When you configure an IPsec tunnel in pfSense, you are likely envisioning one of two deployment scenarios. One is to configure IPsec as a peer, which can connect to and/or accept a connection from another peer, establishing an IPsec tunnel between the two devices. Another is to set up an IPsec server as a server and accept connections from remote clients. This section will cover both scenarios.
If you want to set up IPsec to act as a server with multiple mobile clients, you should begin at the Mobile Clients tab. The mobile clients configuration process will then autogenerate a Phase 1 IPsec entry, which you can then configure. If this is your IPsec deployment scenario, you might consider skipping to the IPsec mobile client configuration section.