diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2015-11-23 21:35:16 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2015-12-11 18:26:54 +0100 |
commit | 6aa770312231401f91bd2049b311c81078c128c2 (patch) | |
tree | 000766c39e7a7c56532473fd41a1a9ea8b878362 /testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf | |
parent | 74270c8c86ac8a25e7d70ee84b1686afdce32776 (diff) | |
download | strongswan-6aa770312231401f91bd2049b311c81078c128c2.tar.bz2 strongswan-6aa770312231401f91bd2049b311c81078c128c2.tar.xz |
testing: Converted tnc scenarios to swanctl
Diffstat (limited to 'testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf')
-rw-r--r-- | testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf index 38b2e2ec2..117ca715c 100644 --- a/testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pts-no-ecc/hosts/moon/etc/strongswan.conf @@ -1,10 +1,24 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = aes md5 sha1 sha2 hmac gmp pem pkcs1 random nonce x509 curl revocation stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown sqlite + load = random nonce aes sha1 sha2 md5 gmp hmac pem pkcs1 x509 revocation curl vici kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown sqlite multiple_authentication = no + start-scripts { + creds = /usr/local/sbin/swanctl --load-creds + conns = /usr/local/sbin/swanctl --load-conns + } + syslog { + auth { + default = 0 + } + daemon { + tnc = 3 + imv = 3 + pts = 3 + } + } plugins { eap-ttls { phase2_method = md5 @@ -14,6 +28,10 @@ charon { } } +libtls { + suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 +} + libimcv { database = sqlite:///etc/db.d/config.db policy_script = ipsec imv_policy_manager |