Linux FreeS/WAN provides IPSEC (IP Security, which is both encryption and authentication) kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) as well as various rc scripts and documentation. It is known to interoperate with other IPSEC and IKE system already deployed by other vendors such as OpenBSD, Cisco, or CheckPoint. It also features Opportunistic Encryption, subnet extrusion, and with the appropriate patches interops nicely with Microsoft Windows XP/2000 using X.509 certificates.
|Tags||Networking Firewalls Operating System Kernels Linux|
|Operating Systems||POSIX Linux|
Release Notes: This is the last version that will be released by the FreeS/WAN team. No new versions of this software will be released. New features are mostly the removal of transport mode, KLIPS port for 2.6, and some netlink security fixes.
Release Notes: Removal of AH and better support for 2.6 kernels, an experimental lightweight DNS queue, and support for DNSSec.
Release Notes: This version features a workaround for the Linux 2.6 netlink security problem.
Release Notes: Preliminary support for 2.6 kernels was added, either via KLIPS or the native 2.6 kernel IPsec. See the new 2.6.known-issues document for more details. A fix was made for SHA1 packet reception and several verify buglets. An iproute2 based _updown script was added.
Release Notes: One-line configuration for initiator-only Opportunistic Encryption, (OE) using ipsec.conf's new "myid" option. There is a new RPM spec file. This will help folks who need to compile RPMs from the FreeS/WAN source. In addition, wavesec and OE now coexist nicely.