I make use of IPsec at work a lot. Under linux I use strongswan. It has the best interoperability of all the projects I've tried. The strongswan implementation of IKEv2 is most mature. AFAICT it's the only one to support MOBIKE. It claims to be able to support thousands of tunnels concurrently. I see no reason to doubt that. Strongswan also works on ARM and I believe there's a OS X port but I have not tried it. I use strongswan with IKEv1 against Cisco IOS 12.x and IKEv2 against pretty much everything else. On Fri, Jun 22, 2012 at 3:48 PM, Andrew Spiers <andrew@andrewspiers.net> wrote:
Thought I might play around with IPSEC. It seems there are a few different linux implementations, Strongswan, openswan, racoon (which I think is based on a project called KAME) and I think you can do it with Shorewall.
Have I missed any notable implementations? Which is your favourite, and why?