strongSwan - IPsec-based VPN Solution

  •        48

strongSwan is an OpenSource IPsec implementation. IPSec is an encryption and authentication standard that can be used to build secure Virtual Private Networks (VPNs). It has powerful IPsec policies supporting large and complex VPN networks. It implements both the IKEv1 and IKEv2 (RFC 7296) key exchange protocols.

https://www.strongswan.org/
https://git.strongswan.org/

Tags
Implementation
License
Platform

   




Related Projects

SoftEther VPN - Cross-platform Multi-protocol VPN Program


SoftEther VPN is a ?Cross-platform Multi-protocol VPN Program. It supports SSL-VPN protocol to penetrate any kinds of firewalls. Ultra-optimized SSL-VPN Protocol of SoftEther VPN has very fast throughput, low latency and firewall resistance. Virtualization of Ethernet devices is the key of the SoftEther VPN architecture. It virtualizes Ethernet devices in order to realize a flexible virtual private network for both remote-access VPN and site-to-site VPN.

Openswan - IPsec implementation for Linux


Openswan is an IPsec implementation for Linux. It has support for most of the extensions (RFC + IETF drafts) related to IPsec, including IKEv2, X.509 Digital Certificates, NAT Traversal, and many others. It has been the de-facto Virtual Private Network software for the Linux community since 2005. If you are running Fedora, Red Hat, Ubuntu, Debian (Wheezy), Gentoo, or many others, it is already included in your distribution.

Pritunl - Enterprise Distributed OpenVPN and IPsec Server


Pritunl is built with OpenVPN and any existing OpenVPN client can be used. IPsec is used for site-to-site links and VPC peering. All traffic between clients and the server is encrypted. Optional two-step authentication is available using Google Authenticator. It can be easily distributed across multiple servers and different datacenters for improved performance, high availability and automatic failover when an instance fails.

OpenVPN - open source SSL VPN solution


OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. With OpenVPN, you can tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port, use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization and lot more.

ClearOS - Linux based Operating System


ClearOS is a powerful network and gateway server designed for small organizations and distributed environments. The open source revolution in the software industry has made it possible to provide ClearOS at no cost. Among other features, antivirus, antispam, VPN and content filtering are built right into the software -- no need for expensive third party add-ons. With ClearOS, you can avoid costly vendor lock-in and proprietary formats; instead, you can embrace open standards and protocols.



Tinc - a VPN daemon


tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. All traffic is optionally compressed using zlib or LZO, and LibreSSL or OpenSSL is used to encrypt the traffic and protect it from alteration with message authentication codes and sequence numbers.

Endian Firewall Community


Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering f

SocialVPN - P2P VPN that connects you to your friends computer


SocialVPN is an open-source IPOP-based virtual network that connects your computers privately to your friends’ computers. It automatically maps online social network relationships using Jingle and XMPP to create your own user-defined peer-to-peer VPNs – with no hassle, and supporting unmodified TCP/IP applications.

IPFire - An open source firewall solution


IPFire is a server distribution with intended to use as a firewall. It focuses on flexibility, and scales from small to middle sized business networks and home networks. Beginning with a small firewall system of a few megabytes, it is possible to run IPFire as a file server or VPN gateway for staff, branches or customers. This modularity means that yor version of IPFire runs with exactly what you require and nothing more.

Harbor - An enterprise-class container registry server based on Docker Distribution


Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

Open Source Security Network


Guard Stone is an Open Source Security Platform, which enables to integrate and deploy open source security tools. Some of Guard Stone's focus areas include Firewall, VPN, Mail Gateway Filters, Web Filters, Web Application Security, Routing etc;

Network Security Toolkit (NST)


Network Security Toolkit (NST) is a bootable ISO image (Live DVD) based on Fedora 18 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanc

pfSense - Firewall and Routing platform


pfSense is a powerful, flexible firewalling and routing platform. It includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a stateful firewall, by default all rules are stateful. A Dynamic DNS client is included to allow you to register your public IP with a number of dynamic DNS service providers.

PeerVPN - the open source peer-to-peer VPN


PeerVPN is a software that builds virtual ethernet networks between multiple computers. Such a virtual network can be useful to facilitate direct communication that applications like file sharing or gaming may need. Often, such direct communication is made impossible or very difficult by firewalls or NAT devices.

CD-ROM Firewall


CD-ROM Firewall is a Red Hat/Centos (yum based install) based firewall that boots off a CD-ROM. Utilizing a headless, diskless computer it can provide services such as network address translation (NAT), virtual private network (VPN), ADSL connnectivity,

m0n0wall - Embedded Firewall


m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes. The entire system configuration is stored in one single XML text file to keep things transparent. It features include NAT/PAT, IPv6 support, SNMP agent, caching DNS forwarder, VPN tunnels and lot more.

M0n0wall IPSEC VPN Auto Updater


M0n0wall currently doesn't support IPSEC VPN where one or both ends are dynamic IP addresses. This PHP script along with the dynamic DNS service built into m0n0wall, auto-updates the remote gateway IP address in the VPN configuration.

Tcpcrypt - Encrypting the Internet


Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP.

networking-sfc - API's and implementations to support Service Function Chaining in Neutron.


This project provides APIs and implementations to support Service Function Chaining in Neutron.Service Function Chaining is a mechanism for overriding the basic destination based forwarding that is typical of IP networks. It is conceptually related to Policy Based Routing in physical networks but it is typically thought of as a Software Defined Networking technology. It is often used in conjunction with security functions although it may be used for a broader range of features. Fundamentally SFC is the ability to cause network packet flows to route through a network via a path other than the one that would be chosen by routing table lookups on the packet's destination IP address. It is most commonly used in conjunction with Network Function Virtualization when recreating in a virtual environment a series of network functions that would have traditionally been implemented as a collection of physical network devices connected in series by cables.

IPSec Driver


This project implements IPSec as NDIS Intermediate filter driver in Windows 2000. This IPSec driver appears as Virtual NIC to protocol drivers like TCP/IP driver. The network applications need not be aware of the existance of this IPSec driver