Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   14857 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

rcipsec(8)			  strongswan			    rcipsec(8)

NAME
       rcipsec

SYNOPSIS
       This executable is part of the package 'strongswan': StrongSwan --
       OpenSource IPsec-based VPN Solution

       Documentation for SUSE Linux Enterprise is available online at:
       <http://www.suse.com/documentation/sles11/> and also installed on the
       system at /usr/share/doc/manual/

       Additional documentation for a specific package may be available at
       /usr/share/doc/packages/strongswan/ ""

DESCRIPTION
       StrongSwan is an OpenSource IPsec-based VPN Solution for Linux

       * runs both on Linux 2.4 (KLIPS IPsec) and Linux 2.6 (NETKEY IPsec)
	  kernels

       * implements both the IKEv1 and IKEv2 (RFC 4306) key exchange
	  protocols

       * NEW: Fully tested support of IPv6 IPsec tunnel connections

       * Dynamical IP address and interface update with IKEv2 MOBIKE (RFC
	  4555)

       * Fast connection startup and periodic update using ipsec starter

       * Automatic insertion and deletion of IPsec policy based firewall
	  rules

       * Strong 3DES, AES, Serpent, Twofish, or Blowfish encryption

       * NAT-Traversal via UDP encapsulation and port floating (RFC 3947)

       * Static Virtual IPs and IKE Mode Config Pull and Push modes

       * XAUTH server and client functionality on top of IKE Main Mode
	  authentication

       * Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels

       * Authentication based on X.509 certificates or preshared keys

       * Generation of a default self-signed certificate during first
	  strongSwan startup

       * Retrieval and local caching of Certificate Revocation Lists via
	  HTTP or LDAP

       * Full support of the Online Certificate Status Protocol (OCSP, RCF
	  2560).

       * CA management (OCSP and CRL URIs, default LDAP server)

       * Powerful IPsec policies based on wildcards or intermediate CAs

       * Group policies based on X.509 attribute certificates ( RFC 3281)

       * Optional storage of RSA private keys and certificates on a
	  smartcard

       * Smartcard access via standardized PKCS #11 interface

       * PKCS #11 proxy function offering RSA decryption services via whack

       * NEW: strongSwan Manager - a graphical management interface for IKEv2

AUTHORS
	   Andreas Steffen
	   and others

LICENSE
       GPL v2 or later

SUSE Linux Enterprise Server 11	  2011-11-23			    rcipsec(8)

Vote for polarhome