I've dedicated an entire /23 to strongswan IKEv2 clients, and would like to be able to have charon query ISC dhcpd to acquire IP addressi and other parameters. It would be nice if in addition, I could use a user-specified attribute of the IKEv2 identity as a hostname (for example, my certificates are configured such that cn=hostname). it would also be nice if I could tell windows the connection specific dns suffix, which there seems to be no RFC to specify at present, that's a suggestion for future RFC refinements.<br>
<br>I keep running into 2 problems an a minor issue:<br><br>1) the DHCP server never gets requests. I've tried specifying 255.255.255.255 and the specific DHCP server address, and neither results in queries arriving at the DHCP server, which is on the same device as strongswan<br>
2) I've reserved the address range with some subnet parameters, et al on the dhcp server, but have no generic way to match "this query has come from charon, so issue it an IP address from this pool". there's no virtual device for charon, so I can't specify an IP address in the range, or similar, and I'm at a complete loss how to accomplish this now.<br>
3) this is somewhat less. there's no way to specify a certificate attribute as hostname or other, anything except the "ikev2 identity" can't be passed in the dhcp request insofar as I can identify.<br>