StrongSwan

strongSwan is a multiplatform IPsec implementation. The focus of the project is on authentication mechanisms using X.509 public key certificates and optional storage of private keys and certificates on smartcards through a PKCS#11 interface and on TPM 2.0.

Overview
The project is maintained by Andreas Steffen who is a professor emeritus for Security in Communications with the University of Applied Sciences in Rapperswil, Switzerland.

As a descendant of the FreeS/WAN project, strongSwan continues to be released under the GPL license. It supports certificate revocation lists and the Online Certificate Status Protocol (OCSP). A unique feature is the use of X.509 attribute certificates to implement access control schemes based on group memberships. StrongSwan interoperates with other IPsec implementations, including various Microsoft Windows and macOS VPN clients. The current version of strongSwan fully implements the Internet Key Exchange (IKEv2) protocol defined by RFC 7296.

Features
strongSwan supports IKEv1 and fully implements IKEv2.

IKEv1 and IKEv2 features

 * strongSwan offers plugins, enhancing its functionality. The user can choose among three crypto libraries (legacy [non-US] FreeS/WAN, OpenSSL, and gcrypt).
 * Using the openssl plugin, strongSwan supports Elliptic Curve Cryptography (ECDH groups and ECDSA certificates and signatures) both for IKEv2 and IKEv1, so that interoperability with Microsoft's Suite B implementation on Vista, Win 7, Server 2008, etc. is possible.
 * Automatic assignment of virtual IP addresses to VPN clients from one or several address pools using either the IKEv1 ModeConfig or IKEv2 Configuration payload. The pools are either volatile (i.e. RAM-based) or stored in a SQLite or MySQL database (with configurable lease-times).
 * The ipsec pool command line utility allows the management of IP address pools and configuration attributes like internal DNS and NBNS servers.

IKEv2 only features

 * The IKEv2 daemon is inherently multi-threaded (16 threads by default).
 * The IKEv2 daemon comes with a High-Availability option based on Cluster IP where currently a cluster of two hosts does active load-sharing and each host can take over the ESP and IKEv2 states without rekeying if the other host fails.
 * The following EAP authentication methods are supported: AKA and SIM including the management of multiple [U]SIM cards, MD5, MSCHAPv2, GTC, TLS, TTLS. EAP-MSCHAPv2 authentication based on user passwords and EAP-TLS with user certificates are interoperable with the Windows 7 Agile VPN Client.
 * The EAP-RADIUS plugin relays EAP packets to one or multiple AAA servers (e.g. FreeRADIUS or Active Directory).
 * Support of RFC 5998 EAP-Only Authentication in conjunction with strong mutual authentication methods like e.g. EAP-TLS.
 * Support of RFC 4739 IKEv2 Multiple Authentication Exchanges.
 * Support of RFC 5685 IKEv2 Redirection.
 * Support of the RFC 4555 Mobility and Multihoming Protocol (MOBIKE) which allows dynamic changes of the IP address and/or network interface without IKEv2 rekeying. MOBIKE is also supported by the Windows 7 Agile VPN Client.
 * The strongSwan IKEv2 NetworkManager applet supports EAP, X.509 certificate and PKCS#11 smartcard based authentication. Assigned DNS servers are automatically installed and removed again in /etc/resolv.conf.
 * Support of Trusted Network Connect (TNC). A strongSwan VPN client can act as a TNC client and a strongSwan VPN gateway as a Policy Enforcement Point (PEP) and optionally as a co-located TNC server. The following TCG interfaces are supported: IF-IMC 1.2, IF-IMV 1.2, IF-PEP 1.1, IF-TNCCS 1.1, IF-TNCCS 2.0 (RFC 5793 PB-TNC), IF-M 1.0 (RFC 5792 PA-TNC), and IF-MAP 2.0.
 * The IKEv2 daemon has been fully ported to the Android operating system including integration into the Android VPN applet. It has also been ported to the Maemo, FreeBSD and macOS operating systems.

KVM simulation environment
The focus of the strongSwan project lies on strong authentication by means of X.509 certificates, as well as the optional safe storage of private keys on smart cards using the standardized PKCS#11 interface, strongSwan certificate check lists and On-line Certificate Status Protocol (OCSP).

An important capability is the use of X.509 Certificate Attributes, which permits it to utilize complex access control mechanisms on the basis of group memberships.

strongSwan comes with a simulation environment based on KVM. A network of eight virtual hosts allows the user to enact a multitude of site-to-site and roadwarrior VPN scenarios.