@Konstanti
Thanks! I will take a look at this. The problem is that I don't know for sure that this is the problem. I would hate to go through regeneration and deployment of new certificates and STILL have the issue.
I've managed to get everything (HTTPS/IPsec) working, except for the iPad. I'm guessing that the fragmentation is the issue since it's the last thing I see before destroying the connection.
It's not urgent that I get this working on the iPad since I do have a working IPsec on my phone. It would be rare I'm travelling with the iPad and NOT also have my phone available.