It's quite simple yet we can't seem to get it done.
Setting up a site to site VPN connection between a PFsense (local)
and a Vnet on azure - Vnet is there, empty created just for the purpose (it will need a VM in it, that needs to be able to have two way communication between the site AD replication)
and a PFsense
[login to view URL]
Followed this, but we miss some stupid detail probably to make it work.
You'll get access with Teamviewer to a laptop that is connected to both Azure and the PFsense.
Config of the Vnet is flexible - nothing mission critical running, the Pfsense is in a production envo and care needs to be taken when making modifications outside of those that are expected.