strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It also fully supports the new IKEv2 protocol with Linux 2.6 kernels. It interoperates in both IKEv1 and IKEv2 mode with most other IPsec-based VPN products. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships. License: GNU General Public License (GPL) Changes: The IKEv2 charon daemon now implements virtual IP address pools. The light version uses, for example, rightsourceip=10.3.0.0/22 to create a pool with 1022 addresses in volatile memory that are assigned on a first come, first served basis; whereas the advanced version uses rightsourceip=%poolname to reference an address pool in an SQLite or MySQL database which binds leases either statically or with a predefined timeout to a specific IKEv2 ID.

	Read more at FreshMeat
	www.pheedo.com/click.phdo?i=c3616bdde53c8227664f43c8b068dd3c