IPsec [New] Missing field for both end peer ID configuration

[funfuck1337]

I am setting up an S2S IPsec transport tunnel. Spec as below:

Code: [Select]

A end: dynamic IP, FQDN provided
B end: static IP, Debian with strongswan installed.
The setup went all good and straight forward.

The problem is OPNsense phase 1 connection config has address field only. There is no way to config peer ID for both end...



And that causing A-end with dynamic IP would never initiate the IPsec connection with below line logged...

Code: [Select]

Informational charon 12[CFG] <|3> no IDi configured, fall back on IP address
Informational charon 12[IKE] <|3> authentication of '[WAN_IP4]' (myself) with pre-shared key
Informational charon 12[IKE] <|3> no shared key found for '[WAN_IP4]' - '%any'
The workaround is config B-end to always be the initiator. But it is not healthy.
Because next I had to setup another S2S tunnel which both end are dynamic IP...

I would like to know if there is a way to get rid of this or could I add peer ID manually in the file?