[strongSwan] strongSwan and Openswan

Troy Telford ttelford.groups at gmail.com
Wed Sep 22 04:06:00 CEST 2010

I've been playing around with IPsec lately, and trying to learn about 
the various ways to get it working...  In the process, I've come to 
wonder about the different development priorities and feature sets of 
Openswan and stongSwan.

I've found the comparison at openswan.org, however it is pretty obvious 
that it hasn’t been updated in quite a while - it compares the (not 
released) Openswan 3.0 to strongSwan 4.1.  The problem is that the git 
repo for openswan shows that the Openswan 3 branch hasn't been touched 
for years...  meanwhile the Openswan 2.x series gets actively developed.

But honestly:  I don't know of any reason to choose one or the other... 
 it's pretty clear they have different feature sets, but there's not 
much in the way of comparing the two, partly because the openswan 
website is so dated.  I've not seen much in the way of feature lists to 
compare - it seems IKEv2 is the biggest difference.

Can anybody please enlighten me as to what the advantages offered by 
strongswan are vs openswan?
Troy Telford

More information about the Users mailing list