Home Explore Help
Sign In
khubaib
/
Fastestvpn_JetpackCompose
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 785ffb8fab
Branches Tags
Fastestvpn_J...
/
strongSwanLib
/
testing
/
tests
/
tnc
/
tnccs-20-pdp-pt-tls
/
hosts
/
alice
/
etc
/
strongswan.conf

strongswan.conf 1.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546 
  1. # /etc/strongswan.conf - strongSwan configuration file
    2. 

  2. 

  3. charon-systemd {
    4. 

  4.   load = random nonce pem pkcs1 x509 openssl revocation constraints curl vici socket-default kernel-netlink tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
    5. 

  5. 

  6.   syslog {
    7. 

  7.     daemon {
    8. 

  8.       tls = 2
    9. 

  9.       tnc = 2
    10. 

  10.       imv = 3
    11. 

  11.     }
    12. 

  12.   }
    13. 

  13.   plugins {
    14. 

  14.     tnc-pdp {
    15. 

  15.       server = aaa.strongswan.org
    16. 

  16.       radius {
    17. 

  17.         secret = gv6URkSs
    18. 

  18.       }
    19. 

  19.     }
    20. 

  20.     tnc-imv {
    21. 

  21.       dlclose = no
    22. 

  22.     }
    23. 

  23.   }
    24. 

  24. }
    25. 

  25. 

  26. libtls {
    27. 

  27.   suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    28. 

  28. }
    29. 

  29. 

  30. libimcv {
    31. 

  31.   database = sqlite:///etc/db.d/config.db
    32. 

  32.   policy_script = /usr/local/libexec/ipsec/imv_policy_manager
    33. 

  33. 

  34.   plugins {
    35. 

  35.     imv-swima {
    36. 

  36.       rest_api {
    37. 

  37.         uri = http://admin-user:strongSwan@tnc.strongswan.org/api/
    38. 

  38.       }
    39. 

  39.     }
    40. 

  40.   }
    41. 

  41. }
    42. 

  42. 

  43. imv_policy_manager {
    44. 

  44.   command_allow = ssh root@moon 'logger -t charon-systemd -p auth.alert "\"host with IP address %s is allowed\""'
    45. 

  45.   command_block = ssh root@moon 'logger -t charon-systemd -p auth.alert "\"host with IP address %s is blocked\""'
    46. 

  46. }
    47.