Annotation of embedaddon/strongswan/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf, revision 1.1.1.2
1.1 misho 1: # /etc/strongswan.conf - strongSwan configuration file
2:
3: charon-systemd {
4: load = random nonce pem pkcs1 x509 openssl revocation constraints curl vici socket-default kernel-netlink tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
5:
6: syslog {
7: daemon {
8: tls = 2
9: tnc = 2
10: imv = 3
11: }
12: }
13: plugins {
14: tnc-pdp {
15: server = aaa.strongswan.org
16: radius {
17: secret = gv6URkSs
18: }
19: }
20: tnc-imv {
21: dlclose = no
22: }
23: }
24: }
25:
26: libtls {
1.1.1.2 ! misho 27: version_max = 1.3
! 28: suites = TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384
1.1 misho 29: }
30:
31: libimcv {
32: database = sqlite:///etc/db.d/config.db
33: policy_script = /usr/local/libexec/ipsec/imv_policy_manager
34:
35: plugins {
36: imv-swima {
37: rest_api {
38: uri = http://admin-user:strongSwan@tnc.strongswan.org/api/
39: }
40: }
41: }
42: }
43:
44: imv_policy_manager {
45: command_allow = ssh root@moon 'logger -t charon-systemd -p auth.alert "\"host with IP address %s is allowed\""'
46: command_block = ssh root@moon 'logger -t charon-systemd -p auth.alert "\"host with IP address %s is blocked\""'
47: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to strongswan.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-20-pdp-pt-tls / hosts / alice / etc