1 / 1

Stable 2.7 release

%cert. gwCert. leftsubnet. right. left. Stable 2.7 release. the VPN Solution for Linux! ● Runs both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels ● Fast connection startup and periodic update using ipsec starter

nat
Download Presentation

Stable 2.7 release

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. %cert gwCert leftsubnet right left Stable2.7 release the VPN Solution for Linux! ●Runs both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels ●Fast connection startup and periodic update using ipsec starter ●Automatic insertion and deletion of IPsec policy based firewall rules  NEW ●strong 3DES, AES, Serpent, Twofish, or Blowfish encryption ●NAT-Traversal (RFC 3947) and support of virtual IPs and IKE Mode Config ●Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels ●Authentication based on X.509 certificates or preshared keys ●Generation of a default self-signed certificate during first strongSwan startup ●Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP ●Full support of the Online Certificate Status Protocol (OCSP, RCF 2560). ● CA management (OCSP and CRL URIs, default LDAP server) ●Powerful IPsec policies based on wildcards or intermediate CAs ●Group policies based on X.509 attribute certificates (RFC 3281) ●Optional storage of RSA private keys and certificates on a smartcard ●Smartcard access via standardized PKCS #11 interface conn road-warrior right=%any rightsubnetwithin=10.3.0.0/16 left=%defaultroute leftsubnet=10.1.0.0/16 leftcert=gwCert.pem auto=add www.strongswan.org Institute of Internet Technologies and ApplicationsHochschule für Technik Rapperswil, Switzerland andreas.steffen@strongswan.org

More Related