help with this issue.
--please don't forget to "[Accept the answer]" if the reply is helpful--