I would like to know about pre-shared key configured on router.
While configuring site-to-eite VPN on two routers we are using pre-shared keys.
Now we are configuring manually keys on both routers statically.
Can we use any router as key management server who will change pre shared keys dynamically.
The router doesn't have any management-features for PSKs. In general they are not changed very often which is not a really good practice. But to still be secure there are two ways to secure your VPN:
1) Use really long PSKs (they can be up to 128 characters and should be completely ramdon) and configure PSK-encryption. Use different PSKs for different VPNs
2) Change the authentication to RSA-Sig with digital certificates. The IOS-router has a build-in CA, so that's a little bit the management-server you are looking for.
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
In case you were not talking about a Key server like in GET VPN, then check Karsten's post (5 stars).
At this point, you could use the LOCAL CA server of IOS in order to manage a "small" PKI infrastructure.