diff --git a/src/www/vpn_ipsec_mobile.php b/src/www/vpn_ipsec_mobile.php
index c8e0e7cd0..cd4ce25d9 100644
--- a/src/www/vpn_ipsec_mobile.php
+++ b/src/www/vpn_ipsec_mobile.php
@@ -34,7 +34,7 @@ require_once("services.inc");
 require_once("pfsense-utils.inc");
 
 if (!is_array($config['ipsec'])) {
-        $config['ipsec'] = array();
+    $config['ipsec'] = array();
 }
 
 if (!is_array($config['ipsec']['phase1'])) {
@@ -45,116 +45,73 @@ if (!is_array($config['ipsec']['client'])) {
     $config['ipsec']['client'] = array();
 }
 
-$a_phase1 = &$config['ipsec']['phase1'];
-$a_client = &$config['ipsec']['client'];
+// define formfields
+$form_fields = "user_source,group_source,pool_address,pool_netbits,net_list
+,save_passwd,dns_domain,dns_split,dns_server1,dns_server2,dns_server3
+,dns_server4,wins_server1,wins_server2,pfs_group,login_banner";
 
-if (count($a_client)) {
-    $pconfig['enable'] = $a_client['enable'];
+if ($_SERVER['REQUEST_METHOD'] === 'GET') {
+    $pconfig = array();
+    // defaults
+    $pconfig['pool_netbits'] = 24;
 
-    $pconfig['user_source'] = $a_client['user_source'];
-    $pconfig['group_source'] = $a_client['group_source'];
-
-    $pconfig['pool_address'] = $a_client['pool_address'];
-    $pconfig['pool_netbits'] = $a_client['pool_netbits'];
-    $pconfig['net_list'] = $a_client['net_list'];
-    $pconfig['save_passwd'] = $a_client['save_passwd'];
-    $pconfig['dns_domain'] = $a_client['dns_domain'];
-    $pconfig['dns_split'] = $a_client['dns_split'];
-    $pconfig['dns_server1'] = $a_client['dns_server1'];
-    $pconfig['dns_server2'] = $a_client['dns_server2'];
-    $pconfig['dns_server3'] = $a_client['dns_server3'];
-    $pconfig['dns_server4'] = $a_client['dns_server4'];
-    $pconfig['wins_server1'] = $a_client['wins_server1'];
-    $pconfig['wins_server2'] = $a_client['wins_server2'];
-    $pconfig['pfs_group'] = $a_client['pfs_group'];
-    $pconfig['login_banner'] = $a_client['login_banner'];
-
-    if (isset($pconfig['enable'])) {
+    // copy / initialize $pconfig attributes
+    foreach (explode(",",$form_fields) as $fieldname) {
+      $fieldname = trim($fieldname);
+      if(isset($config['ipsec']['client'][$fieldname])) {
+        $pconfig[$fieldname] = $config['ipsec']['client'][$fieldname];
+      } elseif (!isset($pconfig[$fieldname])) {
+        // initialize element
+        $pconfig[$fieldname] = null;
+      }
+    }
+    if (isset($config['ipsec']['client']['enable'])) {
         $pconfig['enable'] = true;
     }
-
-    if ($pconfig['pool_address']&&$pconfig['pool_netbits']) {
-        $pconfig['pool_enable'] = true;
-    } else {
-        $pconfig['pool_netbits'] = 24;
+    if (isset($config['ipsec']['client']['net_list'])) {
+        $pconfig['net_list'] = true;
     }
 
-    if (isset($pconfig['net_list'])) {
-        $pconfig['net_list_enable'] = true;
+    if (isset($config['ipsec']['client']['save_passwd'])) {
+        $pconfig['save_passwd'] = true;
     }
-
-    if (isset($pconfig['save_passwd'])) {
-        $pconfig['save_passwd_enable'] = true;
-    }
-
-    if ($pconfig['dns_domain']) {
-        $pconfig['dns_domain_enable'] = true;
-    }
-
-    if ($pconfig['dns_split']) {
-        $pconfig['dns_split_enable'] = true;
-    }
-
-    if ($pconfig['dns_server1']||$pconfig['dns_server2']||$pconfig['dns_server3']||$pconfig['dns_server4']) {
-        $pconfig['dns_server_enable'] = true;
-    }
-
-    if ($pconfig['wins_server1']||$pconfig['wins_server2']) {
-        $pconfig['wins_server_enable'] = true;
-    }
-
-    if (isset($pconfig['pfs_group'])) {
-        $pconfig['pfs_group_enable'] = true;
-    }
-
-    if ($pconfig['login_banner']) {
-        $pconfig['login_banner_enable'] = true;
-    }
-}
-
-if ($_POST['create']) {
-    header("Location: vpn_ipsec_phase1.php?mobile=true");
-}
-
-if ($_POST['apply']) {
-    $retval = 0;
-    $retval = vpn_ipsec_configure();
-    $savemsg = get_std_save_message($retval);
-    if ($retval >= 0) {
-        if (is_subsystem_dirty('ipsec')) {
-            clear_subsystem_dirty('ipsec');
-        }
-    }
-}
-
-if ($_POST['submit']) {
-    unset($input_errors);
+} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $input_errors = array();
     $pconfig = $_POST;
+    if (isset($_POST['create'])) {
+        // create new phase1 entry
+        header("Location: vpn_ipsec_phase1.php?mobile=true");
+    } elseif (isset($_POST['apply'])) {
+        // apply changes
+        $retval = 0;
+        $retval = vpn_ipsec_configure();
+        $savemsg = get_std_save_message($retval);
+        if ($retval >= 0) {
+            if (is_subsystem_dirty('ipsec')) {
+                clear_subsystem_dirty('ipsec');
+            }
+        }
+    } elseif (isset($_POST['submit'])) {
+        // save form changes
 
-    /* input consolidation */
+        // input preparations
+        if (!empty($pconfig['user_source'])) {
+            $pconfig['user_source'] = implode(",", $pconfig['user_source']);
+        }
 
+        /* input validation */
+        $reqdfields = explode(" ", "user_source group_source");
+        $reqdfieldsn =  array(gettext("User Authentication Source"),gettext("Group Authentication Source"));
+        do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
 
-
-    /* input validation */
-
-    $reqdfields = explode(" ", "user_source group_source");
-    $reqdfieldsn =  array(gettext("User Authentication Source"),gettext("Group Authentication Source"));
-
-    do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
-
-    if ($pconfig['pool_enable']) {
-        if (!is_ipaddr($pconfig['pool_address'])) {
+        if (!empty($pconfig['pool_address']) && !is_ipaddr($pconfig['pool_address'])) {
             $input_errors[] = gettext("A valid IP address for 'Virtual Address Pool Network' must be specified.");
         }
-    }
 
-    if ($pconfig['dns_domain_enable']) {
-        if (!is_domain($pconfig['dns_domain'])) {
+        if (!empty($pconfig['dns_domain']) && !is_domain($pconfig['dns_domain'])) {
             $input_errors[] = gettext("A valid value for 'DNS Default Domain' must be specified.");
         }
-    }
 
-    if ($pconfig['dns_split_enable']) {
         if (!empty($pconfig['dns_split'])) {
             $domain_array=preg_split("/[ ,]+/", $pconfig['dns_split']);
             foreach ($domain_array as $curdomain) {
@@ -164,110 +121,71 @@ if ($_POST['submit']) {
                 }
             }
         }
-    }
 
-    if ($pconfig['dns_server_enable']) {
-        if (!$pconfig['dns_server1'] && !$pconfig['dns_server2'] &&
-            !$pconfig['dns_server3'] && !$pconfig['dns_server4'] ) {
-            $input_errors[] = gettext("At least one DNS server must be specified to enable the DNS Server option.");
-        }
-        if ($pconfig['dns_server1'] && !is_ipaddr($pconfig['dns_server1'])) {
+        if (!empty($pconfig['dns_server1']) && !is_ipaddr($pconfig['dns_server1'])) {
             $input_errors[] = gettext("A valid IP address for 'DNS Server #1' must be specified.");
         }
-        if ($pconfig['dns_server2'] && !is_ipaddr($pconfig['dns_server2'])) {
+        if (!empty($pconfig['dns_server2']) && !is_ipaddr($pconfig['dns_server2'])) {
             $input_errors[] = gettext("A valid IP address for 'DNS Server #2' must be specified.");
         }
-        if ($pconfig['dns_server3'] && !is_ipaddr($pconfig['dns_server3'])) {
+        if (!empty($pconfig['dns_server3']) && !is_ipaddr($pconfig['dns_server3'])) {
             $input_errors[] = gettext("A valid IP address for 'DNS Server #3' must be specified.");
         }
-        if ($pconfig['dns_server4'] && !is_ipaddr($pconfig['dns_server4'])) {
+        if (!empty($pconfig['dns_server4']) && !is_ipaddr($pconfig['dns_server4'])) {
             $input_errors[] = gettext("A valid IP address for 'DNS Server #4' must be specified.");
         }
-    }
 
-    if ($pconfig['wins_server_enable']) {
-        if (!$pconfig['wins_server1'] && !$pconfig['wins_server2']) {
-            $input_errors[] = gettext("At least one WINS server must be specified to enable the DNS Server option.");
-        }
-        if ($pconfig['wins_server1'] && !is_ipaddr($pconfig['wins_server1'])) {
+        if (!empty($pconfig['wins_server1']) && !is_ipaddr($pconfig['wins_server1'])) {
             $input_errors[] = gettext("A valid IP address for 'WINS Server #1' must be specified.");
         }
-        if ($pconfig['wins_server2'] && !is_ipaddr($pconfig['wins_server2'])) {
+        if (!empty($pconfig['wins_server2']) && !is_ipaddr($pconfig['wins_server2'])) {
             $input_errors[] = gettext("A valid IP address for 'WINS Server #2' must be specified.");
         }
-    }
 
-    if ($pconfig['login_banner_enable']) {
-        if (!strlen($pconfig['login_banner'])) {
-            $input_errors[] = gettext("A valid value for 'Login Banner' must be specified.");
+        if (count($input_errors) == 0) {
+            $client = array();
+            $copy_fields = "user_source,group_source,pool_address,pool_netbits,dns_domain,dns_server1
+            ,dns_server2,dns_server3,dns_server4,wins_server1,wins_server2
+            ,dns_split,pfs_group,login_banner";
+            foreach (explode(",",$copy_fields) as $fieldname) {
+							$fieldname = trim($fieldname);
+							if(!empty($pconfig[$fieldname])) {
+								$client[$fieldname] = $pconfig[$fieldname];
+							}
+						}
+            if (!empty($pconfig['enable'])) {
+                $client['enable'] = true;
+            }
+
+            if (!empty($pconfig['net_list'])) {
+                $client['net_list'] = true;
+            }
+
+            if (!empty($pconfig['save_passwd'])) {
+                $client['save_passwd'] = true;
+            }
+
+            $config['ipsec']['client'] = $client;
+
+            write_config();
+            mark_subsystem_dirty('ipsec');
+
+            header("Location: vpn_ipsec_mobile.php");
+            exit;
         }
     }
 
-    if (!$input_errors) {
-        $client = array();
-
-        if ($pconfig['enable']) {
-            $client['enable'] = true;
-        }
-
-        if (!empty($pconfig['user_source'])) {
-            $client['user_source'] = implode(",", $pconfig['user_source']);
-        }
-        $client['group_source'] = $pconfig['group_source'];
-
-        if ($pconfig['pool_enable']) {
-            $client['pool_address'] = $pconfig['pool_address'];
-            $client['pool_netbits'] = $pconfig['pool_netbits'];
-        }
-
-        if ($pconfig['net_list_enable']) {
-            $client['net_list'] = true;
-        }
-
-        if ($pconfig['save_passwd_enable']) {
-            $client['save_passwd'] = true;
-        }
-
-        if ($pconfig['dns_domain_enable']) {
-            $client['dns_domain'] = $pconfig['dns_domain'];
-        }
-
-        if ($pconfig['dns_split_enable']) {
-            $client['dns_split'] = $pconfig['dns_split'];
-        }
-
-        if ($pconfig['dns_server_enable']) {
-            $client['dns_server1'] = $pconfig['dns_server1'];
-            $client['dns_server2'] = $pconfig['dns_server2'];
-            $client['dns_server3'] = $pconfig['dns_server3'];
-            $client['dns_server4'] = $pconfig['dns_server4'];
-        }
-
-        if ($pconfig['wins_server_enable']) {
-            $client['wins_server1'] = $pconfig['wins_server1'];
-            $client['wins_server2'] = $pconfig['wins_server2'];
-        }
-
-        if ($pconfig['pfs_group_enable']) {
-            $client['pfs_group'] = $pconfig['pfs_group'];
-        }
-
-        if ($pconfig['login_banner_enable']) {
-            $client['login_banner'] = $pconfig['login_banner'];
-        }
-
-//		$echo "login banner = {$pconfig['login_banner']}";
-
-        $a_client = $client;
-
-        write_config();
-        mark_subsystem_dirty('ipsec');
-
-        header("Location: vpn_ipsec_mobile.php");
-        exit;
+    // initialize missing post attributes
+    foreach (explode(",",$form_fields) as $fieldname) {
+      $fieldname = trim($fieldname);
+      if (!isset($pconfig[$fieldname])) {
+        $pconfig[$fieldname] = null;
+      }
     }
 }
 
+legacy_html_escape_form_data($pconfig);
+
 $pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Mobile"));
 $shortcut_section = "ipsec";
 
@@ -278,6 +196,15 @@ include("head.inc");
 
 <script type="text/javascript">
 //<![CDATA[
+$( document ).ready(function() {
+  pool_change();
+  dns_domain_change();
+  dns_split_change();
+  dns_server_change();
+  wins_server_change();
+  pfs_group_change();
+  login_banner_change();
+});
 
 function pool_change() {
 
@@ -292,18 +219,29 @@ function pool_change() {
 
 function dns_domain_change() {
 
-	if (document.iform.dns_domain_enable.checked)
-		document.iform.dns_domain.disabled = 0;
-	else
+	if (document.iform.dns_domain_enable.checked) {
+    document.iform.dns_domain.disabled = 0;
+    $("#dns_domain").addClass('show');
+    $("#dns_domain").removeClass('hidden');
+  } else {
 		document.iform.dns_domain.disabled = 1;
+    $("#dns_domain").addClass('hidden');
+    $("#dns_domain").removeClass('show');
+  }
 }
 
 function dns_split_change() {
 
-	if (document.iform.dns_split_enable.checked)
-		document.iform.dns_split.disabled = 0;
-	else
-		document.iform.dns_split.disabled = 1;
+	if (document.iform.dns_split_enable.checked){
+    document.iform.dns_split.disabled = 0;
+    $("#dns_split").addClass('show');
+    $("#dns_split").removeClass('hidden');
+  } else {
+    document.iform.dns_split.disabled = 1;
+    $("#dns_split").addClass('hidden');
+    $("#dns_split").removeClass('show');
+  }
+
 }
 
 function dns_server_change() {
@@ -313,11 +251,15 @@ function dns_server_change() {
 		document.iform.dns_server2.disabled = 0;
 		document.iform.dns_server3.disabled = 0;
 		document.iform.dns_server4.disabled = 0;
+    $("#dns_server_enable_inputs").addClass('show');
+    $("#dns_server_enable_inputs").removeClass('hidden');
 	} else {
 		document.iform.dns_server1.disabled = 1;
 		document.iform.dns_server2.disabled = 1;
 		document.iform.dns_server3.disabled = 1;
 		document.iform.dns_server4.disabled = 1;
+    $("#dns_server_enable_inputs").addClass('hidden');
+    $("#dns_server_enable_inputs").removeClass('show');
 	}
 }
 
@@ -326,26 +268,40 @@ function wins_server_change() {
 	if (document.iform.wins_server_enable.checked) {
 		document.iform.wins_server1.disabled = 0;
 		document.iform.wins_server2.disabled = 0;
+    $("#wins_server_enable_inputs").addClass('show');
+    $("#wins_server_enable_inputs").removeClass('hidden');
 	} else {
 		document.iform.wins_server1.disabled = 1;
 		document.iform.wins_server2.disabled = 1;
+    $("#wins_server_enable_inputs").addClass('hidden');
+    $("#wins_server_enable_inputs").removeClass('show');
 	}
 }
 
 function pfs_group_change() {
 
-	if (document.iform.pfs_group_enable.checked)
-		document.iform.pfs_group.disabled = 0;
-	else
-		document.iform.pfs_group.disabled = 1;
+	if (document.iform.pfs_group_enable.checked) {
+    document.iform.pfs_group.disabled = 0;
+    $("#pfs_group").addClass('show');
+    $("#pfs_group").removeClass('hidden');
+  } else {
+    document.iform.pfs_group.disabled = 1;
+    $("#pfs_group").addClass('hidden');
+    $("#pfs_group").removeClass('show');
+  }
 }
 
 function login_banner_change() {
 
-	if (document.iform.login_banner_enable.checked)
-		document.iform.login_banner.disabled = 0;
-	else
-		document.iform.login_banner.disabled = 1;
+	if (document.iform.login_banner_enable.checked) {
+    document.iform.login_banner.disabled = 0;
+    $("#login_banner").addClass('show');
+    $("#login_banner").removeClass('hidden');
+  } else {
+    document.iform.login_banner.disabled = 1;
+    $("#login_banner").addClass('hidden');
+    $("#login_banner").removeClass('show');
+  }
 }
 
 //]]>
@@ -353,404 +309,222 @@ function login_banner_change() {
 
 <?php include("fbegin.inc"); ?>
 
-
 	<section class="page-content-main">
 		<div class="container-fluid">
 			<div class="row">
-
-				<?php
+<?php
                 if (isset($savemsg)) {
                     print_info_box($savemsg);
                 }
                 if (isset($config['ipsec']['enable']) && is_subsystem_dirty('ipsec')) {
                     print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
                 }
-                foreach ($a_phase1 as $ph1ent) {
+                $ph1found = false;
+                foreach ($config['ipsec']['phase1'] as $ph1ent) {
                     if (isset($ph1ent['mobile'])) {
                         $ph1found = true;
                     }
                 }
-                if ($pconfig['enable'] && !$ph1found) {
+                if (!empty($pconfig['enable']) && !$ph1found) {
                     print_info_box_np(gettext("Support for IPsec Mobile clients is enabled but a Phase1 definition was not found") . ".<br />" . gettext("Please click Create to define one."), gettext("create"), gettext("Create Phase1"));
                 }
                 if (isset($input_errors) && count($input_errors) > 0) {
                     print_input_errors($input_errors);
                 }
-                ?>
-
-
+?>
 			    <section class="col-xs-12">
 
-				<? $active_tab = "/vpn_ipsec_mobile.php";
-                include('vpn_ipsec_tabs.inc'); ?>
-
-					<div class="tab-content content-box col-xs-12">
-
+<? $active_tab = "/vpn_ipsec_mobile.php";
+                include('vpn_ipsec_tabs.inc');
+?>
+					 <div class="tab-content content-box col-xs-12">
 							 <form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">
-
-							 <div class="table-responsive">
-								<table class="table table-striped table-sort">
-
-
-
-									<tr>
-										<td width="22%" valign="top" class="vncellreq"><?=gettext("IKE Extensions"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="ike extensions">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['enable'], $chk); ?>
-														<input name="enable" type="checkbox" id="enable" value="yes" <?=$chk;?> />
-													</td>
-													<td>
-														<strong><?=gettext("Enable IPsec Mobile Client Support"); ?></strong>
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									</tbody>
-								</table>
-
-								<table class="table table-striped table-sort">
-
-                                    <thead>
-                                        <tr>
-							<th colspan="2" class="listtopic"><?=gettext("Extended Authentication (Xauth)"); ?></th>
-                                        </tr>
-                                    </thead>
-
-								<tbody>
-
-									<tr>
-										<td width="22%" valign="top" class="vncellreq"><?=gettext("User Authentication"); ?></td>
-										<td width="78%" class="vtable">
-											<?=gettext("Source"); ?>:&nbsp;&nbsp;
-											<select name="user_source[]" class="form-control" id="user_source" multiple="multiple" size="3">
-											<?php
-                                                $authmodes = explode(",", $pconfig['user_source']);
-                                                $auth_servers = auth_get_authserver_list();
-                                            foreach ($auth_servers as $auth_server) {
-                                                $selected = "";
-                                                if (in_array($auth_server['name'], $authmodes)) {
-                                                    $selected = "selected=\"selected\"";
-                                                }
-                                                echo "<option value='{$auth_server['name']}' {$selected}>{$auth_server['name']}</option>\n";
-                                            }
-                                            ?>
-											</select>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncellreq"><?=gettext("Group Authentication"); ?></td>
-										<td width="78%" class="vtable">
-											<?=gettext("Source"); ?>:&nbsp;&nbsp;
-											<select name="group_source" class="form-control" id="group_source">
-												<option value="none"><?=gettext("none"); ?></option>
-												<option value="system" <?php if ($pconfig['group_source'] == "system") {
-                                                    echo "selected=\"selected\"";
-
-} ?> ><?=gettext("system"); ?></option>
-											</select>
-										</td>
-									</tr>
-									</tbody>
-								</table>
-
-								<table class="table table-striped table-sort">
-
-                                    <thead>
-                                        <tr>
-							<th colspan="2" class="listtopic"><?=gettext("Client Configuration (mode-cfg)"); ?></th>
-                                        </tr>
-                                    </thead>
-
-								<tbody>
-
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Virtual Address Pool"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable pool">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['pool_enable'], $chk); ?>
-														<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?> onclick="pool_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a virtual IP address to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="virtual address pool">
-												<tr>
-													<td>
-														<?=gettext("Network"); ?>:&nbsp;
-														<input name="pool_address" type="text" class="form-control unknown" id="pool_address" size="20" value="<?=htmlspecialchars($pconfig['pool_address']);?>" />
-														/
-														<select name="pool_netbits" class="form-control" id="pool_netbits">
-															<?php for ($i = 32; $i >= 0; $i--) :
-?>
-															<option value="<?=$i;?>" <?php if ($i == $pconfig['pool_netbits']) {
-                                                                echo "selected=\"selected\"";
-} ?>>
-																<?=$i;?>
-															</option>
-															<?php
-endfor; ?>
-														</select>
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Network List"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="network list">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['net_list_enable'], $chk); ?>
-														<input name="net_list_enable" type="checkbox" id="net_list_enable" value="yes" <?=$chk;?> />
-													</td>
-													<td>
-														<?=gettext("Provide a list of accessible networks to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Save Xauth Password"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="password">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['save_passwd_enable'], $chk); ?>
-														<input name="save_passwd_enable" type="checkbox" id="save_passwd_enable" value="yes" <?=$chk;?> />
-													</td>
-													<td>
-														<?=gettext("Allow clients to save Xauth passwords (Cisco VPN client only)."); ?><br />
-														<?=gettext("NOTE: With iPhone clients, this does not work when deployed via the iPhone configuration utility, only by manual entry."); ?><br />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable dns default domain">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['dns_domain_enable'], $chk); ?>
-														<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onclick="dns_domain_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a default domain name to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="dns default domain">
-												<tr>
-													<td>
-														<input name="dns_domain" type="text" class="form-control unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>" />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Split DNS"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable split dns">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['dns_split_enable'], $chk); ?>
-														<input name="dns_split_enable" type="checkbox" id="dns_split_enable" value="yes" <?=$chk;?> onclick="dns_split_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a list of split DNS domain names to clients. Enter a comma separated list."); ?><br />
-														<?=gettext("NOTE: If left blank, and a default domain is set, it will be used for this value."); ?>
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="split dns">
-												<tr>
-													<td>
-														<input name="dns_split" type="text" class="form-control unknown" id="dns_split" size="30" value="<?=htmlspecialchars($pconfig['dns_split']);?>" />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable dns servers">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['dns_server_enable'], $chk); ?>
-														<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onclick="dns_server_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a DNS server list to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="dns servers">
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #1:&nbsp;
-														<input name="dns_server1" type="text" class="form-control unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>" />
-													</td>
-												</tr>
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #2:&nbsp;
-														<input name="dns_server2" type="text" class="form-control unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>" />
-													</td>
-												</tr>
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #3:&nbsp;
-														<input name="dns_server3" type="text" class="form-control unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>" />
-													</td>
-												</tr>
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #4:&nbsp;
-														<input name="dns_server4" type="text" class="form-control unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>" />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable wins servers">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['wins_server_enable'], $chk); ?>
-														<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onclick="wins_server_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a WINS server list to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="wins servers">
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #1:&nbsp;
-														<input name="wins_server1" type="text" class="form-control unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>" />
-													</td>
-												</tr>
-												<tr>
-													<td>
-														<?=gettext("Server"); ?> #2:&nbsp;
-														<input name="wins_server2" type="text" class="form-control unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>" />
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Phase2 PFS Group"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable pfs group">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['pfs_group_enable'], $chk); ?>
-														<input name="pfs_group_enable" type="checkbox" id="pfs_group_enable" value="yes" <?=$chk;?> onclick="pfs_group_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings )"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="phase-2 pfs group">
-												<tr>
-													<td>
-														<?=gettext("Group"); ?>:&nbsp;&nbsp;
-														<select name="pfs_group" class="form-control" id="pfs_group">
-														<?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname) :
-?>
-															<option value="<?=$keygroup;?>" <?php if ($pconfig['pfs_group'] == $keygroup) {
-                                                                echo "selected=\"selected\"";
-} ?>>
-																<?=htmlspecialchars($keygroupname);?>
-															</option>
-														<?php
-endforeach; ?>
-														</select>
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top" class="vncell"><?=gettext("Login Banner"); ?></td>
-										<td width="78%" class="vtable">
-											<table border="0" cellspacing="2" cellpadding="0" summary="enable login banner">
-												<tr>
-													<td>
-														<?php set_checked($pconfig['login_banner_enable'], $chk); ?>
-														<input name="login_banner_enable" type="checkbox" id="login_banner_enable" value="yes" <?=$chk;?> onclick="login_banner_change()" />
-													</td>
-													<td>
-														<?=gettext("Provide a login banner to clients"); ?><br />
-													</td>
-												</tr>
-											</table>
-											<table border="0" cellspacing="2" cellpadding="0" summary="banner">
-												<tr>
-													<td>
-														<?php $banner = htmlspecialchars($pconfig['login_banner']); ?>
-														<textarea name="login_banner" cols="65" rows="7" id="login_banner" class="formpre"><?=htmlspecialchars($banner);?></textarea>
-													</td>
-												</tr>
-											</table>
-										</td>
-									</tr>
-									<tr>
-										<td width="22%" valign="top">&nbsp;</td>
-										<td width="78%">
-											<input name="submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
-										</td>
-									</tr>
-								</table>
-
-							 </div>
-							 </form>
-					</div>
-			    </section>
-			</div>
-		</div>
-	</section>
-
-<script type="text/javascript">
-//<![CDATA[
-pool_change();
-dns_domain_change();
-dns_split_change();
-dns_server_change();
-wins_server_change();
-pfs_group_change();
-login_banner_change();
-//]]>
-</script>
-<?php include("foot.inc"); ?>
-
+  							 <div class="table-responsive">
+  								<table class="table table-striped table-sort">
+                    <tr>
+                      <td width="22%"><b><?=gettext("IKE Extensions"); ?> </b></td>
+                      <td width="78%" align="right">
+                        <small><?=gettext("full help"); ?> </small>
+                        <i class="fa fa-toggle-off text-danger"  style="cursor: pointer;" id="show_all_help_opnvpn_server" type="button"></i></a>
+                      </td>
+                    </tr>
+  									<tr>
+                      <td><a id="help_for_enabled" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Enable")?></td>
+  										<td>
+                        <input name="enable" type="checkbox" id="enable" value="yes" <?= !empty($pconfig['enable']) ? "checked=\"checked\"" : "";?> />
+                        <div class="hidden" for="help_for_enabled">
+                          <?=gettext("Enable IPsec Mobile Client Support"); ?>
+                        </div>
+  										</td>
+  									</tr>
+                    <tr>
+  										<td colspan="2"><b><?=gettext("Extended Authentication (Xauth)"); ?></b></td>
+  									</tr>
+                    <tr>
+  									<tr>
+  										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("User Authentication"); ?></td>
+  										<td>
+  											<?=gettext("Source"); ?>:
+  											<select name="user_source[]" class="form-control" id="user_source" multiple="multiple" size="3">
 <?php
+                        $authmodes = explode(",", $pconfig['user_source']);
+                        $auth_servers = auth_get_authserver_list();
+                        foreach ($auth_servers as $auth_server) :
+?>
+                          <option value="<?=htmlspecialchars($auth_server['name'])?>" <?=in_array($auth_server['name'], $authmodes) ? "selected=\"selected\"" : ""?> ><?=$auth_server['name']?></option>
+<?php                   endforeach;
+?>
+  											</select>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Group Authentication"); ?></td>
+  										<td>
+  											<select name="group_source" class="form-control" id="group_source">
+  												<option value="none"><?=gettext("none"); ?></option>
+  												<option value="system" <?= $pconfig['group_source'] == "system" ?  "selected=\"selected\"" : "";?>><?=gettext("system"); ?></option>
+  											</select>
+  										</td>
+  									</tr>
+                    <tr>
+                      <td colspan="2"><b><?=gettext("Client Configuration (mode-cfg)"); ?> </b></td>
+                    </tr>
+  									<tr>
+  										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Virtual Address Pool"); ?></td>
+  										<td>
+                        <input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?= !empty($pconfig['pool_address'])&&!empty($pconfig['pool_netbits']) ? "checked=\"checked\"" : "";?> onclick="pool_change()" />
+                        <?=gettext("Provide a virtual IP address to clients"); ?><br />
+  											<?=gettext("Network"); ?>:&nbsp;
+  											<input name="pool_address" type="text" class="form-control unknown" id="pool_address" size="20" value="<?=$pconfig['pool_address'];?>" />
+  											/
+  											<select name="pool_netbits" class="form-control" id="pool_netbits">
+  															<?php for ($i = 32; $i >= 0; $i--) :
+  ?>
+  															<option value="<?=$i;?>" <?= ($i == $pconfig['pool_netbits']) ? "selected=\"selected\"" : "";?>>
+  																<?=$i;?>
+  															</option>
+  															<?php
+  endfor; ?>
+  											</select>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_net_list" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Network List"); ?></td>
+  										<td>
+                        <input name="net_list" type="checkbox" id="net_list_enable" value="yes" <?= !empty($pconfig['net_list']) ? "checked=\"checked\"" : "";?> />
+                        <div class="hidden" for="help_for_net_list">
+                          <?=gettext("Provide a list of accessible networks to clients"); ?><br />
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_save_passwd" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Save Xauth Password"); ?></td>
+  										<td>
+                        <input name="save_passwd" type="checkbox" id="save_passwd_enable" value="yes" <?= !empty($pconfig['save_passwd']) ? "checked=\"checked\"" : "";?> />
+                        <div class="hidden" for="help_for_save_passwd">
+                          <?=gettext("Allow clients to save Xauth passwords (Cisco VPN client only)."); ?><br />
+                          <?=gettext("NOTE: With iPhone clients, this does not work when deployed via the iPhone configuration utility, only by manual entry."); ?><br />
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_dns_domain_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Default Domain"); ?></td>
+  										<td>
+                        <input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes"  <?= !empty($pconfig['dns_domain']) ? "checked=\"checked\"" : "";?> onclick="dns_domain_change()" />
+                        <input name="dns_domain" type="text" id="dns_domain" size="30" value="<?=$pconfig['dns_domain'];?>" />
+                        <div class="hidden" for="help_for_dns_domain_enable">
+                          <?=gettext("Provide a default domain name to clients"); ?>
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_dns_split_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Split DNS"); ?></td>
+  										<td>
+                        <input name="dns_split_enable" type="checkbox" id="dns_split_enable" value="yes" <?= !empty($pconfig['dns_split']) ? "checked=\"checked\"" : "";?> onclick="dns_split_change()" />
+                        <input name="dns_split" type="text" class="form-control unknown" id="dns_split" size="30" value="<?=$pconfig['dns_split'];?>" />
+                        <div class="hidden" for="help_for_dns_split_enable">
+                          <?=gettext("Provide a list of split DNS domain names to clients. Enter a comma separated list."); ?><br />
+                          <?=gettext("NOTE: If left blank, and a default domain is set, it will be used for this value."); ?>
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_dns_server_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Servers"); ?></td>
+  										<td>
+                        <input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes"  <?= !empty($pconfig['dns_server1']) || !empty($pconfig['dns_server2']) || !empty($pconfig['dns_server3']) || !empty($pconfig['dns_server4']) ? "checked=\"checked\"" : "";?> onclick="dns_server_change()" />
+                        <div id="dns_server_enable_inputs">
+                          <?=gettext("Server"); ?> #1:
+                          <input name="dns_server1" type="text" class="form-control unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>" />
+                          <?=gettext("Server"); ?> #2:
+                          <input name="dns_server2" type="text" class="form-control unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>" />
+                          <?=gettext("Server"); ?> #3:
+                          <input name="dns_server3" type="text" class="form-control unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>" />
+                          <?=gettext("Server"); ?> #4:
+                          <input name="dns_server4" type="text" class="form-control unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>" />
+                        </div>
+                        <div class="hidden" for="help_for_dns_server_enable">
+                          <?=gettext("Provide a DNS server list to clients"); ?>
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_wins_server_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("WINS Servers"); ?></td>
+  										<td>
+                        <input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?= !empty($pconfig['wins_server1']) || !empty($pconfig['wins_server2']) ? "checked=\"checked\"" : "";?> onclick="wins_server_change()" />
+                        <div id="wins_server_enable_inputs">
+                          <?=gettext("Server"); ?> #1:
+                          <input name="wins_server1" type="text" class="form-control unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>" />
+                          <?=gettext("Server"); ?> #2:
+                          <input name="wins_server2" type="text" class="form-control unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>" />
+                        </div>
+                        <div class="hidden" for="help_for_wins_server_enable">
+                          <?=gettext("Provide a WINS server list to clients"); ?>
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_pfs_group_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Phase2 PFS Group"); ?></td>
+  										<td>
+                        <input name="pfs_group_enable" type="checkbox" id="pfs_group_enable" value="yes" <?= !empty($pconfig['pfs_group']) ? "checked=\"checked\"" : "";?>  onclick="pfs_group_change()" />
 
-/* local utility functions */
+                        <select name="pfs_group" class="form-control" id="pfs_group">
+<?php                     foreach ($p2_pfskeygroups as $keygroup => $keygroupname) :
+?>
+                          <option value="<?=$keygroup;?>" <?= $pconfig['pfs_group'] == $keygroup ? "selected=\"selected\"" : "" ; ?>>
+                            <?=$keygroupname;?>
+                          </option>
+<?php
+                          endforeach;
+?>
+                        </select>
+                        <div class="hidden" for="help_for_pfs_group_enable">
+                          <?=gettext("Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings )"); ?>
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td><a id="help_for_login_banner_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Login Banner"); ?></td>
+  										<td>
+                        <input name="login_banner_enable" type="checkbox" id="login_banner_enable" value="yes" <?= !empty($pconfig['login_banner']) ? "checked=\"checked\"" : "";?> onclick="login_banner_change()" />
+                        <textarea name="login_banner" cols="65" rows="7" id="login_banner" class="formpre"><?=$pconfig['login_banner'];?></textarea>
+                        <div class="hidden" for="help_for_login_banner_enable">
+                          <?=gettext("Provide a login banner to clients"); ?><br />
+                        </div>
+  										</td>
+  									</tr>
+  									<tr>
+  										<td>&nbsp;</td>
+  										<td>
+  											<input name="submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
+  										</td>
+  									</tr>
+  								</table>
+  							 </div>
+							 </form>
+					  </div>
+			  </section>
+			</div>
+	</div>
+</section>
 
-function set_checked($var, & $chk)
-{
-    if ($var) {
-        $chk = "checked=\"checked\"";
-    } else {
-        $chk = "";
-    }
-}
+<?php include("foot.inc"); ?>