# /etc/strongswan.conf - strongSwan configuration file

charon {
  load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 mfg1 gmp x509 curl revocation hmac gcm stroke kernel-netlink socket-default eap-tls updown

  multiple_authentication=no
  syslog {
    daemon {
      tls = 2
    }
  }
}

libtls {
  suites = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
}