Hi,
we are looking at a hub-spoke ipsec implementation were the spokes will be issued with dynamic ips. The hub and spokes will be IOS routers. If we use a wildcard pre-shared key can the spoke routers be configured as xauth clients? What other options would be available to enhance the security in this scenario?
danke