[strongSwan] support for pfkey
Andreas Steffen
andreas.steffen at strongswan.org
Fri Apr 16 11:33:09 CEST 2010
Hi Anil,
what do you want to know? Pluto has pfkey support with the old
KLIPS IPsec stack only, whereas charon has a kernel-pfkey plugin
which allows the IKEv2 daemon to communicate even with the
Linux 2.6 NETKEY IPsec stack via the PF_KEYv2 interface, although
there are more capabilities (e.g. AEAD authenticated encryption
support) by using the XFRM netlink interface. You can find a
couple of PFKEY example scenarios here:
http://www.strongswan.org/uml/testresults43/pfkey/index.html
Of course the kernel-pfkey plugin can be used to run charon on
FreeBSD and Mac OS X or potentially on other operating system
possessing a PF_KEYv2 kernel interface.
Best regards
Andreas
On 16.04.2010 11:06, NAGARAJAN, ANIL (ANIL) wrote:
> Hi All,
>
> Does charon (strongswan 4.3.5) support pfkey message similar to pluto?
>
> Regds
>
> Anil N
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list