The Linux FreeS/WAN Project

Introduction     Online Documentation     FreeS/WAN Download     Old News     Related Tools     Helping Out     Bug Reports     Maillist & Archives     IPSEC Community     History & Politics     Credits     Home Page   !Lights!

Introduction     Current Release     Today's Snapshot     Signatures    


    Linux FreeS/WAN comes as a tar file or RPMs containing source and documentation for Linux systems with 2.2.XX and 2.4.XX kernels. We also have experimental support for 2.6.xx kernels; please use our latest release to try this.

    Our users have contributed many patches which give additional functionality to Linux FreeS/WAN: NAT traversal, additional algorithms, Delete SA, and X.509 support. An unofficial release which incorporates many of these patches is available over here as tar or RPM.

Latest Release


   Our latest stable release is 2.06.

   We also provide current snapshots of our development tree.

RedHat and Fedora Core RPMs

    For the simplest, quickest way to get FreeS/WAN IPsec going with Opportunistic Encryption, use our Red Hat or Fedora Core RPMs and our quickstart guide. If there are prebuilt RPMs for your Red Hat or Fedora Core system, this command will get them, and the keying material necessary to verify them:

   ncftpget`uname -r | tr -d 'a-wy-z'`/\*

    If that fails, it is unlikely that we have RPMs for you. However, you can walk through our directories and have a look.

  If you don't find RPMs, you'll need to install from source, as described in the next section.


    As a quick way to download the release, signature and signing key, cut and paste this next line into a shell window:


    Or, grab the "freeswan-*" files from

    Our releases are tested to at least install in the target environment (currently Red Hat 9.x and 8.x with recent kernels) according to the INSTALL and our other documentation.

  There is no warranty of any kind with this software.

Today's Snapshot

    WARNING: Snapshots are Experimental, they are just the current state of the multi-developer shared development tree and could be in any state of disarray. It might not compile, if it compiles then it might not work (and that can be REAL hard to tell with crypto software...) and the resulting binaries might even give your dog hiccups!

    So please use the snapshot only if you judge yourself able to deal with any of the problems that might occur with unfinished software. That said, please do try the daily snapshot!

FTP from Europe:     snapshot.tar.gz   MD5 sig

    Here is a command to get the snapshot, its md5sum and signature:



    Test your RPMs and/or tars with these pgp2 public keys.