Users who migrate or integrate on-premises services with a cloud provider like Oracle Cloud Infrastructure usually use IP Security (IPSec) technology to create an encrypted tunnel between environments to transfer data or integrate applications. Using IPSec technology, such as Openswan, enables users to avoid exposing data and applications to the public internet. The goal of this post is to clarify the Openswan and Libreswan IPSec technologies.
Openswan is a well-known IPSec implementation for Linux. It begun as a fork of the now-defunct FreeS/WAN project in 2003. Unlike the FreeS/WAN project, it didn’t exclusively target the GNU/Linux operating system, but expanded its usability to other operating systems. In 2012, it renamed itself to The Libreswan Project because of a lawsuit over the trademark of the name openswan.
As a result, when you try to install or query the Openswan package on Oracle Linux, by default the Libreswan package is installed or shown instead. The yum search query command illustrates this behavior:
|$ sudo yum search openswan
Loaded plugins: langpacks, ulninfo
Matched: openswan =============================================================================
NetworkManager-libreswan.x86_64 : NetworkManager VPN plug-in for libreswan
NetworkManager-libreswan-gnome.x86_64 : NetworkManager VPN plugin for libreswan - GNOME files
libreswan.x86_64 : IPsec implementation with IKEv1 and IKEv2 keying protocols
Libreswan is maintained by The Libreswan Project and has been under active development for over 15 years, going back to the FreeS/WAN Project. For more information, see the project's history.
Having a secure, encrypted, point-to-point channel through which your data can travel from a specific location to the cloud contributes to a safer solution that helps avoid breaches and data loss. If you want to create an IPSec point-to-point, encrypted tunnel between Oracle Cloud Infrastructure and a different cloud provider, on-premises environment, or both, see the following blog post, which describes how to accomplish this by using Libreswan: