FreeS/WAN manual pages

Links here take you to an HTML version of the man pages.

If you have the world Wide Web Consortium's Amaya browser/editor, then you have another choice. Use Amaya to get all the manual pages in a single HTML document.

Files

These files are also discussed in the HTML setup and configuration documents.

Many users will never give most of the FreeS/WAN commands directly. Configure the files listed above correctly and everything should be automatic.

One exception is:

Note that:

These keys are for authentication only. They are not secure for encryption.
RSA Data Security hold a US patent on the RSA algorithm, valid until September 20, 2000. Using this utility in the US before then may be illegal because it would violate that patent.
The utility uses random(4) as a source of random numbers. This may block for some time if there is not enough activity on the machine to provide the required entropy. You may want to give it some bogus activity such as random mouse movements or some command such as du /usr > dev/null &.

The following commands are fairly likely to be used, if only for testing and status checks:

The lower-level utilities listed below are normally invoked via scripts listed above, but they can also be used directly when required.

ipsec_eroute(8): manipulate IPSEC extended routing tables
ipsec_klipsdebug(8): set Klips (kernel IPSEC support) debug features and level
ipsec_pluto(8): IPsec IKE keying daemon
ipsec_spi(8): manage IPSEC Security Associations
ipsec_spigrp(8): group/ungroup IPSEC Security Associations
ipsec_tncfg(8): associate IPSEC virtual interface with real interface
ipsec_whack(8): control interface for IPSEC keying daemon