@viragomann said in Tried to change ovpn p2p from shared key to SSL/TLS... Connection done but no rooting... same settings:

@gsp said in Tried to change ovpn p2p from shared key to SSL/TLS... Connection done but no rooting... same settings:

So in any case CSO is mandatory?

If you want to access a network behind the client, it is, as mentioned.

The CSO sets the iroute inside the OpenVPN server. This is needed to route the traffic to the proper client.
This routes will not shown up in the routing table of pfSense. There you will only see the network, which you stated in the server settings.

Thank you for your help! I have some sites interconnected with shared key option... Should I go to IPSec or ovpn p2p ssl , what do you think better? Because for many sites IPSec is now much easier setup... :)