Mobile lancom Client can't connect

  • Hi,
    we are going to establish a vpn connection between a lancom mobile client and a customer network.

    lancom mobile client -> pfsense – (inet) --> lancom-router -> customer network

    The lancom client is a software tool for managing vpn connections.
    As protocol it uses ipsec with nat-t encapsulation.

    What rules should I apply on the pfsense especially on the lan and the wan side.

    Currently Im a little bit confused because I already have opened several ports but it still does not work.

    Is there a general rule what services and ports definitely have to be open.

    sorry for my English

    I appreciate any help