This article includes a list of general references, but it lacks sufficient corresponding inline citations .(March 2020) |
Initial release | 3.0 / January 02, 2013 |
---|---|
Stable release | 5.1 / 8 October 2024 [1] |
Repository | |
Operating system | Linux |
Predecessor | Openswan, FreeS/WAN |
Available in | C |
Type | IPsec |
License | GNU General Public License [2] |
Website | libreswan.org |
Libreswan is a fork of the Openswan IPsec VPN implementation.
Libreswan was created by almost all of the Openswan developers after a lawsuit about the ownership of the Openswan name was filed against Paul Wouters, the release manager of Openswan, in December 2012. [3] [4] [5] The lawsuit was later settled out of court. [3] [4]
Libreswan supports most of the common types of IPsec configurations people use including configurations like a host-to-host VPN, subnet to subnet VPN. [6]
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion, and was intended to replace IPv4. In December 1998, IPv6 became a Draft Standard for the IETF, which subsequently ratified it as an Internet Standard on 14 July 2017.
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
Virtual private network (VPN) is a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.
In computing, Internet Key Exchange is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained.
OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
In the field of computer security, Openswan provides a complete IPsec implementation for Linux and FreeBSD.
anoNet is a decentralized friend-to-friend network built using VPNs and software BGP routers. anoNet works by making it difficult to learn the identities of others on the network allowing them to anonymously host IPv4 and IPv6 services. One of the primary goals of anoNet is to protect its participants' rights of speech and expression.
strongSwan is a multiplatform IPsec implementation. The focus of the project is on authentication mechanisms using X.509 public key certificates and optional storage of private keys and certificates on smartcards through a PKCS#11 interface and on TPM 2.0.
A UDP Helper Address is a special router configuration used to forward broadcast network traffic from a client machine on one subnet to a server in another subnet.
J2 Global, Inc. was an American technology holding company based in Los Angeles, California. The company provided Internet services through two divisions: Business Cloud Services and Digital Media.
Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual private network (VPN) supported on Cisco IOS-based routers, and Huawei AR G3 routers, and on Unix-like operating systems.
Opportunistic encryption (OE) refers to any system that, when connecting to another system, attempts to encrypt communications channels, otherwise falling back to unencrypted communications. This method requires no pre-arrangement between the two systems.
Vyatta is a software-based virtual router, virtual firewall and VPN product for Internet Protocol networks. A free download of Vyatta has been available since March 2006. The system is a specialized Debian-based Linux distribution with networking applications such as Quagga, OpenVPN, and many others. A standardized management console, similar to Juniper JUNOS or Cisco IOS, in addition to a web-based GUI and traditional Linux system commands, provides configuration of the system and applications. In recent versions of Vyatta, web-based management interface is supplied only in the subscription edition. However, all functionality is available through KVM, serial console or SSH/telnet protocols. The software runs on standard x86-64 servers.
DirectAccess, also known as Unified Remote Access, is a VPN technology that provides intranet connectivity to client computers when they are connected to the Internet. Unlike many traditional VPN connections, which must be initiated and terminated by explicit user action, DirectAccess connections are designed to connect automatically as soon as the computer connects to the Internet. DirectAccess was introduced in Windows Server 2008 R2, providing this service to Windows 7 and Windows 8 "Enterprise" edition clients. In 2010, Microsoft Forefront Unified Access Gateway (UAG) was released, which simplifies the deployment of DirectAccess for Windows 2008 R2, and includes additional components that make it easier to integrate without the need to deploy IPv6 on the network, and with a dedicated user interface for the configuration and monitoring. Some requirements and limitations that were part of the design of DirectAccess with Windows Server 2008 R2 and UAG have been changed. While DirectAccess is based on Microsoft technology, third-party solutions exist for accessing internal UNIX and Linux servers through DirectAccess. With Windows Server 2012, DirectAccess is fully integrated into the operating system, providing a user interface to configure and native IPv6 and IPv4 support.
Hugh Daniel was a noted computer engineer.
dn42 is a decentralized peer-to-peer network built using VPNs and software/hardware BGP routers.
In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005. It succeeded three existing lines of Cisco products:
SoftEther VPN is free open-source, cross-platform, multi-protocol VPN client and VPN server software, developed as part of Daiyuu Nobori's master's thesis research at the University of Tsukuba. VPN protocols such as SSL VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling Protocol are provided in a single VPN server. It was released using the GPLv2 license on January 4, 2014. The license was switched to Apache License 2.0 on January 21, 2019.
VNS3 is a software-only virtual appliance that allows users to control access and network topology and secure data in motion across public and private clouds. VNS3 is a virtual router, switch, firewall, protocol re-distributor, and SSL/IPSec VPN concentrator. The Network Virtualization Software creates a customer-controlled overlay network over top of the underlying network backbone.
IPFire is a hardened open source Linux distribution that primarily performs as a router and a firewall; a standalone firewall system with a web-based management console for configuration.