GoSecure: Virtual Private Network solution by NSA

goSecure is an easy to use and portable Virtual Private Network (VPN) built with Linux and a Raspberry Pi 3.

The system consists of a single server and one or many clients. strongSwan is used to establish a Suite B IPsec tunnel with pre-shared keys between the server and client(s).

Server and Client

The server component is a multi-homed [laptop/server/cloud instance/Raspberry Pi] that runs strongSwan using the NSA Commercial Solutions for Classified (CSfC) guidelines for protecting classified data. It is built upon a minimal and hardened Linux instance per DISA Security Technical Implementation Guides (STIGs).

The client component is a Raspberry Pi that runs strongSwan using the NSA CSFC guidelines for protecting classified data and it utilizes its hardware Random Number Generator (RNG). It is built upon a minimal and hardened Linux instance per DISA STIGs.

The client currently supports 3 modes of operation:

  1. Ethernet (eth0) LAN – Wifi (wlan0) WAN
  2. Ethernet (eth1) LAN – Ethernet (eth0) WAN
  3. Wifi LAN (wlan0) – Ethernet (eth0) WAN

About strongSwan

StrongSwan is the OpenSource IPsec-based VPN Solution and runs on Linux 2.6, 3.x and 4.x kernels, Android, FreeBSD, OS X, iOS and Windows.


  • implements both the IKEv1 and IKEv2 (RFC 7296) key exchange protocols
  • Fully tested support of IPv6 IPsec tunnel and transport connections
  • Dynamical IP address and interface update with IKEv2 MOBIKE (RFC 4555)
  • Automatic insertion and deletion of IPsec-policy-based firewall rules
  • NAT-Traversal via UDP encapsulation and port floating (RFC 3947)
  • Support of IKEv2 message fragmentation (RFC 7383) to avoid issues with IP fragmentation
  • Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
  • Static virtual IPs and IKEv1 ModeConfig pull and push modes
  • XAUTH server and client functionality on top of IKEv1 Main Mode authentication
  • and much more…

Recent Articles

Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy...

COVID-19: SentinelOne Offers Free Platform Access

As the world battles COVID-19, enterprises are coping with immediate work-from-home needs and the challenges of protection beyond the network perimeter, says...

XSS vulnerability in the HTML Data Processor for CKEditor 4.0

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web...

Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled...

Photon: Light and Fast Web Crawler

Photon is a lightning fast web crawler which extracts URLs, files, intel & endpoints from a target. 160 requests per second while extensive...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox