[Openswan Users] Openswan's userland tools vs. IPsec-Tools ?

Paul Wouters paul at xelerance.com
Thu Oct 28 20:32:54 CEST 2004

On Thu, 28 Oct 2004, Philip Leo wrote:

> I'm learning IPsec, I want to use the native IPSEC implementation in my 
> Linux kernel 2.6.5 .

If using the native stack, please at least use 2.6.9.

> When I choose the user space tools, I fell quite confused.
> As I know in addition to Openswan, there are other IPsec userland tools 
> such as IPsec-Tools. Then my question is: What is the relationship between 
> Openswan's userland tools and IPsec-Tools? Are they just two different 
> things? If I use any of them, will it be sufficient?

You're asking on the openswan list, so you'll get a biased answer....

Openswan has a lot more features then ipsec-tools (aka Racoon). 
Openswan has seen a much larger deployment
Openswan is much better suited for complex and large scenarios
Openswan has been written with security in mind
Openswan is much easier to configure then Racoon


More information about the Users mailing list