secure-tunneling pfeifer@gentoo.org Jay Pfeifer Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This is a network which is effectively private even though it includes machines at several different sites connected by the insecure Internet. The IPSEC protocols were developed by the IETF (Internet Engineering Task Force) and will be required as part of IP Version Six, the next generation. They are also being widely implemented for IP V4. In particular, nearly all vendors of any type of firewall or security software have IPSEC support either shipping or in development. There are also several open source IPSEC projects. Several companies are co-operating in the Secure Wide Area Network (S/WAN) project to ensure that products will interoperate. There is also a VPN Consortium fostering cooperation among companies in this area. Our project's primary objective is to help make IPSEC widespread by providing source code which is freely available, runs on a range of machines including ubiquitous cheap PCs, and is not subject to US or other nations' export restrictions.