1. Use the following how-to setup your VPN within PFSense - https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configuring-an-ipsec-remote-access-mobile-vpn-using-ikev2-with-eap-mschapv2.html

2. Export the CA you created in PSFense and install the CA onto your client PC. Place the CA into Trusted Root Certification Authorities.

3. Modify your registry by adding a new entry under HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters.

Type - DWORD

Name of key - NegotiateDH2048_AES256

Value - 2

4. Open Power Shell and run the below after altering it for your network.

Add-VpnConnection -Name "MY VPN" -ServerAddress "vpn.myserver.com" -TunnelType IKEv2 -AuthenticationMethod EAP -EncryptionLevel "Required"
Set-VpnConnectionIPsecConfiguration -ConnectionName "MY VPN" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -DHGroup Group14 -PfsGroup None -PassThru 

Add-VpnConnection -Name "MY VPN" -ServerAddress "vpn.myserver.com" -TunnelType IKEv2 -AuthenticationMethod EAP -EncryptionLevel "Required"
Set-VpnConnectionIPsecConfiguration -ConnectionName "MY VPN" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -DHGroup Group14 -PfsGroup None -PassThru 

 5. Connect to your new VPN.