It is not a problem within isakmpd, it will accept IPV4_ADDR_SUBNET of size
As I already explained to you in a private mail, ipsecctl will export both
192.168.1.249 and 192.168.1.249/32 into IPV4_ADDR=192.168.1.249 while your
windows client is sending IPV4_ADDR_SUBNET for 192.168.1.249/32, and this
will not match.
I have looked into changing this ipsecctl's behaviour but I can't find a
clean way to do it.
Since it's not an isakmpd's problem but a problem in ipsecctl parsing the
config for isakmpd, you can always use the old-style isakmpd.conf config. Or
see if your windows client can define a different destination type.