StrongSwan -- OpenSource IPsec-based VPN Solution
StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
* runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec)
kernels
* implements both the IKEv1 and IKEv2 (RFC 4306) key exchange
protocols
* NEW: Fully tested support of IPv6 IPsec tunnel connections
* Dynamical IP address and interface update with IKEv2 MOBIKE (RFC
4555)
* Fast connection startup and periodic update using ipsec starter
* Automatic insertion and deletion of IPsec policy based firewall
rules
* Strong 3DES, AES, Serpent, Twofish, or Blowfish encryption
* NAT-Traversal via UDP encapsulation and port floating (RFC 3947)
* Static Virtual IPs and IKE Mode Config Pull and Push modes
* XAUTH server and client functionality on top of IKE Main Mode
authentication
* Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
* Authentication based on X.509 certificates or preshared keys
* Generation of a default self-signed certificate during first
strongSwan startup
* Retrieval and local caching of Certificate Revocation Lists via
HTTP or LDAP
* Full support of the Online Certificate Status Protocol (OCSP, RCF
2560).
* CA management (OCSP and CRL URIs, default LDAP server)
* Powerful IPsec policies based on wildcards or intermediate CAs
* Group policies based on X.509 attribute certificates ( RFC 3281)
* Optional storage of RSA private keys and certificates on a
smartcard
* Smartcard access via standardized PKCS #11 interface
* PKCS #11 proxy function offering RSA decryption services via whack
* NEW: strongSwan Manager - a graphical management interface for IKEv2
- Links to network:vpn / strongswan
- Has a link diff
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:tbadm/strongswan && cd $_
- Create Badge
Source Files (show merged sources derived from linked package)
Filename | Size | Changed |
---|---|---|
0005-ikev1-Don-t-retransmit-Aggressive-Mode-respon |
0000001088 1.06 KB | |
README.SUSE | 0000002342 2.29 KB | |
_link | 0000000119 119 Bytes | |
fips-enforce.conf | 0000000742 742 Bytes | |
fipscheck.sh.in | 0000001934 1.89 KB | |
harden_strongswan.service.patch | 0000000794 794 Bytes | |
strongswan-5.9.9.tar.bz2 | 0004764675 4.54 MB | |
strongswan-5.9.9.tar.bz2.sig | 0000000659 659 Bytes | |
strongswan-rpmlintrc | 0000000428 428 Bytes | |
strongswan.changes | 0000113990 111 KB | |
strongswan.init.in | 0000008747 8.54 KB | |
strongswan.keyring | 0000003085 3.01 KB | |
strongswan.spec | 0000039646 38.7 KB | |
strongswan_fipscheck.patch | 0000001920 1.88 KB | |
strongswan_ipsec_service.patch | 0000000446 446 Bytes |
Comments 0