strongSwan

I'd like to use strongswan in a scenario where remote end can be specified as a range in the transport mode/esp. The scenario is to allow transparent encryption to a range of hosts without configuring each pair separately. Traps should handle encryption to hosts which match the range and authenticate properly.

I believe there was a test done with a similar scenario before in the trap-any branch: http://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/trap-any
There was also a post about opennhrp with racoon/strongswan which enables a similar configuration as far as I understand: http://t57773.network-vpn-strongswan-development.networkforums.info/dynamic-multipoint-vpn-opennhrp-with-strongswan-t57773.html

It would be great if that feature was officially implemented.

Config expected to run such case:

conn %default
forceencaps=no
type=transport
mobike=no
authby=psk
keyexchange=ikev2

conn multiple-hosts
left=w.x.y.1
right=w.x.y.z/24
auto=route