strongSwan - IPsec-based VPN Solution

  •        79

strongSwan is an OpenSource IPsec implementation. IPSec is an encryption and authentication standard that can be used to build secure Virtual Private Networks (VPNs). It has powerful IPsec policies supporting large and complex VPN networks. It implements both the IKEv1 and IKEv2 (RFC 7296) key exchange protocols.

https://www.strongswan.org/
https://git.strongswan.org/

Tags
Implementation
License
Platform

   




Related Projects

SoftEther VPN - Cross-platform Multi-protocol VPN Program


SoftEther VPN is a ?Cross-platform Multi-protocol VPN Program. It supports SSL-VPN protocol to penetrate any kinds of firewalls. Ultra-optimized SSL-VPN Protocol of SoftEther VPN has very fast throughput, low latency and firewall resistance. Virtualization of Ethernet devices is the key of the SoftEther VPN architecture. It virtualizes Ethernet devices in order to realize a flexible virtual private network for both remote-access VPN and site-to-site VPN.

Openswan - IPsec implementation for Linux


Openswan is an IPsec implementation for Linux. It has support for most of the extensions (RFC + IETF drafts) related to IPsec, including IKEv2, X.509 Digital Certificates, NAT Traversal, and many others. It has been the de-facto Virtual Private Network software for the Linux community since 2005. If you are running Fedora, Red Hat, Ubuntu, Debian (Wheezy), Gentoo, or many others, it is already included in your distribution.

Pritunl - Enterprise Distributed OpenVPN and IPsec Server


Pritunl is built with OpenVPN and any existing OpenVPN client can be used. IPsec is used for site-to-site links and VPC peering. All traffic between clients and the server is encrypted. Optional two-step authentication is available using Google Authenticator. It can be easily distributed across multiple servers and different datacenters for improved performance, high availability and automatic failover when an instance fails.

algo - Set up a personal IPSEC VPN in the cloud


Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. See our release announcement for more information. The easiest way to get an Algo server running is to let it set up a new virtual machine in the cloud for you.

OpenVPN - open source SSL VPN solution


OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. With OpenVPN, you can tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port, use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization and lot more.


Wireguard - Fast, Modern, Secure, VPN Tunnel


WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances.

ClearOS - Linux based Operating System


ClearOS is a powerful network and gateway server designed for small organizations and distributed environments. The open source revolution in the software industry has made it possible to provide ClearOS at no cost. Among other features, antivirus, antispam, VPN and content filtering are built right into the software -- no need for expensive third party add-ons. With ClearOS, you can avoid costly vendor lock-in and proprietary formats; instead, you can embrace open standards and protocols.

Tinc - a VPN daemon


tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. All traffic is optionally compressed using zlib or LZO, and LibreSSL or OpenSSL is used to encrypt the traffic and protect it from alteration with message authentication codes and sequence numbers.

Endian Firewall Community


Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering f

SocialVPN - P2P VPN that connects you to your friends computer


SocialVPN is an open-source IPOP-based virtual network that connects your computers privately to your friends’ computers. It automatically maps online social network relationships using Jingle and XMPP to create your own user-defined peer-to-peer VPNs – with no hassle, and supporting unmodified TCP/IP applications.

IPFire - An open source firewall solution


IPFire is a server distribution with intended to use as a firewall. It focuses on flexibility, and scales from small to middle sized business networks and home networks. Beginning with a small firewall system of a few megabytes, it is possible to run IPFire as a file server or VPN gateway for staff, branches or customers. This modularity means that yor version of IPFire runs with exactly what you require and nothing more.

Harbor - An enterprise-class container registry server based on Docker Distribution


Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

Open Source Security Network


Guard Stone is an Open Source Security Platform, which enables to integrate and deploy open source security tools. Some of Guard Stone's focus areas include Firewall, VPN, Mail Gateway Filters, Web Filters, Web Application Security, Routing etc;

Network Security Toolkit (NST)


Network Security Toolkit (NST) is a bootable ISO image (Live DVD) based on Fedora 18 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanc

pfSense - Firewall and Routing platform


pfSense is a powerful, flexible firewalling and routing platform. It includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a stateful firewall, by default all rules are stateful. A Dynamic DNS client is included to allow you to register your public IP with a number of dynamic DNS service providers.

PeerVPN - the open source peer-to-peer VPN


PeerVPN is a software that builds virtual ethernet networks between multiple computers. Such a virtual network can be useful to facilitate direct communication that applications like file sharing or gaming may need. Often, such direct communication is made impossible or very difficult by firewalls or NAT devices.

CD-ROM Firewall


CD-ROM Firewall is a Red Hat/Centos (yum based install) based firewall that boots off a CD-ROM. Utilizing a headless, diskless computer it can provide services such as network address translation (NAT), virtual private network (VPN), ADSL connnectivity,

m0n0wall - Embedded Firewall


m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes. The entire system configuration is stored in one single XML text file to keep things transparent. It features include NAT/PAT, IPv6 support, SNMP agent, caching DNS forwarder, VPN tunnels and lot more.

M0n0wall IPSEC VPN Auto Updater


M0n0wall currently doesn't support IPSEC VPN where one or both ends are dynamic IP addresses. This PHP script along with the dynamic DNS service built into m0n0wall, auto-updates the remote gateway IP address in the VPN configuration.

Tcpcrypt - Encrypting the Internet


Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP.