Perhaps there was a reason it was never implmented, but in case it
just got missed:
Index: ikev2.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2.c,v
retrieving revision 1.82
diff -u -p -r1.82 ikev2.c
--- ikev2.c 21 Mar 2013 04:30:14 -0000 1.82
+++ ikev2.c 25 May 2013 19:49:12 -0000
@@ -1437,6 +1437,17 @@ ikev2_add_cp(struct iked *env, struct ik
return (-1);
len += 4;
break;
+ case IKEV2_CFG_INTERNAL_IP4_SUBNET:
+ /* 4 bytes IPv4 address + 4 bytes IPv4 mask + */
+ in4 = (struct sockaddr_in *)&ikecfg->cfg.address.addr;
+ mask = prefixlen2mask(ikecfg->cfg.address.addr_mask);
+ cfg->cfg_length = htobe16(8);
+ if (ibuf_add(buf, &in4->sin_addr.s_addr, 4) == -1)
+ return (-1);
+ if (ibuf_add(buf, &mask, 4) == -1)
+ return (-1);
+ len += 8;
+ break;
case IKEV2_CFG_INTERNAL_IP6_DNS:
case IKEV2_CFG_INTERNAL_IP6_NBNS:
case IKEV2_CFG_INTERNAL_IP6_DHCP:
@@ -1449,6 +1460,7 @@ ikev2_add_cp(struct iked *env, struct ik
len += 16;
break;
case IKEV2_CFG_INTERNAL_IP6_ADDRESS:
+ case IKEV2_CFG_INTERNAL_IP6_SUBNET:
/* 16 bytes IPv6 address + 1 byte prefix length */
in6 = (struct sockaddr_in6 *)&ikecfg->cfg.address.addr;
cfg->cfg_length = htobe16(17);
