I don't have such experience. I tried to configure IPSec and IKEv2 in pfSense following the instructions and it never worked with a Windows client. There are a lot of questions related to this on the forums without a concrete/canonical answer.
I like pfSense but I chose it to easily configure usually complex networking stuff, not a DHCP or DNS. We are trying now to configure IKEv2 on an Ubiquiti device using UniFi with a load balancer and doesn't seem to be trivial.
When did you try the IPSec/IKEv2 in pfsense? Prior to, I think, 2.4 you had to go into the registry and do some hack to get around certificate limitations. It's no longer necessary and setup was a breeze for me (and the registry hack worked for me as well). I loosely followed: https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2
Yeah, but that's mostly because IPSec supports so damn many authentication methods, cipher settings, etc.
I've had to integrate with several telcos via IPSec (mobile money processing), and it's always fun to try and figure out what they're saying when all they can do is describe the [incredibly generic] settings in the Cisco ASA WebUI.
Then you finally figure out the ipsec.conf settings to make it work, and they come back to you a month later asking for a copy of your file to give to another company who's trying to integrate.
Sure, how much are you going to pay us? Oh, nothing? Well, I remember how much help you gave us when we were banging our head on the wall trying to figure it out. So, hire competent people and figure it out yourself!
I like pfSense but I chose it to easily configure usually complex networking stuff, not a DHCP or DNS. We are trying now to configure IKEv2 on an Ubiquiti device using UniFi with a load balancer and doesn't seem to be trivial.