This error doesn’t give many clues as to whats wrong but it turns out it is usually a simple fix and is caused by a mismatch between the main / aggressive setting on the negotiation of phase one. Simply make sure both ends match, or if the setting is not available at one end change it on the pfsense.
