# /etc/strongswan.conf - strongSwan configuration file charon { load = random nonce aes sha1 sha2 md5 pem pkcs1 gmp hmac x509 revocation curl vici kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-11 updown multiple_authentication=no integrity_test = yes start-scripts { creds = /usr/local/sbin/swanctl --load-creds conns = /usr/local/sbin/swanctl --load-conns } syslog { auth { default = 0 } daemon { tnc = 3 imc = 3 } } plugins { eap-tnc { protocol = tnccs-1.1 } } } ilibtls { suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 } libimcv { plugins { imc-test { command = allow } } }