Would like to share a great experience that my organisation has had with using an external LDAP provider to authenticate VPN access.
Previously we ran our own LDAP servicer internally but maintaining it was not fun. Never managed to get it to work correctly for VPN authentication and most of the documentation was MS related. After looking for an alternative I stumbled across FoxPass http://www.foxpass.com which is basically LDAP SaaS, but cool. Its free for small people like us 8)
With their assistance, it was up and running in no time. The documentation has been updated so if you are interested in how to authenticate your pfSense IPSec VPN via LDAP without the pain then check this out: https://foxpass.readme.io/docs/pfsense-ldap
Enjoy