Firewall replacement - consequences for VPN clients and how to handle it
We're going to replace our todays firewall and as I've understood you cannot create the new VPN client (Mobile VPN) until the new firewall object has been created and is up and running. We've done this on another location with mixed experience. Users were not prompted for new certificate not even after site has been deleted/re-created in the VPN client. The only solution we found for that site was to uninstall/re-install the VPN client.
Now we're going to replace the firewalls on a bigger site with hundreds of VPN clients connected. I would not like to re-install those clients as users are often on business trips and do not have local admin rights.
Any ideas on how to proceed with this the least painful way?