You need to change your peer (Sophos) to send another ID i.e. FQDN.
You probably have multiple peers. The PSKs are stored in /etc/ipsec.secrets and this file is evaluated from top to bottom. First ID match is tried and if no match then you get the error. All the IDs in /etc/ipsec.secrets must uniquely match your peers. Alternative workaround is use keyword any but that line will essentially match anything. With any, if multiple tunnels are used, use same PSK for all of them and the tunnel will come up.
Alternatively, the best solution (I use it on 10 concurrent tunnels) is to use x509 instead of PSK. Certs have identifiers embedded and there's no "guessing" which PSK to use. You have to correctly configure the identifiers too, but that's quite easy.
sudo swanctl --log is your friend for debugging.