# /etc/strongswan.conf - strongSwan configuration file

charon-systemd {
  load = random nonce aes sha1 sha2 md5 pem pkcs1 gmp hmac x509 revocation curl vici kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

  multiple_authentication=no
  integrity_test = yes

  syslog {
    auth {
      default = 0
    }
    daemon {
      tnc = 3
      imc = 3
    }
  }
  plugins {
    eap-tnc {
      protocol = tnccs-2.0
    }
  }
}

libtls {
  suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
}

libimcv {
  plugins {
    imc-test {
      command = isolate
    }
    imc-scanner {
      push_info = no
    }
  }
}