pfSense

Strongswan allows for setting the remote gateway to a subnet, multiple addresses, a range, or any IP address (%any).
The input validation does not allow these values to be set in the GUI. While not normally needed, there are situations outside of a typical road-warrior IPsec setup where these options are needed. Dynamic DNS is a better option, but not always available.
Perhaps require an 'I know what I'm doing' button to allow non standard input.
This would require a small change in vpn_ipsec_phase1.php and also in the logic that builds the filter rules for IPSec.