Picking interface subnet in IPsec for an interface with no IP generates invalid racoon.conf
If you pick an interface subnet in an IPsec P2 that has no IP, it generates an invalid racoon.conf. Input validation should prohibit picking the subnet on an interface that doesn't have a subnet on vpn_ipsec_phase2.php.
Also may want to skip that entirely in racoon.conf and log an error, in case someone changes an interface later from having an IP to none. Or prohibit changing an interface to type "none" if its subnet is used in any IPsec P2.