I'd do a separate instance for remote access and one for site2site. Have this already in production and works really fine
A bug? No. Maybe it’s not very intuitive.All involved networks need to be defined in the main server to be added to the routing table. The client specific override only configures which client is getting which local networks and which remote networks are on the other side of the peer.
Still no screenshot
Are you sure your client specific overrides are executed?I needed to check "Force CSO Login Matching" to make it work.