FreeS/WAN
Contents
- 1 Platform Notes
- 2 Version History
- 3 Backoff Patterns
- 4 Vendor IDs
- 5 Authentication Methods
- 6 ISAKMP SA Lifetime
- 7 Transform Attribute Ordering and Rewriting
- 8 Aggressive Mode
- 9 Response to Noncompliant and Malformed Packets
- 10 NAT Traversal
- 11 IVEv2
- 12 Remote Access VPN Client
- 13 Other Interesting Behaviour
- 14 Default Configuration
- 15 Discovered Vulnerabilities
Platform Notes
FreeS/WAN is an open source IPsec VPN solution that runs on Linux systems with either 2.4 or 2.6 kernels. The data encryption is handled by the Linux kernel (using KLIPS for 2.4, or Linux native IPsec for 2.6), and IKE is handled with a user mode process called pluto.
The S/WAN part of the name stands for Secure Wide Area Network. More details on the naming are on the RSA What is S/WAN page.
The FreeS/WAN project is no longer being actively maintained. Development ended in April 2004 with the release of version 2.06.
Compiling it with GCC 3.3 warns about using cast expressions as lvalues, and it won't compile at all with GCC 4.1 and later because GCC 4.1 considers the use of cast expressions as lvalues to be an error.
FreeS/WAN is now mainly of historical interest. It is not often seen in production enviroments.
FreeS/WAN was used as the basis for two other open source IPsec implementations: OpenSwan and StrongSwan. Both of which are still being maintained.
Version History
Version | Release Date | Notes |
---|---|---|
1.00 | Apr 1999 | |
1.1 | Oct 1999 | |
1.2 | Dec 1999 | |
1.3 | Feb 2000 | |
1.4 | Jun 2000 | |
1.5 | Jul 2000 | |
1.8 | Dec 2000 | |
1.9 | Mar 2001 | |
1.91 | Jun 2001 | |
1.94 | Dec 2001 | Buggy release |
1.95 | Feb 2002 | |
1.98b | Jun 2002 | |
1.99 | Nov 2002 | OpenSwan 1.0.0 based on FreeS/WAN 1.99.8.1rc6 |
2.00 | Apr 2003 | OE |
2.01 | Jul 2003 | |
2.02 | Sep 2003 | |
2.03 | Oct 2003 | Supports 2.6 kernel |
2.04 | Nov 2003 | strongSwan fork based on this release |
2.05 | Feb 2004 | |
2.06 | Apr 2004 | Final release |