EFW Support

Environment:
LAN IP: 192.168.0.100/24
WAN IP: 1.1.1.1/30
Version: 3.2.2

Requirement:
We want to SNAT traffic from Src IP: 192.168.0.1/32 going to Dst IP: 172.1.1.1/32 be Source Nat to 192.168.10.10/32. We already have a VPN tunnel between 2 of our sites for carrying traffic between 192.168.10.10/32 & 172.1.1.1/32. Once we get the Natting up, we can forward the traffic destined to 172.1.1.1/32 via this IPSec tunnel after Source Natting to 192.168.10.10/32.

Issue:
When we go to NAT > SNAT option, we don't find any option to manually enter IP for Source Natting, but instead there is only drop-down option to select the Firewall's pre-existing LAN IP & WAN IP.

Can someone kindly help us with doing this requirement. I'm new to Endian & not sure how to figure this out.

UPDATE.
We were able to edit the /var/efw/snat/config file & add the SNAT entry as per our requirement. But the problem is that the NAT is not happening. As in when we send packet from 192.168.0.1/32, it exits to WAN IP (because of default route pointing to WAN IP of 1.1.1.1) which we can see from a traceroute from that PC.
Can someone kindly help us please.

UPDATE
It's is probably a routing issue / question too. I have my nat rule at the top in config file. But it is probably picking up default Nat rule to egress via main WAN link out.
If routing happens before Natting then what we said above is explained. But to fix it, in Routing there is no option to select IPsec as next hop.
I think if we can get Natting to work, them possibly traffic to 172. destination would go via tunnel since typically Strongswan puts dynamic routes automatically when VPN is up for the matching configured SA pairs.
Can someone help us with this SNat + Routing to tunnel requirement of ours.