What is the right configurations, I am lost

Sal

Hi all,

I am new to pfsense and I am trying to find the best configuration for IPsec tunnels. I have 3 office branches and an Azure environment. Also, there is an Open VPN remote access to the main office. I want to create IPsec tunnels between these locations

My understanding is I have to do the following :
On site 1 :
Ipsec tunnel from Site 1 to Site 2
Phase 2 only the local LAN network of site 1 to the remote LAN network of site 2

Ipsec tunnel from Site 1 to Site 3
Phase 2 only the local LAN network of site 1 to the remote LAN network of site 3

Ipsec tunnel from Site 1 to Azure
Phase 2 only the local LAN network of site 1 to the remote subnet of Azure

On site 2 :
Ipsec tunnel from Site 2 to Site 1
Phase 2 only the local LAN network of site 2 to the remote LAN network to site 1

Ipsec tunnel from Site 2 to Site 3
Phase 2 only the local LAN network of site 2 to the remote LAN network to site 3

Ipsec tunnel from Site 2 to Azure
Phase 2 only the local LAN network of site 2 to the remote subnet of Azure

On site 3 :
Ipsec tunnel from Site 3 to Site 1
Phase 2 only the local LAN network of site 3 to the remote LAN network to site 1

Ipsec tunnel from Site 3 to Site 2
Phase 2 only the local LAN network of site 3 to the remote LAN network to site 2

Ipsec tunnel from Site 3 to Azure
Phase 2 only the local LAN network of site 3 to the remote subnet of Azure

my question is when Creating an IPsec tunnels between the main office and one of the other 2 branches, In the phase 2 do I put the local LAN network and the remote network only or do I also have to add the Open VPN subnet and the Azure subnet as a local network? How does PFsense route between these locations? Is it dynamic or do I have to add static routes?
I am lost, please help