FreeS/WAN

From NTA-Wiki

Jump to: navigation, search

Contents

Platform Notes

FreeS/WAN is an open source IPsec VPN solution that runs on Linux systems with either 2.4 or 2.6 kernels. The data encryption is handled by the Linux kernel (using KLIPS for 2.4, or Linux native IPsec for 2.6), and IKE is handled with a user mode process called pluto.

The S/WAN part of the name stands for Secure Wide Area Network. More details on the naming are on the RSA What is S/WAN page.

The FreeS/WAN project is no longer being actively maintained. Development ended in April 2004 with the release of version 2.06.

Compiling it with GCC 3.3 warns about using cast expressions as lvalues, and it won't compile at all with GCC 4.1 and later because GCC 4.1 considers the use of cast expressions as lvalues to be an error.

FreeS/WAN is now mainly of historical interest. It is not often seen in production enviroments.

FreeS/WAN was used as the basis for two other open source IPsec implementations: OpenSwan and StrongSwan. Both of which are still being maintained.

Version History

Version Release Date Notes
1.00 Apr 1999
1.1 Oct 1999
1.2 Dec 1999
1.3 Feb 2000
1.4 Jun 2000
1.5 Jul 2000
1.8 Dec 2000
1.9 Mar 2001
1.91 Jun 2001
1.94 Dec 2001 Buggy release
1.95 Feb 2002
1.98b Jun 2002
1.99 Nov 2002 OpenSwan 1.0.0 based on FreeS/WAN 1.99.8.1rc6
2.00 Apr 2003 OE
2.01 Jul 2003
2.02 Sep 2003
2.03 Oct 2003 Supports 2.6 kernel
2.04 Nov 2003 strongSwan fork based on this release
2.05 Feb 2004
2.06 Apr 2004 Final release

Backoff Patterns

Vendor IDs

Authentication Methods

ISAKMP SA Lifetime

Transform Attribute Ordering and Rewriting

Aggressive Mode

Response to Noncompliant and Malformed Packets

NAT Traversal

IVEv2

Remote Access VPN Client

Other Interesting Behaviour

Default Configuration

Discovered Vulnerabilities

Personal tools