The built-in ISPEC client in Windows 7 will allow you create IPSEC policies with "filters" that identify when traffic should be encrypted. If I understand, you're looking for a way to identify specific traffic flows (destination address / subnet, protocol, port combinations) that should be subjected to IPSEC encryption / authentication under Windows 7. (I can't comment yet, so I'm going to post to ask for clarification initially, then edit as necessary.)
You'll find a post here with detailed instructions of how I went about. This solution will probably benefit other clients as well! After scouring all corners of the Internet for idéas I had enough information to construct a working solution. I've managed to get SoftRemote to work on Windows 7 圆4 through Windows XP Mode. I've tried TheGreenBow, NCP Secure Entry, Cisco VPN Client and Shrew Soft VPN but none of these allows you to configure by protocol and port. Since the VPN gateway is configured this way the client must mirror these settings. But SoftRemote isn't compatible with Windows 7. On Windows XP and Vista we've used SafeNet SoftRemote in which you can set up rules for specific protocols and ports. I'm looking for a Windows 7 compatible IPSec VPN client that allows protocol and port specific rules as well as an aggressive mode. It is not currently accepting new answers or interactions. This question and its answers are locked because the question is off-topic but has historical significance.