Still working on this issue so a quick morning update.
I've figured that in the request IKE_AUTH is the client telling strongSwan what
it supports as "information".
# Win10 supports ADDR(1) DNS(3) NBNS(4) SRV ADDR6(8) DNS6(10) SRV6
# OSX supports ADDR DHCP(6) DNS MASK(2) ADDR6 DHCP6(12) DNS6 DNS_DOMAIN(25)
So I have added dns and domain into the attr.conf
$ /etc/strongswan.d/charon/attr.conf
attr {
load = yes
dns = 10.0.5.202
25 = eu-west-2.compute.internal
}
and removed DHCP because as Thor said, it was only being used by strongSwan to
assign an IP address to the client which is not needed in my case.
Windows 10 is still not adding any route though but I have managed to alter the
command so I can bind the route persistently to the interface (as opposed to
the IP that I had before) which allows for IP address changes
netsh interface ipv4 show interfaces
note the name of your vpn interface
netsh interface ipv4 add route 10.0.0.0/18 "vpn-interface-name"
<http://www.naimuri.com/>
where 10.0.0.0/18 is your internal network
