1000 pfSense <-> 1 pfSense VPN Tunnels
We are planning to deploy a large setup with 1000 pfSense 'client' boxes connecting - over the internet - to 1 huge pfSense 'server' box in our datacenter. These 1000 Tunnels should be permanently up. Each of these 1000 'client' boxes should have its own 10.x.y.0/24 subnet connecting to the 'server' box. The data transfer should be bi-directional. Our criteria are: ease of configuration, management, and performance.
Question: Which is recommended: OpenVPN Client on the clients + OpenVPN Server on the server; or IPSec, or anything else.
Thanks for any input,