Curious why you're using IPSEC. My understanding is that these have high overhead. Why not use a SSL based VPN like OpenVPN which I understand has less overhead?
The reason I utilize IPSEC/L2TP is specifically for my line of work. I regularly work with multiple NOC (Network Operations Centers) on VPN tunnels back to corporate offices, and their equipment utilizes VPN with IPSEC/L2TP, when it fails, they try to blame it on the equipment vs something in their configuration. I then with my laptop connected to their device connect to my VPN tunnel at home prove that the equipment (usually a cellular backup device) did in fact establish a VPN tunnel successfully over the requested protocol. This stops their IT in their tracks of saying that I don't know what I am doing. So the reason I utilize it is for work to verify equipment is really capable of running the tunnel, when there is problems establishing their own tunnel. Does that help? I was doing this previously on a Virtual Machine on my server at home, but when my router took a dump, it took the port configurations with it, and I have been unsuccessful in getting things working again. Thus the hard-ware solution.
Maybe I should also ask what platform clients you're using?
Generally I am using my Macbook Pro or my Android phone. I enjoy the built in interface for IPSEC/L2TP for OSX, vs having to run a separate client for VPN services.
I understand that it is frustrating. I'll re-read the thread to see if I missed something, but unless there are issues with the 2.4 (?) build of PFSENSE I do know that IPSEC VPN works with iPhone and OpenVPN also works with the iPhone.
Also keep in mind that some of the cell carriers have eliminated IPv4 addressing. This means that you may need to use IPv6 instead. I just ran into this with T-Mobile and IOS 10.2. Apparently the general thought is that no one is using IPv4 anymore and therefore T-Mobile dropped IPV4 support... ARGH!!!!!! Yes, I was still using it. I called and called and called. No one had a clue. I figured it out by doing a lot of troubleshooting and researching. They had no clue to how to fix it either.... Answer was to switch my external presence to IPV6 and that took care of it.
I am willing to help, but we will need to take it offline. Typing all of the conversation back and forth would be too time consuming.
Very much appreciated. I will even give you remote access to the firewall via my computer so that we can work on this together. I will send you my email to correspond with via private message. My hopes is that we can get this working to such a level, that we can make this available to anyone that wishes from Allonis to have an easy to utilize IPSEC/L2TP VPN tunnel.