strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It also fully supports the new IKEv2 protocol with Linux 2.6 kernels. It interoperates in both IKEv1 and IKEv2 mode with most other IPsec-based VPN products. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships. License: GNU General Public License (GPL) Changes: IKEv2 repeated authentication (RFC 4478) was implemented to force, for example, EAP clients to periodically re-establish an IKE_SA. Support of IPv6 IPsec connections was fully tested, including seamless integration of ip6tables firewall rules. The Web-based strongSwan Manager now allows the interactive starting and stopping of IKE and CHILD SAs.

	Read more at FreshMeat
	freshmeat.net/releases/267077/