Traditionally with IPSec when one site has 2 prefixes you create 2 tunnel configurations under the peer in Vyos.
With Vyos 1.2 and the update to Charon it is possible to use 2 prefixes in one rightsubnet line with a ',' in between.
In ipsec.conf rightsubnet=prefix1,prefix2.
This is needed with Azure virtual gateway since it won't accept the second tunnel configuration but does accept the 2 prefixes in 1 tunnel when working with route-based virtual gateways.
Since Charon accepts it the change would possible be small, only the imput validation has to allow this and add it to ipsec.conf.
Alternate solution would be to implement interface routes like Edgerouter does.
protocols static route prefix1 next-hop-interface vti0
protocols static route prefix2 next-hop-interface vti0
Then we can use that to add the prefixes and use bind vti0 in the VPN configuration.