In our VPN setups all road warriors that connect to a VPN gateway use the same pre-shared key. This means that changing the key will require all users to switch to the new key at the same time which is difficult in practice.
Has anyone found a solution for this? Is there any way to have two pre-shared keys active at the same time? As an alternative to using pre-shared keys I'd like to use XAUTH but AFAIK there's currently no support for that in OpenBSD Another option would be to use public key authentication but it looks like the VPN client we use does not (yet?) support that. Daniel
