# /etc/strongswan.conf - strongSwan configuration file

charon {
  load = random nonce openssl pem pkcs1 revocation curl vici kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-tnccs tnc-imc tnccs-20 updown

  multiple_authentication = no

  start-scripts {
    creds = /usr/local/sbin/swanctl --load-creds 
    conns = /usr/local/sbin/swanctl --load-conns
  }
  syslog {
    auth {
      default = 0
    }
    daemon {
      tnc = 3 
      imc = 3
      pts = 3 
    }
  }
}

libtls {
  suites = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
}

libimcv {
  plugins {
    imc-os {
      push_info = yes
    }
  }
}