[COPY] --- T2-COPYRIGHT-NOTE-BEGIN --- [COPY] T2 SDE: package/*/strongswan/strongswan.desc [COPY] Copyright (C) 2004 - 2024 The T2 SDE Project [COPY] [COPY] This Copyright note is generated by scripts/Create-CopyPatch, [COPY] more information can be found in the files COPYING and README. [COPY] [COPY] This program is free software; you can redistribute it and/or modify [COPY] it under the terms of the GNU General Public License version 2. [COPY] --- T2-COPYRIGHT-NOTE-END --- [I] An IPsec implementation for Linux [T] strongSwan is an OpenSource IPsec implementation for the Linux operating [T] system. [T] It is based on the discontinued FreeS/WAN project and the X.509 patch which [T] we developped over the last three years. In order to have a stable IPsec [T] platform to base our future extensions of the X.509 capability on, we [T] decided to lauch the strongSwan project. [T] [T] The focus is on: [T] - simplicity of configuration [T] - strong encryption and authentication methods [T] - powerful IPsec policies supporting large and complex VPN networks [T] [T] strongSwan features includes: [T] - both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels. [T] - Fast connection startup and periodic update using ipsec starter [T] - Automatic insertion and deletion of IPsec policy based firewall rules [T] - strong 3DES, AES, Serpent, Twofish, or Blowfish encryption [T] - NAT-Traversal (RFC 3947) and support of virtual IPs and IKE Mode Config [T] - Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels [T] - Authentication based on X.509 certificates or preshared keys [T] - Authentication based on X.509 certificates or preshared keys [T] - Generation of a default self-signed certificate during first strongSwan startup [T] - Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP [T] - Full support of the Online Certificate Status Protocol (OCSP, RCF 2560) [T] - CA management (OCSP and CRL URIs, default LDAP server) [T] - Powerful IPsec policies based on wildcards or intermediate CAs [T] - Group policies based on X.509 attribute certificates (RFC 3281) [T] - Optional storage of RSA private keys and certificates on a smartcard [T] - Smartcard access via standardized PKCS #11 interface [T] - PKCS #11 proxy function offering RSA decryption services via whack [U] http://www.strongswan.org/ [A] Andreas Steffen [M] T2 Project [C] extra/security [F] CROSS [L] GPL [S] Stable [V] 5.9.14 [P] X -----5---9 200.500 [CV-URL] https://www.strongswan.org/download.html [D] ee5590afa3c27b89e28cc67c39f214f4d0bd8686ebb411ffa8bf6f74 strongswan-5.9.14.tar.bz2 http://download.strongswan.org/