pfSense

With a variety of other firewall and vpn solutions, the user is given the ability to create groups of users and govern those groups in different ways.

For example, with cisco equipment it is possible to create several groups for vpn users to live in: users, admins and customers. Users can have access to LAN resources, Admins can be granted access to administrative networks and customers can have access to customer-only resources like file sharing tools.

PfSense currently does not support having multiple groups for remote access ipsec vpn users. I have tried creating multiple groups, multiple users, multiple ipsec psk entries, and attempted to create a scenario whereby if a user logs in with a specific psk they are put into a specific ip pool, however no matter what is entered into the psk on the users side, they are dumped into the same ip pool.

In fact, it doesnt matter what a user puts into the psk field at all - even if its just keyboard mashing - they are authenticated and given an ip (this is probably a bug, and almost certainly a security problem).