In case anybody else hopes to try this, I have just been on a chat with NordVPN, and they told me that not even their experts had managed to get that working. They were hoping that it may be possible in the future, maybe with a change in pfSense. I have no idea what kind of change that would have to be, but so far it seems like I'm out of luck.  :(

No, that is not possible.

Without seeing your settings and more log entries, no. My crystal ball is currently malfunctioning.

Awesome, thanks so much!

There is no such limit on pfSense or with IKEv1. Probably hitting a limit on the ASA.

Depending on how the P2 networks are arranged you might be able to summarize them to reduce the total number.

Yeah. IPsec doesn't behave like that.

You should probably start by posting what you have done, not a representation of what you think you have done.

Post ALL of the traffic selectors. Not just a few.

How do you know what "tunnel" the traffic is being sent on?

No. In the IPsec Phase 2.

Just like here:

https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2#Phase_2

got it fixed.  missing nat rule on PFA from internet to 10.253.253.0/24 network

Problem solved! Now i can connect my pfsense box as a client to my SoftEther server. The problem was the latest (RTM) Version of SoftEther server, which seems to have an issue with OpenVPN. After installing an earlier version, everything is working as expected.

@Derelict:

Probably no and not that I know of. Make your IPsec connection from behind the firewall or use an OpenVPN provider.

Thank you, I'll do that.

jcconnell did you ever get this resolved?

I am having the the same issue as you are having and all my networks are setup properly.

Let me know!

Hello

on your phase 2 entire do you have 192.168.2.0/24 and 192.168.3.0/24 setup? or are you doing 192.168.0.0/16?

Thanks