[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: Re: [strongSwan] Difference between strongSwan and and native IPSec
From: Andreas Steffen <andreas.steffen () strongswan ! org>
Date: 2007-08-16 22:03:03
Message-ID: 46C4C997.9080307 () strongswan ! org
[Download RAW message or body]
strongSwan is an IKEv1 and IKEv2 keying daemon that can cooperate
with the native IPsec stack of the Linux 2.6 kernel. As a userland
program strongSwan authenticates IPsec peers, derives IKE and IPsec
session keys and sets up IPsec policies and security associations
in the kernel via the XFRM netlink socket interface.
The native NETKEY IPsec stack in the kernel encrypts and authenticates
IP packets using the IPsec ESH and|or AH protocols based on the session
keys negotiated by strongSwan.
Thus strongSwan complements the native NETKEY stack, it does not
compete with it.
The main competitors of strongSwan are
IKEv1: Racoon, Openswan, isakmpd
IKEv2: Racoon2, OpenIKEv2, ikev2
A direct competitor of the native NETKEY IPsec stack is KLIPS
maintained by the Openswan project. strongSwan is able to
communicate with KLIPS via a PFKEYv2 interface.
Best regards
Andreas
Jianqing Zhang wrote:
> Can somebody tell me what's the difference between strongSwan and and native
> IPSec for linux?
>
> What is the advantage of strongSwan compared with native IPSec for linux?
>
> Thanks
======================================================================
Andreas Steffen andreas.steffen@strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic