# /etc/strongswan.conf - strongSwan configuration file

charon {
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
  multiple_authentication = no
  plugins {
    kernel-netlink {
      fwmark = !0x42
    }
    socket-default {
      fwmark = 0x42
    }
    kernel-libipsec {
      allow_peer_ts = yes
    }
  }
}