Openswan: Documentation: Feature / Version Comparison

> Search

Detailed Technical Featureset Breakdown:

The following versions were used for this table

FreeS/WAN 2.05
X.509 1.5.4
ALG 0.8.0
NAT-T 0.6c
Openswan 1.0.6
Openswan 2.1.4
Openswan 2.2.0 (CVS)

FreeS/WAN

NAT-T Patch

ALG Patch

X.509 Patch

Openswan 1.0.x

Openswan 2.1.x

Openswan 2.2.x

IKE/ISAKMP

IKE (RFC 2409)

X

X

X

X

X

X

X

DH Group 1 (MODP 768)

X

DH Group 2 (MODP 1024)

X

X

X

X

X

X

X

DH Group 5 (MODP 1536)

X

X

X

X

X

X

X

IKE Exchanges

Preshared Key (aka PSK, Shared Secrets)

X

X

X

X

X

X

X

RSASig (aka RSA Auth)

X

X

X

X

X

X

X

Opportunisic Encryption (OE)

X

X

X

X

X

X

X

Manual Keying

X

X

X

X

X

X

X

X.509 Digital Certificates

X

X

X

X

Transforms & Ciphers

Auth MD5 (RFC 1828)

X

X

X

X

X

X

X

HMAC-MD5-96 (RFC 2403)

X

X

X

X

X

X

X

Auth SHA1 (RFC 1852)

X

X

X

X

X

X

X

HMAC-SHA-1-96 (RFC 2404)

X

X

X

X

X

X

X

Auth SHA2

X

X

X

ESP DES-CBC (RFC 1829)

Note 1

ESP 3DES (RFC 1851)

X

X

X

X

X

X

X

AES

X

X

X

Twofish

X

X

Note 2

Blowfish

X

X

Note 2

CAST

X

X

Note 2

NULL

X

X

Note 2

Serpent

X

X

Note 2

Digital Certificates & PKI

X.509 Certificates

X

X

X

X

NAT-Traversal

draft-ietf-ipsec-nat-t-ike-01.txt

X

X

X

X

draft-ietf-ipsec-udp-encaps-01.txt

X

X

X

X

draft-ietf-ipsec-nat-t-ike-02.txt

X

X

X

X

draft-ietf-ipsec-udp-encaps-02.txt

X

X

X

X

draft-ietf-ipsec-nat-t-ike-03.txt

X

X

X

X

draft-ietf-ipsec-udp-encaps-03.txt

X

X

X

X

Note 1: 1DES is available on Openswan 1.x, by manually modprobing the ipsec_alg_1des.o module.
Note 2: These additional ciphers are available on Kernel 2.6, if you have enabled them in CryptoAPI