is open-source IPsec VPN software for Linux. Openswan can be used to set up a site-to-site IPsec VPN tunnel between two physical networks. Initially Openswan included IPsec kernel patches, but over time these have been integrated into the Linux kernel. Currently Openswan consists of user-space IKE (Internet Key Exchange) daemon and associated connection management services. Openswan supports features like X.509 digital certificates, NAT traversal, subnet extrusion, opportunistic encryption, Xauth and DNSSEC. Openswan is known to be interoperable with many other open and commercial VPN solutions including those from Cisco, Windows, Checkpoint and SonicWALL.