<![CDATA[Open vpn multiple site to site S2S vs SSL/TLS]]>currently i'm using IPSEC for site to site (10 tunnels) but I saw a faster performance when I tried to switch one over to OpenVPN (P2P shared key).

If i need to add more OpenVPN S2S can i continue using shared key and just add clients at the rest of the locations connecting to the main site? Or create a new server for each client ? Or do i need to switch to P2P SSL\TLS for openVPN multisite ?

When I tried to just add more clients connecting to the site using SharedKey connections weren't that stable.

Can someone shed some light on how to approach this ?

Thank you,

y

]]>https://forum.netgate.com/topic/88699/open-vpn-multiple-site-to-site-s2s-vs-ssl-tlsRSS for NodeThu, 05 Mar 2026 08:18:26 GMTFri, 04 Sep 2015 20:31:34 GMT60<![CDATA[Reply to Open vpn multiple site to site S2S vs SSL/TLS on Fri, 11 Sep 2015 19:16:31 GMT]]>thanks jimp. i will go with SSL/TLS method. appreciate the link.

]]>https://forum.netgate.com/post/570175https://forum.netgate.com/post/570175Fri, 11 Sep 2015 19:16:31 GMT<![CDATA[Reply to Open vpn multiple site to site S2S vs SSL/TLS on Thu, 10 Sep 2015 14:27:31 GMT]]>Shared Key is 1:1  – One client to one Server

SSL/TLS can work either way. If you want only one server process and multiple clients, it must be SSL/TLS.

That style of setup is explained at https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_%28SSL%29 -- be careful to follow everything, especially the parts about client specific overrides and iroutes.

]]>https://forum.netgate.com/post/569851https://forum.netgate.com/post/569851Thu, 10 Sep 2015 14:27:31 GMT