Add IPsec option to allow the client to save the Xauth password
Add check box in the 'Client Configuration (mode-cfg)' section of IPsec configuration pages that would allow pfSense admin to specify if IPsec clients can save Xauth password or not.
When saving password is enabled racoon.conf needs to have this line
by default this feature is off. Man page http://netbsd.gw.com/cgi-bin/man-cgi?racoon.conf+5+NetBSD-current