WAN is an IPsec implementation for Linux 2. IPsec is a network protocol for secure communication. More background information on IPsec can be found in openvpn c:\windows\system32\route.exe delete illustrated guide to IPsec.
Windows Mobile 6, Windows Mobile 5. Vista, Pocket PC 2003, Windows Mobile and Mac OS X v10. NT4 is a free download from the Microsoft website. For brevity, I call it the “MSL2TP client” below. The Linux part of the configuration is basically the same for all these clients. Nate Carlson has made an ‘executive summary’ for people who want just the facts. WAN: this was the first IPsec implementation available for Linux.
WAN is no longer in active development. WAN team members who have started the company Xelerance. Not surprisingly, its main focus is on good certificate and smartcard support. IPsec implementation, which is known as “NETKEY”, “26sec” or “PF_KEY”. This means that recent distributions ship with IPsec support out of the box.
KAME and used by default on many distributions. Its IKE daemon is called racoon. Linux port of OpenBSD’s ISAKMP daemon. A Linux IPsec implementation typically consist of a kernel part and corresponding userland utilities. The userland IKE daemon is called ‘pluto’. You will have to apply a KLIPS kernel patch or install loadable kernel modules for KLIPS.
NETKEY has also been backported to kernel 2. Ipsec-tools is included in most distributions. There are issues with the heavily modified kernels of some distributions such as RHEL 3. Someone should make a good feature comparison between KLIPS and NETKEY but currently there isn’t one. Each option has its pros and cons. I have not tested all combinations.