@sergecaron This issue is reported as #7773 IPSec using IKEv2 with split DNS not using provided domain names and is opened since August 2017.
This is what an iOS client currently receives in pfSense 2.6.0:
08[IKE] <con-mobile|60> IKE_SA con-mobile[60] state change: CONNECTING => ESTABLISHED
08[IKE] <con-mobile|60> scheduling rekeying in 25549s
08[IKE] <con-mobile|60> maximum IKE_SA lifetime 28429s
08[IKE] <con-mobile|60> peer requested virtual IP %any
08[CFG] <con-mobile|60> reassigning offline lease to 'RemoteUser'
08[IKE] <con-mobile|60> assigning virtual IP 192.168.233.241 to peer 'RemoteUser'
08[IKE] <con-mobile|60> peer requested virtual IP %any6
08[IKE] <con-mobile|60> no virtual IP found for %any6 requested by 'RemoteUser'
08[IKE] <con-mobile|60> building INTERNAL_IP4_DNS attribute
08[IKE] <con-mobile|60> building INTERNAL_IP4_DNS attribute
08[IKE] <con-mobile|60> building INTERNAL_IP4_SUBNET attribute
08[IKE] <con-mobile|60> building INTERNAL_IP4_SUBNET attribute
08[IKE] <con-mobile|60> building (27674) attribute
08[IKE] <con-mobile|60> building UNITY_SPLITDNS_NAME attribute
08[CFG] <con-mobile|60> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
08[IKE] <con-mobile|60> CHILD_SA con-mobile{6} established with SPIs cf1aed7d_i 053643d4_o and TS 192.168.18.0/24|/0 192.168.166.0/24|/0 === 192.168.233.241/32|/0
08[ENC] <con-mobile|60> generating IKE_AUTH response 5 [ AUTH CPRP(ADDR DNS DNS SUBNET SUBNET (27674) U_SPLITDNS) N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]
The 27674 and UNITY_SPLITDNS_NAME attributes are not defined in IKEv2.
This client will never process interal DNS servers.
Is it time to fix this ?
Regards,