floppym@gentoo.org Mike Gilbert From the Openswan web site: Openswan is an Open Source implementation of IPsec for the Linux operating system. Is it a code fork of the FreeS/WAN project, started by a few of the developers who were growing frustrated with the politics surrounding the FreeS/WAN project. Include curl support (used for fetching CRLs) Include LDAP support (used for fetching CRLs) Include additional strong algorithms (Blowfish, Twofish, Serpent and SHA2) Include weak algorithms (DH1) Include algorithms that don't even encrypt (1DES) Allow bad IP address proposal offered by an Microsoft L2TP/IPSec servers Include libnss support (adds smartcard support) Use OpenSSL libraries for BIGNUM support