Publisher review:strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system.
Features:
- runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec) kernels
- supports both the IKEv1 and IKEv2 (RFC 4306) key exchange protocols NEW
- Fast connection startup and periodic update using ipsec starter
- Automatic insertion and deletion of IPsec policy based firewall rules
- Strong 3DES, AES, Serpent, Twofish, or Blowfish encryption
- NAT-Traversal via UDP encapsulation and port floating (RFC 3947)
- Static Virtual IPs and IKE Mode Config Pull and Push modes
- XAUTH server and client functionality on top of IKE Main Mode authentication
- Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
- Authentication based on X.509 certificates or preshared keys
- Generation of a default self-signed certificate during first strongSwan startup
- Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP
- Full support of the Online Certificate Status Protocol (OCSP, RCF 2560).
- CA management (OCSP and CRL URIs, default LDAP server)
- Powerful IPsec policies based on wildcards or intermediate CAs
- Group policies based on X.509 attribute certificates ( RFC 3281)
- Optional storage of RSA private keys and certificates on a smartcard
- Smartcard access via standardized PKCS #11 interface
- PKCS #11 proxy function offering RSA decryption services via whack
strongSwan 4.1.3 is a C/C++ script for Security Systems scripts design by Andreas Steffen.
It runs on following operating system: Linux / BSD.
strongSwan is an OpenSource IPsec implementation for the Linux operating system.
Operating system:Linux / BSD