[strongSwan] How to configure Identity and APN in the ipsec.conf on GW moon ?

[Mao, Zhiheng]

Hi there,

I am using the strongswan-5.0.0 as the VPN GW to serve a 3GPP phone. This phone sends its identity (in the IDi payload) and the requested APN information (in the IDr payload) in the first message of the IKE_AUTH phase. The GW moon is supposed to match this identity and the APN in one of the connection sections defined in the ipsec.conf, and then assign the corresponding VPN address to this client.

I try the following parameters in ipsec.conf to match this identity (IDi) and APN (IDr) from client:
rightid=phone's identity
leftid=requested APN

Are these two parameters correctly matching the IDi and IDr from the client?
If not, are there other defined parameters in ipsec.conf I can use for this purpose?
If still not, could you please point me to the corresponding code sections where I can add the support for finding the matching peer config under  <Identity (IDi), APN (IDr)>?

Thank you very much for your time!

Regards,

Zhiheng Mao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120920/bae415e6/attachment.html>