strongSwan User Documentation » History » Version 71

« Previous - Version 71/180 (diff) - Next » - Current version
Andreas Steffen, 24.12.2009 11:51

strongSwan User Documentation¶

Features¶

Virtual IP via mode-config (IKEv1) or configuration payload (IKEv2)
NAT Traversal
MOBIKE
Public Key Benchmark using various crypto libraries (gmp, gcrypt, openssl)
Crypto tests provide a way to self-test used crypto implementations
Integrity tests make sure that the daemons use plugins and libraries they were built against

Configuration Files¶

ipsec.conf file
ipsec.secrets file
ipsec.d directory
strongswan.conf file

Configuration HOWTOs¶

strongSwan on FreeBSD (IKEv2 only)
strongSwan on Mac OS X (IKEv2 only)

Configuration Examples¶

Dozens of both simple and advanced VPN scenarios:

IKEv1 examples
IKEv2 examples - NEW with EAP-RADIUS support
IPv6 examples
Advanced Cipher Suite examples
Integrity and Crypto Test examples
IKEv2 Hash-and-URL example
IKEv2 Mediation Extension mediation service examples
SQLite database backend examples

Interoperability¶

Windows 7 with IKEv2
Windows Vista with IKEv1
Windows Suite B Support with IKEv1

Management Commands¶

The powerful ipsec command starts, stops and monitors IPsec connections.

Auxiliary Tools¶

ipsec leases shows the assignment of virtual IP adresses stored in volatile memory
ipsec openac generates X.509 attribute certificates
ipsec pki generates and analyzes RSA/ECDSA private keys and X.509 certificates
ipsec pool manages virtual IP address pools stored in an SQL database
ipsec scepclient implements the Simple Certificate Enrollment Protocol (SCEP)
ipsec starter starts, stops, and configures the IKE daemons
ipsec stroke controls the IKEv2 charon daemon
ipsec uci configuration plugin for OpenWRT
ipsec whack controls the IKEv1 pluto daemon
ipsec X-WRT end user configuration of X-WRT for OpenWRT

Linux 2.6 IPsec¶

Frequently Asked Questions¶

A FAQ is maintained here.

Files (0)