Router DMZ as OpenVpn Client

Question

Hello, 
 I have a question regarding routing settings. I have created DMZ on my Sophos UTM and connected to the DMZ a other Router. The Router in the DMZ is doing a OpenVpn client connection, so the internal lan clients can go over this connection when I enable multi path rule Internal Network - Any - Internet IPv4 - DMZ Vpn. The Connection is working fine, just wondering as the VPN Router in the DMZ has the Option to set Gateway Mode or Router Mode, do I need to add in Router Mode static Route Back to Sophos UTM? 
 When I check with Traceroute 8.8.8.8 directly from the VPN Router, the first hop is not the Sophos UTM DMZIp Address, the Router is going directly over the VPN Connection to the Internet. 
 Can someone please point me to the right direction? 
 Thx

BAlfson · Accepted Answer

I don't know how to interpret the routing table for that device. 
 If you want the traffic to go through UTM Web Filtering, the subnet must be in 'Allowed Networks' there. 
 Cheers - Bob

BAlfson · Answer

If I've understood your setup correctly, you need a route in the VPN Router so that it knows the subnet of "Internal (Network)" is reached via the IP of "DMZ (Address)" on the UTM. 
 Cheers - Bob

Sally · Answer

Thanks Bob! 
 Best regards 
 Sally

Destination LAN NET	Subnet Mask	Gateway	Flags	Metric	Interface
default	128.0.0.0	172.22.29.1	UG	0	tun1
default	0.0.0.0	10.0.0.254	UG	0	LAN & WLAN

Destination LAN NET	Subnet Mask	Gateway	Flags	Metric	Interface
default	128.0.0.0	172.22.29.1	UG	0	tun1
default	0.0.0.0	10.0.0.254	UG	0	LAN & WLAN