strongSwan User Documentation » History » Version 120

« Previous - Version 120/175 (diff) - Next » - Current version
Andreas Steffen, 05.02.2014 19:52
Added link to StrongTnc page

strongSwan User Documentation

Introduction to strongSwan


Configuration Files

Configuration HOWTOs

Configuration Examples

Dozens of both simple and advanced VPN scenarios are available. Please make sure to read the ConfigurationExamplesNotes.

Modern vici-based Scenarios

These scenarios use the modern Versatile IKE Control Interface (VICI) as implemented by vici plugin and the swanctl command line tool.

Legacy stroke-based Scenarios

These scenarios use the deprecated stroke interface as implemented by the stroke plugin and the ipsec command line tool.



Management Commands

  • The powerful ipsec command starts, stops and monitors IPsec connections.

Auxiliary Tools

  • ipsec attest manages measurement reference values used for TPM-based remote attestation
  • ipsec leases shows the assignment of virtual IP adresses stored in volatile memory
  • ipsec openac generates X.509 attribute certificates
  • ipsec pki generates and analyzes RSA/ECDSA private keys and X.509 certificates
  • ipsec pool manages virtual IP address pools and attributes stored in an SQL database and provided by the attr-sql plugin
  • ipsec scepclient implements the Simple Certificate Enrollment Protocol (SCEP)
  • ipsec starter starts, stops, and configures the IKE daemons
  • ipsec stroke controls the IKEv2 charon daemon
  • ipsec whack controls the IKEv1 pluto daemon
  • ipsec conftest is a tool to test IKEv2 implementations

Linux 2.6 IPsec

Frequently Asked Questions