On 2015-04-14 11:44, Eero Volotinen wrote: > 2015-04-14 21:40 GMT+03:00 Florin Andrei <florin at andrei.myip.org>: >> >> http://serverfault.com/a/655752/24406 >> >> If that is accurate, the documentation, and the clustering / load >> balancing might tilt the balance in the direction of strongSwan. >> >> > Well, both packages can do ipsec to cisco asa without any problems. I have this one case where the other end of the connection wants to use some specific encryption parameters (specific versions of AES and SHA). I need to make sure that whatever software I use, is capable of providing that. Better documentation will certainly help. And of course, a more actively supported project, with a good security track record, is very important. All these are factors in choosing between Openswan / Libreswan / strongSwan. -- Florin Andrei http://florin.myip.org/