We are mildly excited about the joint 2x/Deepnet solution, and might consider implementing it when it has progressed beyond the 1.0 stage. Is it possible to setup this so that users connecting from the big bad Internet (possibly via a 2x gateway in DMZ?) is forced to use OTP, while the same users connecting from our internal LAN won't have to?
At present this is not possible But you can send it in as a feature request to support@2x.com mentioning this forum article.
