1STRONGSWAN.CONF(5) strongSwan STRONGSWAN.CONF(5)
2
6 strongswan.conf - strongSwan configuration file
7
9 While the ipsec.conf(5) configuration file is well suited to define
10 IPsec related configuration parameters, it is not useful for other
11 strongSwan applications to read options from this file. The file is
12 hard to parse and only ipsec starter is capable of doing so. As the
13 number of components of the strongSwan project is continually growing,
14 a more flexible configuration file was needed, one that is easy to ex‐
15 tend and can be used by all components. With strongSwan 4.2.1
16 strongswan.conf(5) was introduced which meets these requirements.
17
20 The format of the strongswan.conf file consists of hierarchical sec‐
21 tions and a list of key/value pairs in each section. Each section has a
22 name, followed by C-Style curly brackets defining the section body.
23 Each section body contains a set of subsections and key/value pairs:
24 settings := (section|keyvalue)*
26 section := name { settings }
27 keyvalue := key = value\n
28 Values must be terminated by a newline.
30 Comments are possible using the #-character.
32 Section names and keys may contain any printable character except:
34 . , : { } = " # \n \t space
36 An example file in this format might look like this:
38 a = b
40 section-one {
41 somevalue = asdf
42 subsection {
43 othervalue = xxx
44 }
45 # yei, a comment
46 yetanother = zz
47 }
48 section-two {
49 x = 12
50 }
51 Indentation is optional, you may use tabs or spaces.
53
57 It is possible to inherit settings and sections from another section.
58 This feature is mainly useful in swanctl.conf (which uses the same file
59 format). The syntax is as follows:
60 section := name : references { settings }
62 references := absname[, absname]*
63 absname := name[.name]*
64 All key/value pairs and all subsections of the referenced sections will
66 be inherited by the section that references them via their absolute
67 name. Values may be overridden in the section or any of its sub-sec‐
68 tions (use an empty assignment to clear a value so its default value,
69 if any, will apply). It is currently not possible to limit the inclu‐
70 sion level or clear/remove inherited sub-sections.
71 If the order is important (e.g. for auth rounds in a connection, if
73 round is not used), it should be noted that inherited settings/sections
74 will follow those defined in the current section (if multiple sections
75 are referenced, their settings are enumerated left to right).
76 References are evaluated dynamically at runtime, so referring to sec‐
78 tions later in the config file or included via other files is no prob‐
79 lem.
80 Here is an example of how this might look like:
82 conn-defaults {
84 # default settings for all conns (e.g. a cert, or IP pools)
85 }
86 eap-defaults {
87 # defaults if eap is used (e.g. a remote auth round)
88 }
89 child-defaults {
90 # defaults for child configs (e.g. traffic selectors)
91 }
92 connections {
93 conn-a : conn-defaults, eap-defaults {
94 # set/override stuff specific to this connection
95 children {
96 child-a : child-defaults {
97 # set/override stuff specific to this child
98 }
99 }
100 }
101 conn-b : conn-defaults {
102 # set/override stuff specific to this connection
103 children {
104 child-b : child-defaults {
105 # set/override stuff specific to this child
106 }
107 }
108 }
109 conn-c : connections.conn-a {
110 # everything is inherited, including everything conn-a
111 # already inherits from the sections it and its
112 # sub-section reference
113 }
114 }
115
117 Using the include statement it is possible to include other files into
118 strongswan.conf, e.g.
119 include /some/path/*.conf
121 If the file name is not an absolute path, it is considered to be rela‐
123 tive to the directory of the file containing the include statement. The
124 file name may include shell wildcards (see sh(1)). Also, such inclu‐
125 sions can be nested.
126 Sections loaded from included files extend previously loaded sections;
128 already existing values are replaced. It is important to note that
129 settings are added relative to the section the include statement is in.
130 As an example, the following three files result in the same final con‐
132 fig as the one given above:
133 a = b
135 section-one {
136 somevalue = before include
137 include include.conf
138 }
139 include other.conf
140 include.conf:
142 # settings loaded from this file are added to section-one
143 # the following replaces the previous value
144 somevalue = asdf
145 subsection {
146 othervalue = yyy
147 }
148 yetanother = zz
149 other.conf:
151 # this extends section-one and subsection
152 section-one {
153 subsection {
154 # this replaces the previous value
155 othervalue = xxx
156 }
157 }
158 section-two {
159 x = 12
160 }
161
164 Values are accessed using a dot-separated section list and a key. With
165 reference to the example above, accessing section-one.subsection.other‐
166 value will return xxx.
167
170 The following keys are currently defined (using dot notation). The de‐
171 fault value (if any) is listed in brackets after the key.
172 aikgen.load []
174 Plugins to load in ipsec aikgen tool.
175 attest.database []
178 File measurement information database URI. If it contains a
179 password, make sure to adjust the permissions of the config file
180 accordingly.
181 attest.load []
184 Plugins to load in ipsec attest tool.
185 charon
188 Options for the charon IKE daemon.
189 Note: Many of the options in this section also apply to
191 charon-cmd and other charon derivatives. Just use their respec‐
192 tive name (e.g. charon-cmd instead of charon). For many op‐
193 tions defaults can be defined in the libstrongswan section.
194 charon.accept_private_algs [no]
197 Deliberately violate the IKE standard's requirement and allow
198 the use of private algorithm identifiers, even if the peer im‐
199 plementation is unknown.
200 charon.accept_unencrypted_mainmode_messages [no]
203 Accept unencrypted ID and HASH payloads in IKEv1 Main Mode.
204 Some implementations send the third Main Mode message unen‐
206 crypted, probably to find the PSKs for the specified ID for au‐
207 thentication. This is very similar to Aggressive Mode, and has
208 the same security implications: A passive attacker can sniff the
209 negotiated Identity, and start brute forcing the PSK using the
210 HASH payload.
211 It is recommended to keep this option to no, unless you know ex‐
213 actly what the implications are and require compatibility to
214 such devices (for example, some SonicWall boxes).
215 charon.block_threshold [5]
218 Maximum number of half-open IKE_SAs for a single peer IP.
219 charon.cache_crls [no]
222 Whether Certificate Revocation Lists (CRLs) fetched via HTTP or
223 LDAP should be saved under a unique file name derived from the
224 public key of the Certification Authority (CA) to
225 /etc/ipsec.d/crls (stroke) or /etc/swanctl/x509crl (vici), re‐
226 spectively.
227 charon.cert_cache [yes]
230 Whether relations in validated certificate chains should be
231 cached in memory.
232 charon.check_current_path [no]
235 By default, after detecting any changes to interfaces and/or ad‐
236 dresses no action is taken if the current path to the remote
237 peer still looks usable. Enabling this option will use DPD to
238 check if the path actually still works, or, for instance, the
239 peer removed the state after a longer phase without connectiv‐
240 ity. It will also trigger a MOBIKE update if NAT mappings were
241 removed during the downtime.
242 charon.cisco_flexvpn [no]
245 Send the Cisco FlexVPN vendor ID payload, which is required in
246 order to make Cisco brand devices allow negotiating a local
247 traffic selector (from strongSwan's point of view) that is not
248 the assigned virtual IP address if such an address is requested
249 by strongSwan. Sending the Cisco FlexVPN vendor ID prevents
250 the peer from narrowing the initiator's local traffic selector
251 and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0
252 instead. This has been tested with a "tunnel mode ipsec ipv4"
253 Cisco template but should also work for GRE encapsulation.
254 charon.cisco_unity [no]
257 Send Cisco Unity vendor ID payload (IKEv1 only).
258 charon.close_ike_on_child_failure [no]
261 Close the IKE_SA if setup of the CHILD_SA along with IKE_AUTH
262 failed.
263 charon.cookie_threshold [10]
266 Number of half-open IKE_SAs that activate the cookie mechanism.
267 charon.crypto_test.bench [no]
270 Benchmark crypto algorithms and order them by efficiency.
271 charon.crypto_test.bench_size [1024]
274 Buffer size used for crypto benchmark.
275 charon.crypto_test.bench_time [50]
278 Time in ms during which crypto algorithm performance is mea‐
279 sured.
280 charon.crypto_test.on_add [no]
283 Test crypto algorithms during registration (requires test vec‐
284 tors provided by the test-vectors plugin).
285 charon.crypto_test.on_create [no]
288 Test crypto algorithms on each crypto primitive instantiation.
289 charon.crypto_test.required [no]
292 Strictly require at least one test vector to enable an algo‐
293 rithm.
294 charon.crypto_test.rng_true [no]
297 Whether to test RNG with TRUE quality; requires a lot of en‐
298 tropy.
299 charon.delete_rekeyed [no]
302 Delete CHILD_SAs right after they got successfully rekeyed
303 (IKEv1 only). Reduces the number of stale CHILD_SAs in scenarios
304 with a lot of rekeyings. However, this might cause problems with
305 implementations that continue to use rekeyed SAs until they ex‐
306 pire.
307 charon.delete_rekeyed_delay [5]
310 Delay in seconds until inbound IPsec SAs are deleted after
311 rekeyings (IKEv2 only). To process delayed packets the inbound
312 part of a CHILD_SA is kept installed up to the configured number
313 of seconds after it got replaced during a rekeying. If set to 0
314 the CHILD_SA will be kept installed until it expires (if no
315 lifetime is set it will be destroyed immediately).
316 charon.dh_exponent_ansi_x9_42 [yes]
319 Use ANSI X9.42 DH exponent size or optimum size matched to cryp‐
320 tographic strength.
321 charon.dlopen_use_rtld_now [no]
324 Use RTLD_NOW with dlopen when loading plugins and IMV/IMCs to
325 reveal missing symbols immediately.
326 charon.dns1 []
329 DNS server assigned to peer via configuration payload (CP).
330 charon.dns2 []
333 DNS server assigned to peer via configuration payload (CP).
334 charon.dos_protection [yes]
337 Enable Denial of Service protection using cookies and aggres‐
338 siveness checks.
339 charon.filelog
342 Section to define file loggers, see LOGGER CONFIGURATION in
343 strongswan.conf(5).
344 charon.filelog.<name>
348 <name> may be the full path to the log file if it only contains
349 characters permitted in section names. Is ignored if path is
350 specified.
351 charon.filelog.<name>.<subsystem> [<default>]
354 Loglevel for a specific subsystem.
355 charon.filelog.<name>.append [yes]
358 If this option is enabled log entries are appended to the exist‐
359 ing file.
360 charon.filelog.<name>.default [1]
363 Specifies the default loglevel to be used for subsystems for
364 which no specific loglevel is defined.
365 charon.filelog.<name>.flush_line [no]
368 Enabling this option disables block buffering and enables line
369 buffering.
370 charon.filelog.<name>.ike_name [no]
373 Prefix each log entry with the connection name and a unique nu‐
374 merical identifier for each IKE_SA.
375 charon.filelog.<name>.log_level [no]
378 Add the log level of each message after the subsystem (e.g.
379 [IKE2]).
380 charon.filelog.<name>.path []
383 Optional path to the log file. Overrides the section name. Must
384 be used if the path contains characters that aren't allowed in
385 section names.
386 charon.filelog.<name>.time_add_ms [no]
389 Adds the milliseconds within the current second after the time‐
390 stamp (separated by a dot, so time_format should end with %S or
391 %T).
392 charon.filelog.<name>.time_format []
395 Prefix each log entry with a timestamp. The option accepts a
396 format string as passed to strftime(3).
397 charon.flush_auth_cfg [no]
401 If enabled objects used during authentication (certificates,
402 identities etc.) are released to free memory once an IKE_SA is
403 established. Enabling this might conflict with plugins that
404 later need access to e.g. the used certificates.
405 charon.follow_redirects [yes]
408 Whether to follow IKEv2 redirects (RFC 5685).
409 charon.force_eap_only_authentication [no]
412 Violate RFC 5998 and use EAP-only authentication even if the
413 peer did not send an EAP_ONLY_AUTHENTICATION notify during
414 IKE_AUTH.
415 charon.fragment_size [1280]
418 Maximum size (complete IP datagram size in bytes) of a sent IKE
419 fragment when using proprietary IKEv1 or standardized IKEv2
420 fragmentation, defaults to 1280 (use 0 for address family spe‐
421 cific default values, which uses a lower value for IPv4). If
422 specified this limit is used for both IPv4 and IPv6.
423 charon.group []
426 Name of the group the daemon changes to after startup.
427 charon.half_open_timeout [30]
430 Timeout in seconds for connecting IKE_SAs (also see IKE_SA_INIT
431 DROPPING).
432 charon.hash_and_url [no]
435 Enable hash and URL support.
436 charon.host_resolver.max_threads [3]
439 Maximum number of concurrent resolver threads (they are termi‐
440 nated if unused).
441 charon.host_resolver.min_threads [0]
444 Minimum number of resolver threads to keep around.
445 charon.i_dont_care_about_security_and_use_aggressive_mode_psk [no]
448 If enabled responders are allowed to use IKEv1 Aggressive Mode
449 with pre-shared keys, which is discouraged due to security con‐
450 cerns (offline attacks on the openly transmitted hash of the
451 PSK).
452 charon.ignore_acquire_ts [no]
455 If this is disabled the traffic selectors from the kernel's ac‐
456 quire events, which are derived from the triggering packet, are
457 prepended to the traffic selectors from the configuration for
458 IKEv2 connection. By enabling this, such specific traffic selec‐
459 tors will be ignored and only the ones in the config will be
460 sent. This always happens for IKEv1 connections as the protocol
461 only supports one set of traffic selectors per CHILD_SA.
462 charon.ignore_routing_tables []
465 A space-separated list of routing tables to be excluded from
466 route lookups.
467 charon.ikesa_limit [0]
470 Maximum number of IKE_SAs that can be established at the same
471 time before new connection attempts are blocked.
472 charon.ikesa_table_segments [1]
475 Number of exclusively locked segments in the hash table.
476 charon.ikesa_table_size [1]
479 Size of the IKE_SA hash table.
480 charon.imcv
483 Defaults for options in this section can be configured in the
484 libimcv section.
485 charon.imcv.assessment_result [yes]
488 Whether IMVs send a standard IETF Assessment Result attribute.
489 charon.imcv.database []
492 Global IMV policy database URI. If it contains a password, make
493 sure to adjust the permissions of the config file accordingly.
494 charon.imcv.os_info.default_password_enabled [no]
497 Manually set whether a default password is enabled
498 charon.imcv.os_info.name []
501 Manually set the name of the client OS (e.g. Ubuntu).
502 charon.imcv.os_info.version []
505 Manually set the version of the client OS (e.g. 12.04 i686).
506 charon.imcv.policy_script [ipsec _imv_policy]
509 Script called for each TNC connection to generate IMV policies.
510 charon.inactivity_close_ike [no]
513 Whether to close IKE_SA if the only CHILD_SA closed due to inac‐
514 tivity.
515 charon.init_limit_half_open [0]
518 Limit new connections based on the current number of half open
519 IKE_SAs, see IKE_SA_INIT DROPPING in strongswan.conf(5).
520 charon.init_limit_job_load [0]
524 Limit new connections based on the number of jobs currently
525 queued for processing (see IKE_SA_INIT DROPPING).
526 charon.initiator_only [no]
529 Causes charon daemon to ignore IKE initiation requests.
530 charon.install_routes [yes]
533 Install routes into a separate routing table for established
534 IPsec tunnels.
535 charon.install_virtual_ip [yes]
538 Install virtual IP addresses.
539 charon.install_virtual_ip_on []
542 The name of the interface on which virtual IP addresses should
543 be installed. If not specified the addresses will be installed
544 on the outbound interface.
545 charon.integrity_test [no]
548 Check daemon, libstrongswan and plugin integrity at startup.
549 charon.interfaces_ignore []
552 A comma-separated list of network interfaces that should be ig‐
553 nored, if interfaces_use is specified this option has no effect.
554 charon.interfaces_use []
557 A comma-separated list of network interfaces that should be used
558 by charon. All other interfaces are ignored.
559 charon.keep_alive [20s]
562 NAT keep alive interval.
563 charon.keep_alive_dpd_margin [0s]
566 Number of seconds the keep alive interval may be exceeded before
567 a DPD is sent instead of a NAT keep alive (0 to disable). This
568 is only useful if a clock is used that includes time spent sus‐
569 pended (e.g. CLOCK_BOOTTIME).
570 charon.leak_detective.detailed [yes]
573 Includes source file names and line numbers in leak detective
574 output.
575 charon.leak_detective.usage_threshold [10240]
578 Threshold in bytes for leaks to be reported (0 to report all).
579 charon.leak_detective.usage_threshold_count [0]
582 Threshold in number of allocations for leaks to be reported (0
583 to report all).
584 charon.load []
587 Plugins to load in the IKE daemon charon.
588 charon.load_modular [no]
591 If enabled, the list of plugins to load is determined via the
592 value of the charon.plugins.<name>.load options. In addition to
593 a simple boolean flag that option may take an integer value in‐
594 dicating the priority of a plugin, which would influence the or‐
595 der of a plugin in the plugin list (the default is 1). If two
596 plugins have the same priority their order in the default plugin
597 list is preserved. Enabled plugins not found in that list are
598 ordered alphabetically before other plugins with the same prior‐
599 ity.
600 charon.make_before_break [no]
603 Initiate IKEv2 reauthentication with a make-before-break instead
604 of a break-before-make scheme. Make-before-break uses overlap‐
605 ping IKE and CHILD_SA during reauthentication by first recreat‐
606 ing all new SAs before deleting the old ones. This behavior can
607 be beneficial to avoid connectivity gaps during reauthentica‐
608 tion, but requires support for overlapping SAs by the peer.
609 strongSwan can handle such overlapping SAs since version 5.3.0.
610 charon.max_ikev1_exchanges [3]
613 Maximum number of IKEv1 phase 2 exchanges per IKE_SA to keep
614 state about and track concurrently.
615 charon.max_packet [10000]
618 Maximum packet size accepted by charon.
619 charon.multiple_authentication [yes]
622 Enable multiple authentication exchanges (RFC 4739).
623 charon.nbns1 []
626 WINS servers assigned to peer via configuration payload (CP).
627 charon.nbns2 []
630 WINS servers assigned to peer via configuration payload (CP).
631 charon.plugin.ha.buflen [2048]
634 Buffer size for received HA messages. For IKEv1 the public DH
635 factors are also transmitted so depending on the DH group the HA
636 messages can get quite big (the default should be fine up to
637 modp4096).
638 charon.plugins.addrblock.strict [yes]
642 If set to yes, a subject certificate without an addrblock exten‐
643 sion is rejected if the issuer certificate has such an addrblock
644 extension. If set to no, subject certificates issued without the
645 addrblock extension are accepted without any traffic selector
646 checks and no policy is enforced by the plugin.
647 charon.plugins.android_log.loglevel [1]
650 Loglevel for logging to Android specific logger.
651 charon.plugins.attr
654 Section to specify arbitrary attributes that are assigned to a
655 peer via configuration payload (CP).
656 charon.plugins.attr.<attr> []
659 <attr> can be either address, netmask, dns, nbns, dhcp, subnet,
660 split-include, split-exclude or the numeric identifier of the
661 attribute type. The assigned value can be an IPv4/IPv6 address,
662 a subnet in CIDR notation or an arbitrary value depending on the
663 attribute type. For some attribute types multiple values may be
664 specified as a comma separated list.
665 charon.plugins.attr-sql.crash_recovery [yes]
668 Release all online leases during startup. Disable this to share
669 the DB between multiple VPN gateways.
670 charon.plugins.attr-sql.database []
673 Database URI for attr-sql plugin used by charon. If it contains
674 a password, make sure to adjust the permissions of the config
675 file accordingly.
676 charon.plugins.attr-sql.lease_history [yes]
679 Enable logging of SQL IP pool leases.
680 charon.plugins.bliss.use_bliss_b [yes]
683 Use the enhanced BLISS-B key generation and signature algorithm.
684 charon.plugins.botan.internal_rng_only [no]
687 If enabled, only Botan's internal RNG will be used throughout
688 the plugin. Otherwise, and if supported by Botan, rng_t imple‐
689 mentations provided by other loaded plugins will be used as RNG.
690 charon.plugins.bypass-lan.interfaces_ignore []
693 A comma-separated list of network interfaces for which connected
694 subnets should be ignored, if interfaces_use is specified this
695 option has no effect.
696 charon.plugins.bypass-lan.interfaces_use []
699 A comma-separated list of network interfaces for which connected
700 subnets should be considered. All other interfaces are ignored.
701 charon.plugins.bypass-lan.load [no]
704 charon.plugins.certexpire.csv.cron []
706 Cron style string specifying CSV export times.
707 charon.plugins.certexpire.csv.empty_string []
710 String to use in empty intermediate CA fields.
711 charon.plugins.certexpire.csv.fixed_fields [yes]
714 Use a fixed intermediate CA field count.
715 charon.plugins.certexpire.csv.force [yes]
718 Force export of all trustchains we have a private key for.
719 charon.plugins.certexpire.csv.format [%d:%m:%Y]
722 strftime(3) format string to export expiration dates as.
723 charon.plugins.certexpire.csv.local []
726 strftime(3) format string for the CSV file name to export local
727 certificates to.
728 charon.plugins.certexpire.csv.remote []
731 strftime(3) format string for the CSV file name to export remote
732 certificates to.
733 charon.plugins.certexpire.csv.separator [,]
736 CSV field separator.
737 charon.plugins.coupling.file []
740 File to store coupling list to.
741 charon.plugins.coupling.hash [sha1]
744 Hashing algorithm to fingerprint coupled certificates.
745 charon.plugins.coupling.max [1]
748 Maximum number of coupling entries to create.
749 charon.plugins.curl.redir [-1]
752 Maximum number of redirects followed by the plugin, set to 0 to
753 disable following redirects, set to -1 for no limit.
754 charon.plugins.dhcp.force_server_address [no]
757 Always use the configured server address. This might be helpful
758 if the DHCP server runs on the same host as strongSwan, and the
759 DHCP daemon does not listen on the loopback interface. In that
760 case the server cannot be reached via unicast (or even
761 255.255.255.255) as that would be routed via loopback. Setting
762 this option to yes and configuring the local broadcast address
763 (e.g. 192.168.0.255) as server address might work.
764 charon.plugins.dhcp.identity_lease [no]
767 Derive user-defined MAC address from hash of IKE identity and
768 send client identity DHCP option.
769 charon.plugins.dhcp.interface []
772 Interface name the plugin uses for address allocation. The de‐
773 fault is to bind to any (0.0.0.0) and let the system decide
774 which way to route the packets to the DHCP server.
775 charon.plugins.dhcp.server [255.255.255.255]
778 DHCP server unicast or broadcast IP address.
779 charon.plugins.dhcp.use_server_port [no]
782 Use the DHCP server port (67) as source port, instead of the
783 DHCP client port (68), when a unicast server address is config‐
784 ured and the plugin acts as relay agent. When replying in this
785 mode the DHCP server will always send packets to the DHCP server
786 port and if no process binds that port an ICMP port unreachables
787 will be sent back, which might be problematic for some DHCP
788 servers. To avoid that, enabling this option will cause the
789 plugin to bind the DHCP server port to send its requests when
790 acting as relay agent. This is not necessary if a DHCP server is
791 already running on the same host and might even cause conflicts
792 (and since the server port is already bound, ICMPs should not be
793 an issue).
794 charon.plugins.dnscert.enable [no]
797 Enable fetching of CERT RRs via DNS.
798 charon.plugins.drbg.max_drbg_requests [4294967294]
801 Number of pseudo-random bit requests from the DRBG before an au‐
802 tomatic reseeding occurs.
803 charon.plugins.duplicheck.enable [yes]
806 Enable duplicheck plugin (if loaded).
807 charon.plugins.duplicheck.socket [unix://${piddir}/charon.dck]
810 Socket provided by the duplicheck plugin.
811 charon.plugins.eap-aka.request_identity [yes]
814 charon.plugins.eap-aka-3gpp.seq_check []
816 Enable to activate sequence check of the AKA SQN values in order
817 to trigger resync cycles.
818 charon.plugins.eap-aka-3gpp2.seq_check []
821 Enable to activate sequence check of the AKA SQN values in order
822 to trigger resync cycles.
823 charon.plugins.eap-dynamic.prefer_user [no]
826 If enabled the EAP methods proposed in an EAP-Nak message sent
827 by the peer are preferred over the methods registered locally.
828 charon.plugins.eap-dynamic.preferred []
831 The preferred EAP method(s) to be used. If it is not given the
832 first registered method will be used initially. If a comma sep‐
833 arated list is given the methods are tried in the given order
834 before trying the rest of the registered methods.
835 charon.plugins.eap-gtc.backend [pam]
838 XAuth backend to be used for credential verification.
839 charon.plugins.eap-peap.fragment_size [1024]
842 Maximum size of an EAP-PEAP packet.
843 charon.plugins.eap-peap.include_length [no]
846 Include length in non-fragmented EAP-PEAP packets.
847 charon.plugins.eap-peap.max_message_count [32]
850 Maximum number of processed EAP-PEAP packets (0 = no limit).
851 charon.plugins.eap-peap.phase2_method [mschapv2]
854 Phase2 EAP client authentication method.
855 charon.plugins.eap-peap.phase2_piggyback [no]
858 Phase2 EAP Identity request piggybacked by server onto TLS Fin‐
859 ished message.
860 charon.plugins.eap-peap.phase2_tnc [no]
863 Start phase2 EAP TNC protocol after successful client authenti‐
864 cation.
865 charon.plugins.eap-peap.request_peer_auth [no]
868 Request peer authentication based on a client certificate.
869 charon.plugins.eap-radius.accounting [no]
872 Send RADIUS accounting information to RADIUS servers.
873 charon.plugins.eap-radius.accounting_close_on_timeout [yes]
876 Close the IKE_SA if there is a timeout during interim RADIUS ac‐
877 counting updates.
878 charon.plugins.eap-radius.accounting_interval [0]
881 Interval in seconds for interim RADIUS accounting updates, if
882 not specified by the RADIUS server in the Access-Accept message.
883 charon.plugins.eap-radius.accounting_requires_vip [no]
886 If enabled, accounting is disabled unless an IKE_SA has at least
887 one virtual IP. Only for IKEv2, for IKEv1 a virtual IP is
888 strictly necessary.
889 charon.plugins.eap-radius.accounting_send_class [no]
892 If enabled, adds the Class attributes received in Access-Accept
893 message to the RADIUS accounting messages.
894 charon.plugins.eap-radius.class_group [no]
897 Use the class attribute sent in the RADIUS-Accept message as
898 group membership information that is compared to the groups
899 specified in the rightgroups option in ipsec.conf(5).
900 charon.plugins.eap-radius.close_all_on_timeout [no]
904 Closes all IKE_SAs if communication with the RADIUS server times
905 out. If it is not set only the current IKE_SA is closed.
906 charon.plugins.eap-radius.dae.enable [no]
909 Enables support for the Dynamic Authorization Extension (RFC
910 5176).
911 charon.plugins.eap-radius.dae.listen [0.0.0.0]
914 Address to listen for DAE messages from the RADIUS server.
915 charon.plugins.eap-radius.dae.port [3799]
918 Port to listen for DAE requests.
919 charon.plugins.eap-radius.dae.secret []
922 Shared secret used to verify/sign DAE messages. If set, make
923 sure to adjust the permissions of the config file accordingly.
924 charon.plugins.eap-radius.eap_start [no]
927 Send EAP-Start instead of EAP-Identity to start RADIUS conversa‐
928 tion.
929 charon.plugins.eap-radius.filter_id [no]
932 If the RADIUS tunnel_type attribute with value ESP is received,
933 use the filter_id attribute sent in the RADIUS-Accept message as
934 group membership information that is compared to the groups
935 specified in the rightgroups option in ipsec.conf(5).
936 charon.plugins.eap-radius.forward.ike_to_radius []
940 RADIUS attributes to be forwarded from IKEv2 to RADIUS (can be
941 defined by name or attribute number, a colon can be used to
942 specify vendor-specific attributes, e.g. Reply-Message, or 11,
943 or 36906:12).
944 charon.plugins.eap-radius.forward.radius_to_ike []
947 Same as charon.plugins.eap-radius.forward.ike_to_radius but from
948 RADIUS to IKEv2, a strongSwan specific private notify (40969) is
949 used to transmit the attributes.
950 charon.plugins.eap-radius.id_prefix []
953 Prefix to EAP-Identity, some AAA servers use a IMSI prefix to
954 select the EAP method.
955 charon.plugins.eap-radius.nas_identifier [strongSwan]
958 NAS-Identifier to include in RADIUS messages.
959 charon.plugins.eap-radius.port [1812]
962 Port of RADIUS server (authentication).
963 charon.plugins.eap-radius.retransmit_base [1.4]
966 Base to use for calculating exponential back off.
967 charon.plugins.eap-radius.retransmit_timeout [2.0]
970 Timeout in seconds before sending first retransmit.
971 charon.plugins.eap-radius.retransmit_tries [4]
974 Number of times to retransmit a packet before giving up.
975 charon.plugins.eap-radius.secret []
978 Shared secret between RADIUS and NAS. If set, make sure to ad‐
979 just the permissions of the config file accordingly.
980 charon.plugins.eap-radius.server []
983 IP/Hostname of RADIUS server.
984 charon.plugins.eap-radius.servers
987 Section to specify multiple RADIUS servers. The nas_identifier,
988 secret, sockets and port (or auth_port) options can be specified
989 for each server. A server's IP/Hostname can be configured using
990 the address option. The acct_port [1813] option can be used to
991 specify the port used for RADIUS accounting. For each RADIUS
992 server a priority can be specified using the preference [0] op‐
993 tion. The retransmission time for each server can set set using
994 retransmit_base, retransmit_timeout and retransmit_tries.
995 charon.plugins.eap-radius.sockets [1]
999 Number of sockets (ports) to use, increase for high load.
1000 charon.plugins.eap-radius.station_id_with_port [yes]
1003 Whether to include the UDP port in the Called- and Calling-Sta‐
1004 tion-Id RADIUS attributes.
1005 charon.plugins.eap-radius.xauth
1008 Section to configure multiple XAuth authentication rounds via
1009 RADIUS. The subsections define so called authentication profiles
1010 with arbitrary names. In each profile section one or more XAuth
1011 types can be configured, with an assigned message. For each type
1012 a separate XAuth exchange will be initiated and all replies get
1013 concatenated into the User-Password attribute, which then gets
1014 verified over RADIUS.
1015 Available XAuth types are password, passcode, nextpin, and an‐
1017 swer. This type is not relevant to strongSwan or the AAA
1018 server, but the client may show a different dialog (along with
1019 the configured message).
1020 To use the configured profiles, they have to be configured in
1022 the respective connection in ipsec.conf(5) by appending the pro‐
1023 file name, separated by a colon, to the xauth-radius XAauth
1024 backend configuration in rightauth or rightauth2, for instance,
1025 rightauth2=xauth-radius:profile.
1026 charon.plugins.eap-sim.request_identity [yes]
1030 charon.plugins.eap-simaka-sql.database []
1032 charon.plugins.eap-simaka-sql.remove_used [no]
1034 charon.plugins.eap-tls.fragment_size [1024]
1036 Maximum size of an EAP-TLS packet.
1037 charon.plugins.eap-tls.include_length [yes]
1040 Include length in non-fragmented EAP-TLS packets.
1041 charon.plugins.eap-tls.max_message_count [32]
1044 Maximum number of processed EAP-TLS packets (0 = no limit).
1045 charon.plugins.eap-tnc.max_message_count [10]
1048 Maximum number of processed EAP-TNC packets (0 = no limit).
1049 charon.plugins.eap-tnc.protocol [tnccs-2.0]
1052 IF-TNCCS protocol version to be used (tnccs-1.1, tnccs-2.0,
1053 tnccs-dynamic).
1054 charon.plugins.eap-ttls.fragment_size [1024]
1058 Maximum size of an EAP-TTLS packet.
1059 charon.plugins.eap-ttls.include_length [yes]
1062 Include length in non-fragmented EAP-TTLS packets.
1063 charon.plugins.eap-ttls.max_message_count [32]
1066 Maximum number of processed EAP-TTLS packets (0 = no limit).
1067 charon.plugins.eap-ttls.phase2_method [md5]
1070 Phase2 EAP client authentication method.
1071 charon.plugins.eap-ttls.phase2_piggyback [no]
1074 Phase2 EAP Identity request piggybacked by server onto TLS Fin‐
1075 ished message.
1076 charon.plugins.eap-ttls.phase2_tnc [no]
1079 Start phase2 EAP TNC protocol after successful client authenti‐
1080 cation.
1081 charon.plugins.eap-ttls.phase2_tnc_method [pt]
1084 Phase2 EAP TNC transport protocol (pt as IETF standard or legacy
1085 tnc)
1086 charon.plugins.eap-ttls.request_peer_auth [no]
1090 Request peer authentication based on a client certificate.
1091 charon.plugins.error-notify.socket [unix://${piddir}/charon.enfy]
1094 Socket provided by the error-notify plugin.
1095 charon.plugins.ext-auth.script []
1098 Command to pass to the system shell for peer authorization. Au‐
1099 thorization is considered successful if the command executes
1100 normally with an exit code of zero. For all other exit codes
1101 IKE_SA authorization is rejected.
1102 The following environment variables get passed to the script:
1104 IKE_UNIQUE_ID: The IKE_SA numerical unique identifier.
1105 IKE_NAME: The peer configuration connection name. IKE_LO‐
1106 CAL_HOST: Local IKE IP address. IKE_REMOTE_HOST: Remote IKE IP
1107 address. IKE_LOCAL_ID: Local IKE identity. IKE_REMOTE_ID: Re‐
1108 mote IKE identity. IKE_REMOTE_EAP_ID: Remote EAP or XAuth iden‐
1109 tity, if used.
1110 charon.plugins.forecast.groups
1113 [224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250]
1114 Comma separated list of multicast groups to join locally. The
1115 local host receives and forwards packets in the local LAN for
1116 joined multicast groups only. Packets matching the list of mul‐
1117 ticast groups get forwarded to connected clients. The default
1118 group includes host multicasts, IGMP, mDNS, LLMNR and
1119 SSDP/WS-Discovery, and is usually a good choice for Windows
1120 clients.
1121 charon.plugins.forecast.interface []
1124 Name of the local interface to listen for broadcasts messages to
1125 forward. If no interface is configured, the first usable inter‐
1126 face is used, which is usually just fine for single-homed hosts.
1127 If your host has multiple interfaces, set this option to the lo‐
1128 cal LAN interface you want to forward broadcasts from/to.
1129 charon.plugins.forecast.reinject []
1132 Comma separated list of CHILD_SA configuration names for which
1133 to perform multi/broadcast reinjection. For clients connecting
1134 over such a configuration, any multi/broadcast received over the
1135 tunnel gets reinjected to all active tunnels. This makes the
1136 broadcasts visible to other peers, and for examples allows
1137 clients to see others shares. If disabled, multi/broadcast mes‐
1138 sages received over a tunnel are injected to the local network
1139 only, but not to other IPsec clients.
1140 charon.plugins.gcrypt.quick_random [no]
1143 Use faster random numbers in gcrypt; for testing only, produces
1144 weak keys!
1145 charon.plugins.ha.autobalance [0]
1148 Interval in seconds to automatically balance handled segments
1149 between nodes. Set to 0 to disable.
1150 charon.plugins.ha.fifo_interface [yes]
1153 charon.plugins.ha.heartbeat_delay [1000]
1155 charon.plugins.ha.heartbeat_timeout [2100]
1157 charon.plugins.ha.local []
1159 charon.plugins.ha.monitor [yes]
1161 charon.plugins.ha.pools []
1163 charon.plugins.ha.remote []
1165 charon.plugins.ha.resync [yes]
1167 charon.plugins.ha.secret []
1169 charon.plugins.ha.segment_count [1]
1171 charon.plugins.ipseckey.enable [no]
1173 Enable fetching of IPSECKEY RRs via DNS.
1174 charon.plugins.kernel-libipsec.allow_peer_ts [no]
1177 Allow that the remote traffic selector equals the IKE peer. The
1178 route installed for such traffic (via TUN device) usually pre‐
1179 vents further IKE traffic. The fwmark options for the ker‐
1180 nel-netlink and socket-default plugins can be used to circumvent
1181 that problem.
1182 charon.plugins.kernel-netlink.buflen [<min(PAGE_SIZE, 8192)>]
1185 Buffer size for received Netlink messages.
1186 charon.plugins.kernel-netlink.force_receive_buffer_size [no]
1189 If the maximum Netlink socket receive buffer in bytes set by re‐
1190 ceive_buffer_size exceeds the system-wide maximum from
1191 /proc/sys/net/core/rmem_max, this option can be used to override
1192 the limit. Enabling this option requires special privileges
1193 (CAP_NET_ADMIN).
1194 charon.plugins.kernel-netlink.fwmark []
1197 Firewall mark to set on the routing rule that directs traffic to
1198 our routing table. The format is [!]mark[/mask], where the op‐
1199 tional exclamation mark inverts the meaning (i.e. the rule only
1200 applies to packets that don't match the mark).
1201 charon.plugins.kernel-netlink.hw_offload_feature_interface [lo]
1204 If the kernel supports hardware offloading, the plugin needs to
1205 find the feature flag which represents hardware offloading sup‐
1206 port for network devices. Using the loopback device for this
1207 purpose is usually fine, since it should always be present. For
1208 rare cases in which the loopback device cannot be used to obtain
1209 the appropriate feature flag, this option can be used to specify
1210 an alternative interface for offload feature detection.
1211 charon.plugins.kernel-netlink.ignore_retransmit_errors [no]
1214 Whether to ignore errors potentially resulting from a retrans‐
1215 mission.
1216 charon.plugins.kernel-netlink.mss [0]
1219 MSS to set on installed routes, 0 to disable.
1220 charon.plugins.kernel-netlink.mtu [0]
1223 MTU to set on installed routes, 0 to disable.
1224 charon.plugins.kernel-netlink.parallel_route [no]
1227 Whether to perform concurrent Netlink ROUTE queries on a single
1228 socket. While parallel queries can improve throughput, it has
1229 more overhead. On vanilla Linux, DUMP queries fail with EBUSY
1230 and must be retried, further decreasing performance.
1231 charon.plugins.kernel-netlink.parallel_xfrm [no]
1234 Whether to perform concurrent Netlink XFRM queries on a single
1235 socket.
1236 charon.plugins.kernel-netlink.policy_update [no]
1239 Whether to always use XFRM_MSG_UPDPOLICY to install policies.
1240 charon.plugins.kernel-netlink.port_bypass [no]
1243 Whether to use port or socket based IKE XFRM bypass policies.
1244 IKE bypass policies are used to exempt IKE traffic from XFRM
1245 processing. The default socket based policies are directly tied
1246 to the IKE UDP sockets, port based policies use global XFRM by‐
1247 pass policies for the used IKE UDP ports.
1248 charon.plugins.kernel-netlink.process_rules [no]
1251 Whether to process changes in routing rules to trigger roam
1252 events. This is currently only useful if the kernel based route
1253 lookup is used (i.e. if route installation is disabled or an in‐
1254 verted fwmark match is configured).
1255 charon.plugins.kernel-netlink.receive_buffer_size [0]
1258 Maximum Netlink socket receive buffer in bytes. This value con‐
1259 trols how many bytes of Netlink messages can be received on a
1260 Netlink socket. The default value is set by
1261 /proc/sys/net/core/rmem_default. The specified value cannot ex‐
1262 ceed the system-wide maximum from /proc/sys/net/core/rmem_max,
1263 unless force_receive_buffer_size is enabled.
1264 charon.plugins.kernel-netlink.retries [0]
1267 Number of Netlink message retransmissions to send on timeout.
1268 charon.plugins.kernel-netlink.roam_events [yes]
1271 Whether to trigger roam events when interfaces, addresses or
1272 routes change.
1273 charon.plugins.kernel-netlink.set_proto_port_transport_sa [no]
1276 Whether to set protocol and ports in the selector installed on
1277 transport mode IPsec SAs in the kernel. While doing so enforces
1278 policies for inbound traffic, it also prevents the use of a sin‐
1279 gle IPsec SA by more than one traffic selector.
1280 charon.plugins.kernel-netlink.spdh_thresh
1283 XFRM policy hashing threshold configuration for IPv4 and IPv6.
1284 The section defines hashing thresholds to configure in the ker‐
1286 nel during daemon startup. Each address family takes a threshold
1287 for the local subnet of an IPsec policy (src in out-policies,
1288 dst in in- and forward-policies) and the remote subnet (dst in
1289 out-policies, src in in- and forward-policies).
1290 If the subnet has more or equal net bits than the threshold, the
1292 first threshold bits are used to calculate a hash to lookup the
1293 policy.
1294 Policy hashing thresholds are not supported before Linux 3.18
1296 and might conflict with socket policies before Linux 4.8.
1297 charon.plugins.kernel-netlink.spdh_thresh.ipv4.lbits [32]
1300 Local subnet XFRM policy hashing threshold for IPv4.
1301 charon.plugins.kernel-netlink.spdh_thresh.ipv4.rbits [32]
1304 Remote subnet XFRM policy hashing threshold for IPv4.
1305 charon.plugins.kernel-netlink.spdh_thresh.ipv6.lbits [128]
1308 Local subnet XFRM policy hashing threshold for IPv6.
1309 charon.plugins.kernel-netlink.spdh_thresh.ipv6.rbits [128]
1312 Remote subnet XFRM policy hashing threshold for IPv6.
1313 charon.plugins.kernel-netlink.timeout [0]
1316 Netlink message retransmission timeout, 0 to disable retransmis‐
1317 sions.
1318 charon.plugins.kernel-netlink.xfrm_acq_expires [165]
1321 Lifetime of XFRM acquire state created by the kernel when traf‐
1322 fic matches a trap policy. The value gets written to
1323 /proc/sys/net/core/xfrm_acq_expires. Indirectly controls the
1324 delay between XFRM acquire messages triggered by the kernel for
1325 a trap policy. The same value is used as timeout for SPIs allo‐
1326 cated by the kernel. The default value equals the total re‐
1327 transmission timeout for IKE messages, see IKEv2 RETRANSMISSION
1328 in strongswan.conf(5).
1329 charon.plugins.kernel-pfkey.events_buffer_size [0]
1333 Size of the receive buffer for the event socket (0 for default
1334 size). Because events are received asynchronously installing
1335 e.g. lots of policies may require a larger buffer than the de‐
1336 fault on certain platforms in order to receive all messages.
1337 charon.plugins.kernel-pfkey.route_via_internal [no]
1340 Whether to use the internal or external interface in installed
1341 routes. The internal interface is the one where the IP address
1342 contained in the local traffic selector is located, the external
1343 interface is the one over which the destination address of the
1344 IPsec tunnel can be reached. This is not relevant if virtual IPs
1345 are used, for which a TUN device is created that's used in the
1346 routes.
1347 charon.plugins.kernel-pfroute.vip_wait [1000]
1350 Time in ms to wait until virtual IP addresses appear/disappear
1351 before failing.
1352 charon.plugins.led.activity_led []
1355 charon.plugins.led.blink_time [50]
1357 charon.plugins.load-tester
1359 Section to configure the load-tester plugin, see LOAD TESTS in
1360 strongswan.conf(5) for details.
1361 charon.plugins.load-tester.addrs
1364 Section that contains key/value pairs with address pools (in
1365 CIDR notation) to use for a specific network interface e.g. eth0
1366 = 10.10.0.0/16.
1367 charon.plugins.load-tester.addrs_keep [no]
1370 Whether to keep dynamic addresses even after the associated SA
1371 got terminated.
1372 charon.plugins.load-tester.addrs_prefix [16]
1375 Network prefix length to use when installing dynamic addresses.
1376 If set to -1 the full address is used (i.e. 32 or 128).
1377 charon.plugins.load-tester.ca_dir []
1380 Directory to load (intermediate) CA certificates from.
1381 charon.plugins.load-tester.child_rekey [600]
1384 Seconds to start CHILD_SA rekeying after setup.
1385 charon.plugins.load-tester.crl []
1388 URI to a CRL to include as certificate distribution point in
1389 generated certificates.
1390 charon.plugins.load-tester.delay [0]
1393 Delay between initiations for each thread.
1394 charon.plugins.load-tester.delete_after_established [no]
1397 Delete an IKE_SA as soon as it has been established.
1398 charon.plugins.load-tester.digest [sha1]
1401 Digest algorithm used when issuing certificates.
1402 charon.plugins.load-tester.dpd_delay [0]
1405 DPD delay to use in load test.
1406 charon.plugins.load-tester.dynamic_port [0]
1409 Base port to be used for requests (each client uses a different
1410 port).
1411 charon.plugins.load-tester.eap_password [default-pwd]
1414 EAP secret to use in load test.
1415 charon.plugins.load-tester.enable [no]
1418 Enable the load testing plugin. WARNING: Never enable this
1419 plugin on productive systems. It provides preconfigured creden‐
1420 tials and allows an attacker to authenticate as any user.
1421 charon.plugins.load-tester.esp [aes128-sha1]
1424 CHILD_SA proposal to use for load tests.
1425 charon.plugins.load-tester.fake_kernel [no]
1428 Fake the kernel interface to allow load-testing against self.
1429 charon.plugins.load-tester.ike_rekey [0]
1432 Seconds to start IKE_SA rekeying after setup.
1433 charon.plugins.load-tester.init_limit [0]
1436 Global limit of concurrently established SAs during load test.
1437 charon.plugins.load-tester.initiator [0.0.0.0]
1440 Address to initiate from.
1441 charon.plugins.load-tester.initiator_auth [pubkey]
1444 Authentication method(s) the initiator uses.
1445 charon.plugins.load-tester.initiator_id []
1448 Initiator ID used in load test.
1449 charon.plugins.load-tester.initiator_match []
1452 Initiator ID to match against as responder.
1453 charon.plugins.load-tester.initiator_tsi []
1456 Traffic selector on initiator side, as proposed by initiator.
1457 charon.plugins.load-tester.initiator_tsr []
1460 Traffic selector on responder side, as proposed by initiator.
1461 charon.plugins.load-tester.initiators [0]
1464 Number of concurrent initiator threads to use in load test.
1465 charon.plugins.load-tester.issuer_cert []
1468 Path to the issuer certificate (if not configured a hard-coded
1469 default value is used).
1470 charon.plugins.load-tester.issuer_key []
1473 Path to private key that is used to issue certificates (if not
1474 configured a hard-coded default value is used).
1475 charon.plugins.load-tester.iterations [1]
1478 Number of IKE_SAs to initiate by each initiator in load test.
1479 charon.plugins.load-tester.mode [tunnel]
1482 IPsec mode to use, one of tunnel, transport, or beet.
1483 charon.plugins.load-tester.pool []
1487 Provide INTERNAL_IPV4_ADDRs from a named pool.
1488 charon.plugins.load-tester.preshared_key [<default-psk>]
1491 Preshared key to use in load test.
1492 charon.plugins.load-tester.proposal [aes128-sha1-modp768]
1495 IKE proposal to use in load test.
1496 charon.plugins.load-tester.request_virtual_ip [no]
1499 Request an INTERNAL_IPV4_ADDR and INTERNAL_IPV6_ADDR from the
1500 server.
1501 charon.plugins.load-tester.responder [127.0.0.1]
1504 Address to initiation connections to.
1505 charon.plugins.load-tester.responder_auth [pubkey]
1508 Authentication method(s) the responder uses.
1509 charon.plugins.load-tester.responder_id []
1512 Responder ID used in load test.
1513 charon.plugins.load-tester.responder_tsi [initiator_tsi]
1516 Traffic selector on initiator side, as narrowed by responder.
1517 charon.plugins.load-tester.responder_tsr [initiator_tsr]
1520 Traffic selector on responder side, as narrowed by responder.
1521 charon.plugins.load-tester.shutdown_when_complete [no]
1524 Shutdown the daemon after all IKE_SAs have been established.
1525 charon.plugins.load-tester.socket [unix://${piddir}/charon.ldt]
1528 Socket provided by the load-tester plugin.
1529 charon.plugins.load-tester.version [0]
1532 IKE version to use (0 means use IKEv2 as initiator and accept
1533 any version as responder).
1534 charon.plugins.lookip.socket [unix://${piddir}/charon.lkp]
1537 Socket provided by the lookip plugin.
1538 charon.plugins.ntru.parameter_set [optimum]
1541 The following parameter sets are available: x9_98_speed,
1542 x9_98_bandwidth, x9_98_balance and optimum, the last set not be‐
1543 ing part of the X9.98 standard but having the best performance.
1544 charon.plugins.openssl.engine_id [pkcs11]
1547 ENGINE ID to use in the OpenSSL plugin.
1548 charon.plugins.openssl.fips_mode [0]
1551 Set OpenSSL FIPS mode: disabled(0), enabled(1), Suite B en‐
1552 abled(2).
1553 charon.plugins.osx-attr.append [yes]
1556 Whether DNS servers are appended to existing entries, instead of
1557 replacing them.
1558 charon.plugins.p-cscf.enable
1561 Section to enable requesting P-CSCF server addresses for indi‐
1562 vidual connections.
1563 charon.plugins.p-cscf.enable.<conn> [no]
1566 <conn> is the name of a connection with an ePDG from which to
1567 request P-CSCF server addresses. Requests will be sent for ad‐
1568 dresses of the same families for which internal IPs are re‐
1569 quested.
1570 charon.plugins.pkcs11.modules
1573 List of available PKCS#11 modules.
1574 charon.plugins.pkcs11.modules.<name>.load_certs [yes]
1577 Whether to automatically load certificates from tokens.
1578 charon.plugins.pkcs11.modules.<name>.os_locking [no]
1581 Whether OS locking should be enabled for this module.
1582 charon.plugins.pkcs11.modules.<name>.path []
1585 Full path to the shared object file of this PKCS#11 module.
1586 charon.plugins.pkcs11.reload_certs [no]
1589 Reload certificates from all tokens if charon receives a SIGHUP.
1590 charon.plugins.pkcs11.use_dh [no]
1593 Whether the PKCS#11 modules should be used for DH and ECDH (see
1594 use_ecc option).
1595 charon.plugins.pkcs11.use_ecc [no]
1598 Whether the PKCS#11 modules should be used for ECDH and ECDSA
1599 public key operations. ECDSA private keys can be used regardless
1600 of this option.
1601 charon.plugins.pkcs11.use_hasher [no]
1604 Whether the PKCS#11 modules should be used to hash data.
1605 charon.plugins.pkcs11.use_pubkey [no]
1608 Whether the PKCS#11 modules should be used for public key opera‐
1609 tions, even for keys not stored on tokens.
1610 charon.plugins.pkcs11.use_rng [no]
1613 Whether the PKCS#11 modules should be used as RNG.
1614 charon.plugins.radattr.dir []
1617 Directory where RADIUS attributes are stored in client-ID spe‐
1618 cific files.
1619 charon.plugins.radattr.message_id [-1]
1622 Attributes are added to all IKE_AUTH messages by default (-1),
1623 or only to the IKE_AUTH message with the given IKEv2 message ID.
1624 charon.plugins.random.random [${random_device}]
1627 File to read random bytes from.
1628 charon.plugins.random.strong_equals_true [no]
1631 If set to yes the RNG_STRONG class reads random bytes from the
1632 same source as the RNG_TRUE class.
1633 charon.plugins.random.urandom [${urandom_device}]
1636 File to read pseudo random bytes from.
1637 charon.plugins.resolve.file [/etc/resolv.conf]
1640 File where to add DNS server entries.
1641 charon.plugins.resolve.resolvconf.iface_prefix [lo.inet.ipsec.]
1644 Prefix used for interface names sent to resolvconf(8). The
1645 nameserver address is appended to this prefix to make it unique.
1646 The result has to be a valid interface name according to the
1647 rules defined by resolvconf. Also, it should have a high prior‐
1648 ity according to the order defined in interface-order(5).
1649 charon.plugins.revocation.enable_crl [yes]
1653 Whether CRL validation should be enabled.
1654 charon.plugins.revocation.enable_ocsp [yes]
1657 Whether OCSP validation should be enabled.
1658 charon.plugins.save-keys.esp [no]
1661 Whether to save ESP keys.
1662 charon.plugins.save-keys.ike [no]
1665 Whether to save IKE keys.
1666 charon.plugins.save-keys.load [no]
1669 Whether to load the plugin.
1670 charon.plugins.save-keys.wireshark_keys []
1673 Directory where the keys are stored in the format supported by
1674 Wireshark. IKEv1 keys are stored in the ikev1_decryption_table
1675 file. IKEv2 keys are stored in the ikev2_decryption_table file.
1676 Keys for ESP CHILD_SAs are stored in the esp_sa file.
1677 charon.plugins.socket-default.fwmark []
1680 Firewall mark to set on outbound packets.
1681 charon.plugins.socket-default.set_source [yes]
1684 Set source address on outbound packets, if possible.
1685 charon.plugins.socket-default.set_sourceif [no]
1688 Force sending interface on outbound packets, if possible. This
1689 allows using IPv6 link-local addresses as tunnel endpoints.
1690 charon.plugins.socket-default.use_ipv4 [yes]
1693 Listen on IPv4, if possible.
1694 charon.plugins.socket-default.use_ipv6 [yes]
1697 Listen on IPv6, if possible.
1698 charon.plugins.sql.database []
1701 Database URI for charon's SQL plugin. If it contains a password,
1702 make sure to adjust the permissions of the config file accord‐
1703 ingly.
1704 charon.plugins.sql.loglevel [-1]
1707 Loglevel for logging to SQL database.
1708 charon.plugins.stroke.allow_swap [yes]
1711 Analyze addresses/hostnames in left|right to detect which side
1712 is local and swap configuration options if necessary. If dis‐
1713 abled left is always local.
1714 charon.plugins.stroke.ignore_missing_ca_basic_constraint [no]
1718 Treat certificates in ipsec.d/cacerts and ipsec.conf ca sections
1719 as CA certificates even if they don't contain a CA basic con‐
1720 straint.
1721 charon.plugins.stroke.max_concurrent [4]
1724 Maximum number of stroke messages handled concurrently.
1725 charon.plugins.stroke.prevent_loglevel_changes [no]
1728 If enabled log level changes via stroke socket are not allowed.
1729 charon.plugins.stroke.secrets_file [${sysconfdir}/ipsec.secrets]
1732 Location of the ipsec.secrets file
1733 charon.plugins.stroke.socket [unix://${piddir}/charon.ctl]
1736 Socket provided by the stroke plugin.
1737 charon.plugins.stroke.timeout [0]
1740 Timeout in ms for any stroke command. Use 0 to disable the time‐
1741 out.
1742 charon.plugins.systime-fix.interval [0]
1745 Interval in seconds to check system time for validity. 0 dis‐
1746 ables the check.
1747 charon.plugins.systime-fix.reauth [no]
1750 Whether to use reauth or delete if an invalid cert lifetime is
1751 detected.
1752 charon.plugins.systime-fix.threshold []
1755 Threshold date where system time is considered valid. Disabled
1756 if not specified.
1757 charon.plugins.systime-fix.threshold_format [%Y]
1760 strptime(3) format used to parse threshold option.
1761 charon.plugins.systime-fix.timeout [0s]
1764 How long to wait for a valid system time if an interval is con‐
1765 figured. 0 to recheck indefinitely.
1766 charon.plugins.tnc-ifmap.client_cert []
1769 Path to X.509 certificate file of IF-MAP client.
1770 charon.plugins.tnc-ifmap.client_key []
1773 Path to private key file of IF-MAP client.
1774 charon.plugins.tnc-ifmap.device_name []
1777 Unique name of strongSwan server as a PEP and/or PDP device.
1778 charon.plugins.tnc-ifmap.renew_session_interval [150]
1781 Interval in seconds between periodic IF-MAP RenewSession re‐
1782 quests.
1783 charon.plugins.tnc-ifmap.server_cert []
1786 Path to X.509 certificate file of IF-MAP server.
1787 charon.plugins.tnc-ifmap.server_uri [https://localhost:8444/imap]
1790 URI of the form [https://]servername[:port][/path].
1791 charon.plugins.tnc-ifmap.username_password []
1794 Credentials of IF-MAP client of the form username:password. If
1795 set, make sure to adjust the permissions of the config file ac‐
1796 cordingly.
1797 charon.plugins.tnc-imc.dlclose [yes]
1800 Unload IMC after use.
1801 charon.plugins.tnc-imc.preferred_language [en]
1804 Preferred language for TNC recommendations.
1805 charon.plugins.tnc-imv.dlclose [yes]
1808 Unload IMV after use.
1809 charon.plugins.tnc-imv.recommendation_policy [default]
1812 TNC recommendation policy, one of default, any, or all.
1813 charon.plugins.tnc-pdp.pt_tls.enable [yes]
1817 Enable PT-TLS protocol on the strongSwan PDP.
1818 charon.plugins.tnc-pdp.pt_tls.port [271]
1821 PT-TLS server port the strongSwan PDP is listening on.
1822 charon.plugins.tnc-pdp.radius.enable [yes]
1825 Enable RADIUS protocol on the strongSwan PDP.
1826 charon.plugins.tnc-pdp.radius.method [ttls]
1829 EAP tunnel method to be used.
1830 charon.plugins.tnc-pdp.radius.port [1812]
1833 RADIUS server port the strongSwan PDP is listening on.
1834 charon.plugins.tnc-pdp.radius.secret []
1837 Shared RADIUS secret between strongSwan PDP and NAS. If set,
1838 make sure to adjust the permissions of the config file accord‐
1839 ingly.
1840 charon.plugins.tnc-pdp.server []
1843 Name of the strongSwan PDP as contained in the AAA certificate.
1844 charon.plugins.tnc-pdp.timeout []
1847 Timeout in seconds before closing incomplete connections.
1848 charon.plugins.tnccs-11.max_message_size [45000]
1851 Maximum size of a PA-TNC message (XML & Base64 encoding).
1852 charon.plugins.tnccs-20.max_batch_size [65522]
1855 Maximum size of a PB-TNC batch (upper limit via PT-EAP = 65529).
1856 charon.plugins.tnccs-20.max_message_size [65490]
1859 Maximum size of a PA-TNC message (upper limit via PT-EAP =
1860 65497).
1861 charon.plugins.tnccs-20.mutual [no]
1864 Enable PB-TNC mutual protocol.
1865 charon.plugins.tnccs-20.tests.pb_tnc_noskip [no]
1868 Send an unsupported PB-TNC message type with the NOSKIP flag
1869 set.
1870 charon.plugins.tnccs-20.tests.pb_tnc_version [2]
1873 Send a PB-TNC batch with a modified PB-TNC version.
1874 charon.plugins.tpm.fips_186_4 [no]
1877 Is the TPM 2.0 FIPS-186-4 compliant, forcing e.g. the use of the
1878 default salt length instead of maximum salt length with RSAPSS
1879 padding.
1880 charon.plugins.tpm.tcti.name [device|tabrmd]
1883 Name of TPM 2.0 TCTI library. Valid values: tabrmd, device or
1884 mssim. Defaults are device if the /dev/tpmrm0 in-kernel TPM 2.0
1885 resource manager device exists, and tabrmd otherwise, requiring
1886 the d-bus based TPM 2.0 access broker and resource manager to be
1887 available.
1888 charon.plugins.tpm.tcti.opts [/dev/tpmrm0|<none>]
1891 Options for the TPM 2.0 TCTI library. Defaults are /dev/tpmrm0
1892 if the TCTI library name is device and no options otherwise.
1893 charon.plugins.tpm.use_rng [no]
1896 Whether the TPM should be used as RNG.
1897 charon.plugins.unbound.dlv_anchors []
1900 File to read trusted keys for DLV (DNSSEC Lookaside Validation)
1901 from. It uses the same format as trust_anchors. Only one DLV
1902 can be configured, which is then used as a root trusted DLV,
1903 this means that it is a lookaside for the root.
1904 charon.plugins.unbound.resolv_conf [/etc/resolv.conf]
1907 File to read DNS resolver configuration from.
1908 charon.plugins.unbound.trust_anchors [/etc/ipsec.d/dnssec.keys]
1911 File to read DNSSEC trust anchors from (usually root zone KSK).
1912 The format of the file is the standard DNS Zone file format, an‐
1913 chors can be stored as DS or DNSKEY entries in the file.
1914 charon.plugins.updown.dns_handler [no]
1917 Whether the updown script should handle DNS servers assigned via
1918 IKEv1 Mode Config or IKEv2 Config Payloads (if enabled they
1919 can't be handled by other plugins, like resolve)
1920 charon.plugins.vici.socket [unix://${piddir}/charon.vici]
1923 Socket the vici plugin serves clients.
1924 charon.plugins.whitelist.enable [yes]
1927 Enable loaded whitelist plugin.
1928 charon.plugins.whitelist.socket [unix://${piddir}/charon.wlst]
1931 Socket provided by the whitelist plugin.
1932 charon.plugins.wolfssl.fips_mode [no]
1935 Enable to prevent loading the plugin if wolfSSL is not in FIPS
1936 mode.
1937 charon.plugins.xauth-eap.backend [radius]
1940 EAP plugin to be used as backend for XAuth credential verifica‐
1941 tion.
1942 charon.plugins.xauth-pam.pam_service [login]
1945 PAM service to be used for authentication.
1946 charon.plugins.xauth-pam.session [no]
1949 Open/close a PAM session for each active IKE_SA.
1950 charon.plugins.xauth-pam.trim_email [yes]
1953 If an email address is received as an XAuth username, trim it to
1954 just the username part.
1955 charon.port [500]
1958 UDP port used locally. If set to 0 a random port will be allo‐
1959 cated.
1960 charon.port_nat_t [4500]
1963 UDP port used locally in case of NAT-T. If set to 0 a random
1964 port will be allocated. Has to be different from charon.port,
1965 otherwise a random port will be allocated.
1966 charon.prefer_best_path [no]
1969 By default, charon keeps SAs on the routing path with addresses
1970 it previously used if that path is still usable. By setting this
1971 option to yes, it tries more aggressively to update SAs with MO‐
1972 BIKE on routing priority changes using the cheapest path. This
1973 adds more noise, but allows to dynamically adapt SAs to routing
1974 priority changes. This option has no effect if MOBIKE is not
1975 supported or disabled.
1976 charon.prefer_configured_proposals [yes]
1979 Prefer locally configured proposals for IKE/IPsec over supplied
1980 ones as responder (disabling this can avoid keying retries due
1981 to INVALID_KE_PAYLOAD notifies).
1982 charon.prefer_temporary_addrs [no]
1985 By default, permanent IPv6 source addresses are preferred over
1986 temporary ones (RFC 4941), to make connections more stable. En‐
1987 able this option to reverse this.
1988 It also affects which IPv6 addresses are announced as additional
1990 addresses if MOBIKE is used. If the option is disabled, only
1991 permanent addresses are sent, and only temporary ones if it is
1992 enabled.
1993 charon.process_route [yes]
1996 Process RTM_NEWROUTE and RTM_DELROUTE events.
1997 charon.processor.priority_threads
2000 Section to configure the number of reserved threads per priority
2001 class see JOB PRIORITY MANAGEMENT in strongswan.conf(5).
2002 charon.rdn_matching [strict]
2006 How RDNs in subject DNs of certificates are matched against con‐
2007 figured identities. Possible values are strict (the default),
2008 reordered, and relaxed. With strict the number, type and order
2009 of all RDNs has to match, wildcards (*) for the values of RDNs
2010 are allowed (that's the case for all three variants). Using re‐
2011 ordered also matches DNs if the RDNs appear in a different or‐
2012 der, the number and type still has to match. Finally, relaxed
2013 also allows matches of DNs that contain more RDNs than the con‐
2014 figured identity (missing RDNs are treated like a wildcard
2015 match).
2016 Note that reordered and relaxed impose a considerable overhead
2018 on memory usage and runtime, in particular, for mismatches, com‐
2019 pared to strict.
2020 charon.receive_delay [0]
2024 Delay in ms for receiving packets, to simulate larger RTT.
2025 charon.receive_delay_request [yes]
2028 Delay request messages.
2029 charon.receive_delay_response [yes]
2032 Delay response messages.
2033 charon.receive_delay_type [0]
2036 Specific IKEv2 message type to delay, 0 for any.
2037 charon.replay_window [32]
2040 Size of the AH/ESP replay window, in packets.
2041 charon.retransmit_base [1.8]
2044 Base to use for calculating exponential back off, see IKEv2 RE‐
2045 TRANSMISSION in strongswan.conf(5).
2046 charon.retransmit_jitter [0]
2050 Maximum jitter in percent to apply randomly to calculated re‐
2051 transmission timeout (0 to disable).
2052 charon.retransmit_limit [0]
2055 Upper limit in seconds for calculated retransmission timeout (0
2056 to disable).
2057 charon.retransmit_timeout [4.0]
2060 Timeout in seconds before sending first retransmit.
2061 charon.retransmit_tries [5]
2064 Number of times to retransmit a packet before giving up.
2065 charon.retry_initiate_interval [0]
2068 Interval in seconds to use when retrying to initiate an IKE_SA
2069 (e.g. if DNS resolution failed), 0 to disable retries.
2070 charon.reuse_ikesa [yes]
2073 Initiate CHILD_SA within existing IKE_SAs (always enabled for
2074 IKEv1).
2075 charon.routing_table []
2078 Numerical routing table to install routes to.
2079 charon.routing_table_prio []
2082 Priority of the routing table.
2083 charon.rsa_pss [no]
2086 Whether to use RSA with PSS padding instead of PKCS#1 padding by
2087 default.
2088 charon.send_delay [0]
2091 Delay in ms for sending packets, to simulate larger RTT.
2092 charon.send_delay_request [yes]
2095 Delay request messages.
2096 charon.send_delay_response [yes]
2099 Delay response messages.
2100 charon.send_delay_type [0]
2103 Specific IKEv2 message type to delay, 0 for any.
2104 charon.send_vendor_id [no]
2107 Send strongSwan vendor ID payload
2108 charon.signature_authentication [yes]
2111 Whether to enable Signature Authentication as per RFC 7427.
2112 charon.signature_authentication_constraints [yes]
2115 If enabled, signature schemes configured in rightauth, in addi‐
2116 tion to getting used as constraints against signature schemes
2117 employed in the certificate chain, are also used as constraints
2118 against the signature scheme used by peers during IKEv2.
2119 charon.spi_label [0x0000000000000000]
2122 Value mixed into the local IKE SPIs after applying spi_mask.
2123 charon.spi_mask [0x0000000000000000]
2127 Mask applied to local IKE SPIs before mixing in spi_label (bits
2128 set will be replaced with spi_label).
2129 charon.spi_max [0xcfffffff]
2133 The upper limit for SPIs requested from the kernel for IPsec
2134 SAs.
2135 charon.spi_min [0xc0000000]
2138 The lower limit for SPIs requested from the kernel for IPsec
2139 SAs. Should not be set lower than 0x00000100 (256), as SPIs be‐
2140 tween 1 and 255 are reserved by IANA.
2141 charon.start-scripts
2144 Section containing a list of scripts (name = path) that are exe‐
2145 cuted when the daemon is started.
2146 charon.stop-scripts
2149 Section containing a list of scripts (name = path) that are exe‐
2150 cuted when the daemon is terminated.
2151 charon.syslog
2154 Section to define syslog loggers, see LOGGER CONFIGURATION in
2155 strongswan.conf(5).
2156 charon.syslog.<facility>
2160 <facility> is one of the supported syslog facilities, see LOGGER
2161 CONFIGURATION in strongswan.conf(5).
2162 charon.syslog.<facility>.<subsystem> [<default>]
2166 Loglevel for a specific subsystem.
2167 charon.syslog.<facility>.default [1]
2170 Specifies the default loglevel to be used for subsystems for
2171 which no specific loglevel is defined.
2172 charon.syslog.<facility>.ike_name [no]
2175 Prefix each log entry with the connection name and a unique nu‐
2176 merical identifier for each IKE_SA.
2177 charon.syslog.<facility>.log_level [no]
2180 Add the log level of each message after the subsystem (e.g.
2181 [IKE2]).
2182 charon.syslog.identifier []
2185 Global identifier used for an openlog(3) call, prepended to each
2186 log message by syslog. If not configured, openlog(3) is not
2187 called, so the value will depend on system defaults (often the
2188 program name).
2189 charon.threads [16]
2192 Number of worker threads in charon. Several of these are re‐
2193 served for long running tasks in internal modules and plugins.
2194 Therefore, make sure you don't set this value too low. The num‐
2195 ber of idle worker threads listed in ipsec statusall might be
2196 used as indicator on the number of reserved threads.
2197 charon.tls.cipher []
2200 List of TLS encryption ciphers.
2201 charon.tls.ke_group []
2204 List of TLS key exchange groups.
2205 charon.tls.key_exchange []
2208 List of TLS key exchange methods.
2209 charon.tls.mac []
2212 List of TLS MAC algorithms.
2213 charon.tls.send_certreq_authorities [yes]
2216 Whether to include CAs in a server's CertificateRequest message.
2217 May be disabled if clients can't handle a long list of CAs.
2218 charon.tls.signature []
2221 List of TLS signature schemes.
2222 charon.tls.suites []
2225 List of TLS cipher suites.
2226 charon.tls.version_max [1.2]
2229 Maximum TLS version to negotiate.
2230 charon.tls.version_min [1.2]
2233 Minimum TLS version to negotiate.
2234 charon.tnc.tnc_config [/etc/tnc_config]
2237 TNC IMC/IMV configuration file.
2238 charon.user []
2241 Name of the user the daemon changes to after startup.
2242 charon.x509.enforce_critical [yes]
2245 Discard certificates with unsupported or unknown critical exten‐
2246 sions.
2247 charon-nm.ca_dir [<default>]
2250 Directory from which to load CA certificates if no certificate
2251 is configured.
2252 charon-systemd.journal
2255 Section to configure native systemd journal logger, very similar
2256 to the syslog logger as described in LOGGER CONFIGURATION in
2257 strongswan.conf(5).
2258 charon-systemd.journal.<subsystem> [<default>]
2262 Loglevel for a specific subsystem.
2263 charon-systemd.journal.default [1]
2266 Specifies the default loglevel to be used for subsystems for
2267 which no specific loglevel is defined.
2268 imv_policy_manager.command_allow []
2271 Shell command to be executed with recommendation allow.
2272 imv_policy_manager.command_block []
2275 Shell command to be executed with all other recommendations.
2276 imv_policy_manager.database []
2279 Database URI for the database that stores the package informa‐
2280 tion. If it contains a password, make sure to adjust the permis‐
2281 sions of the config file accordingly.
2282 imv_policy_manager.load [sqlite]
2285 Plugins to load in IMV policy manager.
2286 libimcv.debug_level [1]
2289 Debug level for a stand-alone libimcv library.
2290 libimcv.load [random nonce gmp pubkey x509]
2293 Plugins to load in IMC/IMVs with stand-alone libimcv library.
2294 libimcv.plugins.imc-attestation.aik_blob []
2297 AIK encrypted private key blob file.
2298 libimcv.plugins.imc-attestation.aik_cert []
2301 AIK certificate file.
2302 libimcv.plugins.imc-attestation.aik_handle []
2305 AIK object handle.
2306 libimcv.plugins.imc-attestation.aik_pubkey []
2309 AIK public key file.
2310 libimcv.plugins.imc-attestation.hash_algorithm [sha384]
2313 Preferred measurement hash algorithm.
2314 libimcv.plugins.imc-attestation.mandatory_dh_groups [yes]
2317 Enforce mandatory Diffie-Hellman groups.
2318 libimcv.plugins.imc-attestation.nonce_len [20]
2321 DH nonce length.
2322 libimcv.plugins.imc-attestation.pcr17_after []
2325 PCR17 value after measurement.
2326 libimcv.plugins.imc-attestation.pcr17_before []
2329 PCR17 value before measurement.
2330 libimcv.plugins.imc-attestation.pcr17_meas []
2333 Dummy measurement value extended into PCR17 if the TBOOT log is
2334 not available.
2335 libimcv.plugins.imc-attestation.pcr18_after []
2338 PCR18 value after measurement.
2339 libimcv.plugins.imc-attestation.pcr18_before []
2342 PCR18 value before measurement.
2343 libimcv.plugins.imc-attestation.pcr18_meas []
2346 Dummy measurement value extended into PCR17 if the TBOOT log is
2347 not available.
2348 libimcv.plugins.imc-attestation.pcr_info [no]
2351 Whether to send pcr_before and pcr_after info.
2352 libimcv.plugins.imc-attestation.pcr_padding [no]
2355 Whether to pad IMA SHA1 measurements values when extending into
2356 SHA256 PCR bank.
2357 libimcv.plugins.imc-attestation.use_quote2 [yes]
2360 Use Quote2 AIK signature instead of Quote signature.
2361 libimcv.plugins.imc-attestation.use_version_info [no]
2364 Version Info is included in Quote2 signature.
2365 libimcv.plugins.imc-hcd.push_info [yes]
2368 Send quadruple info without being prompted.
2369 libimcv.plugins.imc-hcd.subtypes []
2372 Section to define PWG HCD PA subtypes.
2373 libimcv.plugins.imc-hcd.subtypes.<section> []
2376 Defines a PWG HCD PA subtype section. Recognized subtype section
2377 names are system, control, marker, finisher, interface and scan‐
2378 ner.
2379 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type> []
2383 Defines a software type section. Recognized software type sec‐
2384 tion names are firmware, resident_application and user_applica‐
2385 tion.
2386 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software> []
2390 Defines a software section having an arbitrary name.
2391 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.name []
2394 Name of the software installed on the hardcopy device.
2395 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.patches
2398 []
2399 String describing all patches applied to the given software on
2400 this hardcopy device. The individual patches are separated by a
2401 newline character '\n'.
2402 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<soft‐
2405 ware>.string_version []
2406 String describing the version of the given software on this
2407 hardcopy device.
2408 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.version
2411 []
2412 Hex-encoded version string with a length of 16 octets consisting
2413 of the fields major version number (4 octets), minor version
2414 number (4 octets), build number (4 octets), service pack major
2415 number (2 octets) and service pack minor number (2 octets).
2416 libimcv.plugins.imc-hcd.subtypes.<section>.attributes_natural_language
2419 [en]
2420 Variable length natural language tag conforming to RFC 5646
2421 specifies the language to be used in the health assessment mes‐
2422 sage of a given subtype.
2423 libimcv.plugins.imc-hcd.subtypes.system.certification_state []
2426 Hex-encoded certification state.
2427 libimcv.plugins.imc-hcd.subtypes.system.configuration_state []
2430 Hex-encoded configuration state.
2431 libimcv.plugins.imc-hcd.subtypes.system.machine_type_model []
2434 String specifying the machine type and model of the hardcopy de‐
2435 vice.
2436 libimcv.plugins.imc-hcd.subtypes.system.pstn_fax_enabled [no]
2439 Specifies if a PSTN facsimile interface is installed and enabled
2440 on the hardcopy device.
2441 libimcv.plugins.imc-hcd.subtypes.system.time_source []
2444 String specifying the hostname of the network time server used
2445 by the hardcopy device.
2446 libimcv.plugins.imc-hcd.subtypes.system.user_application_enabled [no]
2449 Specifies if users can dynamically download and execute applica‐
2450 tions on the hardcopy device.
2451 libimcv.plugins.imc-hcd.subtypes.system.user_application_persis‐
2454 tence_enabled [no]
2455 Specifies if user dynamically downloaded applications can per‐
2456 sist outside the boundaries of a single job on the hardcopy de‐
2457 vice.
2458 libimcv.plugins.imc-hcd.subtypes.system.vendor_name []
2461 String specifying the manufacturer of the hardcopy device.
2462 libimcv.plugins.imc-hcd.subtypes.system.vendor_smi_code []
2465 Integer specifying the globally unique 24-bit SMI code assigned
2466 to the manufacturer of the hardcopy device.
2467 libimcv.plugins.imc-os.device_cert []
2470 Manually set the path to the client device certificate (e.g.
2471 /etc/pts/aikCert.der)
2472 libimcv.plugins.imc-os.device_handle []
2475 Manually set handle to a private key bound to a smartcard or TPM
2476 (e.g. 0x81010004)
2477 libimcv.plugins.imc-os.device_id []
2480 Manually set the client device ID in hexadecimal format (e.g.
2481 1083f03988c9762703b1c1080c2e46f72b99cc31)
2482 libimcv.plugins.imc-os.device_pubkey []
2485 Manually set the path to the client device public key (e.g.
2486 /etc/pts/aikPub.der)
2487 libimcv.plugins.imc-os.push_info [yes]
2490 Send operating system info without being prompted.
2491 libimcv.plugins.imc-scanner.push_info [yes]
2494 Send open listening ports without being prompted.
2495 libimcv.plugins.imc-swima.eid_epoch [0x11223344]
2498 Set 32 bit epoch value for event IDs manually if software col‐
2499 lector database is not available.
2500 libimcv.plugins.imc-swima.subscriptions [no]
2503 Accept SW Inventory or SW Events subscriptions.
2504 libimcv.plugins.imc-swima.swid_database []
2507 URI to software collector database containing event timestamps,
2508 software creation and deletion events and collected software
2509 identifiers. If it contains a password, make sure to adjust the
2510 permissions of the config file accordingly.
2511 libimcv.plugins.imc-swima.swid_directory [${prefix}/share]
2514 Directory where SWID tags are located.
2515 libimcv.plugins.imc-swima.swid_full [no]
2518 Include file information in the XML-encoded SWID tags.
2519 libimcv.plugins.imc-swima.swid_pretty [no]
2522 Generate XML-encoded SWID tags with pretty indentation.
2523 libimcv.plugins.imc-test.additional_ids [0]
2526 Number of additional IMC IDs.
2527 libimcv.plugins.imc-test.command [none]
2530 Command to be sent to the Test IMV.
2531 libimcv.plugins.imc-test.dummy_size [0]
2534 Size of dummy attribute to be sent to the Test IMV (0 = dis‐
2535 abled).
2536 libimcv.plugins.imc-test.retry [no]
2539 Do a handshake retry.
2540 libimcv.plugins.imc-test.retry_command []
2543 Command to be sent to the Test IMV in the handshake retry.
2544 libimcv.plugins.imv-attestation.cadir []
2547 Path to directory with AIK cacerts.
2548 libimcv.plugins.imv-attestation.dh_group [ecp256]
2551 Preferred Diffie-Hellman group.
2552 libimcv.plugins.imv-attestation.hash_algorithm [sha384]
2555 Preferred measurement hash algorithm.
2556 libimcv.plugins.imv-attestation.mandatory_dh_groups [yes]
2559 Enforce mandatory Diffie-Hellman groups.
2560 libimcv.plugins.imv-attestation.min_nonce_len [0]
2563 DH minimum nonce length.
2564 libimcv.plugins.imv-os.remediation_uri []
2567 URI pointing to operating system remediation instructions.
2568 libimcv.plugins.imv-scanner.remediation_uri []
2571 URI pointing to scanner remediation instructions.
2572 libimcv.plugins.imv-swima.rest_api.timeout [120]
2575 Timeout of SWID REST API HTTP POST transaction.
2576 libimcv.plugins.imv-swima.rest_api.uri []
2579 HTTP URI of the SWID REST API.
2580 libimcv.plugins.imv-test.rounds [0]
2583 Number of IMC-IMV retry rounds.
2584 libimcv.stderr_quiet [no]
2587 Disable output to stderr with a stand-alone libimcv library.
2588 libimcv.swid_gen.command [/usr/local/bin/swid_generator]
2591 SWID generator command to be executed.
2592 libimcv.swid_gen.tag_creator.name [strongSwan Project]
2595 Name of the tagCreator entity.
2596 libimcv.swid_gen.tag_creator.regid [strongswan.org]
2599 regid of the tagCreator entity.
2600 manager.database []
2603 Credential database URI for manager. If it contains a password,
2604 make sure to adjust the permissions of the config file accord‐
2605 ingly.
2606 manager.debug [no]
2609 Enable debugging in manager.
2610 manager.load []
2613 Plugins to load in manager.
2614 manager.socket []
2617 FastCGI socket of manager, to run it statically.
2618 manager.threads [10]
2621 Threads to use for request handling.
2622 manager.timeout [15m]
2625 Session timeout for manager.
2626 medsrv.database []
2629 Mediation server database URI. If it contains a password, make
2630 sure to adjust the permissions of the config file accordingly.
2631 medsrv.debug [no]
2634 Debugging in mediation server web application.
2635 medsrv.dpd [5m]
2638 DPD timeout to use in mediation server plugin.
2639 medsrv.load []
2642 Plugins to load in mediation server plugin.
2643 medsrv.password_length [6]
2646 Minimum password length required for mediation server user ac‐
2647 counts.
2648 medsrv.rekey [20m]
2651 Rekeying time on mediation connections in mediation server
2652 plugin.
2653 medsrv.socket []
2656 Run Mediation server web application statically on socket.
2657 medsrv.threads [5]
2660 Number of thread for mediation service web application.
2661 medsrv.timeout [15m]
2664 Session timeout for mediation service.
2665 pki.load []
2668 Plugins to load in ipsec pki tool.
2669 pool.database []
2672 Database URI for the database that stores IP pools and configu‐
2673 ration attributes. If it contains a password, make sure
2674 to adjust the permissions of the config file accordingly.
2675 pool.load []
2678 Plugins to load in ipsec pool tool.
2679 scepclient.load []
2682 Plugins to load in ipsec scepclient tool.
2683 sec-updater
2686 Options for the sec-updater tool.
2687 sec-updater.database []
2690 Global IMV policy database URI. If it contains a password, make
2691 sure to adjust the permissions of the config file accordingly.
2692 sec-updater.load []
2695 Plugins to load in sec-updater tool.
2696 sec-updater.swid_gen.command [/usr/local/bin/swid_generator]
2699 SWID generator command to be executed.
2700 sec-updater.swid_gen.tag_creator.name [strongSwan Project]
2703 Name of the tagCreator entity.
2704 sec-updater.swid_gen.tag_creator.regid [strongswan.org]
2707 regid of the tagCreator entity.
2708 sec-updater.tmp.deb_file [/tmp/sec-updater.deb]
2711 Temporary storage for downloaded deb package file.
2712 sec-updater.tmp.tag_file [/tmp/sec-updater.tag]
2715 Temporary storage for generated SWID tags.
2716 sec-updater.tnc_manage_command [/var/www/tnc/manage.py]
2719 strongTNC manage.py command used to import SWID tags.
2720 starter.config_file [${sysconfdir}/ipsec.conf]
2723 Location of the ipsec.conf file
2724 starter.load_warning [yes]
2727 Disable charon plugin load option warning.
2728 sw-collector
2731 Options for the sw-collector tool.
2732 sw-collector.database []
2735 URI to software collector database containing event timestamps,
2736 software creation and deletion events and collected software
2737 identifiers. If it contains a password, make sure to adjust the
2738 permissions of the config file accordingly.
2739 sw-collector.first_file [/var/log/bootstrap.log]
2742 Path pointing to file created when the Linux OS was installed.
2743 sw-collector.first_time [0000-00-00T00:00:00Z]
2746 Time in UTC when the Linux OS was installed.
2747 sw-collector.history []
2750 Path pointing to apt history.log file.
2751 sw-collector.load []
2754 Plugins to load in sw-collector tool.
2755 sw-collector.rest_api.timeout [120]
2758 Timeout of REST API HTTP POST transaction.
2759 sw-collector.rest_api.uri []
2762 HTTP URI of the central collector's REST API.
2763 swanctl.load []
2766 Plugins to load in swanctl.
2767 swanctl.socket [unix://${piddir}/charon.vici]
2770 VICI socket to connect to by default.
2771
2774 Options in strongswan.conf(5) provide a much more flexible way to con‐
2775 figure loggers for the IKE daemon charon than using the charondebug op‐
2776 tion in ipsec.conf(5).
2777 Note: If any loggers are specified in strongswan.conf, charondebug does
2779 not have any effect.
2780 There are currently two types of loggers:
2782 File loggers
2784 Log directly to a file and are defined by specifying an arbi‐
2785 trarily named subsection in the charon.filelog section. The full
2786 path to the file is configured in the path setting of that sub‐
2787 section, however, if it only contains characters permitted in
2788 section names, the setting may also be omitted and the path
2789 specified as name of the subsection. To log to the console the
2790 two special filenames stdout and stderr may be used.
2791 Syslog loggers
2793 Log into a syslog facility and are defined by specifying the fa‐
2794 cility to log to as the name of a subsection in the charon.sys‐
2795 log section. The following facilities are currently supported:
2796 daemon and auth.
2797 Multiple loggers can be defined for each type with different log ver‐
2799 bosity for the different subsystems of the daemon.
2800 Subsystems
2803 dmn Main daemon setup/cleanup/signal handling
2804 mgr IKE_SA manager, handling synchronization for IKE_SA access
2806 ike IKE_SA
2808 chd CHILD_SA
2810 job Jobs queueing/processing and thread pool management
2812 cfg Configuration management and plugins
2814 knl IPsec/Networking kernel interface
2816 net IKE network communication
2818 asn Low-level encoding/decoding (ASN.1, X.509 etc.)
2820 enc Packet encoding/decoding encryption/decryption operations
2822 tls libtls library messages
2824 esp libipsec library messages
2826 lib libstrongswan library messages
2828 tnc Trusted Network Connect
2830 imc Integrity Measurement Collector
2832 imv Integrity Measurement Verifier
2834 pts Platform Trust Service
2836 Loglevels
2838 -1 Absolutely silent
2839 0 Very basic auditing logs, (e.g. SA up/SA down)
2841 1 Generic control flow with errors, a good default to see what's
2843 going on
2844 2 More detailed debugging control flow
2846 3 Including RAW data dumps in Hex
2848 4 Also include sensitive material in dumps, e.g. keys
2850 Example
2852 charon {
2853 filelog {
2854 charon {
2855 path = /var/log/charon.log
2856 time_format = %b %e %T
2857 append = no
2858 default = 1
2859 }
2860 stderr {
2861 ike = 2
2862 knl = 3
2863 ike_name = yes
2864 }
2865 }
2866 syslog {
2867 # enable logging to LOG_DAEMON, use defaults
2868 daemon {
2869 }
2870 # minimalistic IKE auditing logging to LOG_AUTHPRIV
2871 auth {
2872 default = -1
2873 ike = 0
2874 }
2875 }
2876 }
2877
2880 Some operations in the IKEv2 daemon charon are currently implemented
2881 synchronously and blocking. Two examples for such operations are commu‐
2882 nication with a RADIUS server via EAP-RADIUS, or fetching CRL/OCSP in‐
2883 formation during certificate chain verification. Under high load condi‐
2884 tions, the thread pool may run out of available threads, and some more
2885 important jobs, such as liveness checking, may not get executed in
2886 time.
2887 To prevent thread starvation in such situations job priorities were in‐
2889 troduced. The job processor will reserve some threads for higher pri‐
2890 ority jobs, these threads are not available for lower priority, locking
2891 jobs.
2892 Implementation
2894 Currently 4 priorities have been defined, and they are used in charon
2895 as follows:
2896 CRITICAL
2898 Priority for long-running dispatcher jobs.
2899 HIGH INFORMATIONAL exchanges, as used by liveness checking (DPD).
2901 MEDIUM Everything not HIGH/LOW, including IKE_SA_INIT processing.
2903 LOW IKE_AUTH message processing. RADIUS and CRL fetching block here
2905 Although IKE_SA_INIT processing is computationally expensive, it is ex‐
2907 plicitly assigned to the MEDIUM class. This allows charon to do the DH
2908 exchange while other threads are blocked in IKE_AUTH. To prevent the
2909 daemon from accepting more IKE_SA_INIT requests than it can handle, use
2910 IKE_SA_INIT DROPPING.
2911 The thread pool processes jobs strictly by priority, meaning it will
2913 consume all higher priority jobs before looking for ones with lower
2914 priority. Further, it reserves threads for certain priorities. A prior‐
2915 ity class having reserved n threads will always have n threads avail‐
2916 able for this class (either currently processing a job, or waiting for
2917 one).
2918 Configuration
2920 To ensure that there are always enough threads available for higher
2921 priority tasks, threads must be reserved for each priority class.
2922 charon.processor.priority_threads.critical [0]
2924 Threads reserved for CRITICAL priority class jobs
2925 charon.processor.priority_threads.high [0]
2927 Threads reserved for HIGH priority class jobs
2928 charon.processor.priority_threads.medium [0]
2930 Threads reserved for MEDIUM priority class jobs
2931 charon.processor.priority_threads.low [0]
2933 Threads reserved for LOW priority class jobs
2934 Let's consider the following configuration:
2936 charon {
2938 processor {
2939 priority_threads {
2940 high = 1
2941 medium = 4
2942 }
2943 }
2944 }
2945 With this configuration, one thread is reserved for HIGH priority
2947 tasks. As currently only liveness checking and stroke message process‐
2948 ing is done with high priority, one or two threads should be suffi‐
2949 cient.
2950 The MEDIUM class mostly processes non-blocking jobs. Unless your setup
2952 is experiencing many blocks in locks while accessing shared resources,
2953 threads for one or two times the number of CPU cores is fine.
2954 It is usually not required to reserve threads for CRITICAL jobs. Jobs
2956 in this class rarely return and do not release their thread to the
2957 pool.
2958 The remaining threads are available for LOW priority jobs. Reserving
2960 threads does not make sense (until we have an even lower priority).
2961 Monitoring
2963 To see what the threads are actually doing, invoke ipsec statusall.
2964 Under high load, something like this will show up:
2965 worker threads: 2 or 32 idle, 5/1/2/22 working,
2967 job queue: 0/0/1/149, scheduled: 198
2968 From 32 worker threads,
2970 2 are currently idle.
2972 5 are running CRITICAL priority jobs (dispatching from sockets,
2974 etc.).
2975 1 is currently handling a HIGH priority job. This is actually the
2977 thread currently providing this information via stroke.
2978 2 are handling MEDIUM priority jobs, likely IKE_SA_INIT or CRE‐
2980 ATE_CHILD_SA messages.
2981 22 are handling LOW priority jobs, probably waiting for an EAP-RA‐
2983 DIUS response while processing IKE_AUTH messages.
2984 The job queue load shows how many jobs are queued for each priority,
2986 ready for execution. The single MEDIUM priority job will get executed
2987 immediately, as we have two spare threads reserved for MEDIUM class
2988 jobs.
2989
2992 If a responder receives more connection requests per seconds than it
2993 can handle, it does not make sense to accept more IKE_SA_INIT messages.
2994 And if they are queued but can't get processed in time, an answer might
2995 be sent after the client has already given up and restarted its connec‐
2996 tion setup. This additionally increases the load on the responder.
2997 To limit the responder load resulting from new connection attempts, the
2999 daemon can drop IKE_SA_INIT messages just after reception. There are
3000 two mechanisms to decide if this should happen, configured with the
3001 following options:
3002 charon.init_limit_half_open [0]
3004 Limit based on the number of half open IKE_SAs. Half open
3005 IKE_SAs are SAs in connecting state, but not yet established.
3006 charon.init_limit_job_load [0]
3008 Limit based on the number of jobs currently queued for process‐
3009 ing (sum over all job priorities).
3010 The second limit includes load from other jobs, such as rekeying.
3012 Choosing a good value is difficult and depends on the hardware and ex‐
3013 pected load.
3014 The first limit is simpler to calculate, but includes the load from new
3016 connections only. If your responder is capable of negotiating 100 tun‐
3017 nels/s, you might set this limit to 1000. The daemon will then drop new
3018 connection attempts if generating a response would require more than 10
3019 seconds. If you are allowing for a maximum response time of more than
3020 30 seconds, consider adjusting the timeout for connecting IKE_SAs
3021 (charon.half_open_timeout). A responder, by default, deletes an IKE_SA
3022 if the initiator does not establish it within 30 seconds. Under high
3023 load, a higher value might be required.
3024
3027 To do stability testing and performance optimizations, the IKE daemon
3028 charon provides the load-tester plugin. This plugin allows one to setup
3029 thousands of tunnels concurrently against the daemon itself or a remote
3030 host.
3031 WARNING: Never enable the load-testing plugin on productive systems. It
3033 provides preconfigured credentials and allows an attacker to authenti‐
3034 cate as any user.
3035 Configuration details
3037 For public key authentication, the responder uses the "CN=srv, OU=load-
3038 test, O=strongSwan" identity. For the initiator, each connection at‐
3039 tempt uses a different identity in the form "CN=c1-r1, OU=load-test,
3040 O=strongSwan", where the first number indicates the client number, the
3041 second the authentication round (if multiple authentication rounds are
3042 used).
3043 For PSK authentication, FQDN identities are used. The server uses
3045 srv.strongswan.org, the client uses an identity in the form
3046 c1-r1.strongswan.org.
3047 For EAP authentication, the client uses a NAI in the form
3049 100000000010001@strongswan.org.
3050 To configure multiple authentication rounds, concatenate multiple meth‐
3052 ods using, e.g.
3053 initiator_auth = pubkey|psk|eap-md5|eap-aka
3054 The responder uses a hardcoded certificate based on a 1024-bit RSA key.
3056 This certificate additionally serves as CA certificate. A peer uses the
3057 same private key, but generates client certificates on demand signed by
3058 the CA certificate. Install the Responder/CA certificate on the remote
3059 host to authenticate all clients.
3060 To speed up testing, the load tester plugin implements a special
3062 Diffie-Hellman implementation called modpnull. By setting
3063 proposal = aes128-sha1-modpnull
3064 this wicked fast DH implementation is used. It does not provide any se‐
3065 curity at all, but allows one to run tests without DH calculation over‐
3066 head.
3067 Examples
3069 In the simplest case, the daemon initiates IKE_SAs against itself using
3070 the loopback interface. This will actually establish double the number
3071 of IKE_SAs, as the daemon is initiator and responder for each IKE_SA at
3072 the same time. Installation of IPsec SAs would fail, as each SA gets
3073 installed twice. To simulate the correct behavior, a fake kernel inter‐
3074 face can be enabled which does not install the IPsec SAs at the kernel
3075 level.
3076 A simple loopback configuration might look like this:
3078 charon {
3080 # create new IKE_SAs for each CHILD_SA to simulate
3081 # different clients
3082 reuse_ikesa = no
3083 # turn off denial of service protection
3084 dos_protection = no
3085 plugins {
3087 load-tester {
3088 # enable the plugin
3089 enable = yes
3090 # use 4 threads to initiate connections
3091 # simultaneously
3092 initiators = 4
3093 # each thread initiates 1000 connections
3094 iterations = 1000
3095 # delay each initiation in each thread by 20ms
3096 delay = 20
3097 # enable the fake kernel interface to
3098 # avoid SA conflicts
3099 fake_kernel = yes
3100 }
3101 }
3102 }
3103 This will initiate 4000 IKE_SAs within 20 seconds. You may increase the
3105 delay value if your box can not handle that much load, or decrease it
3106 to put more load on it. If the daemon starts retransmitting messages
3107 your box probably can not handle all connection attempts.
3108 The plugin also allows one to test against a remote host. This might
3110 help to test against a real world configuration. A connection setup to
3111 do stress testing of a gateway might look like this:
3112 charon {
3114 reuse_ikesa = no
3115 threads = 32
3116 plugins {
3118 load-tester {
3119 enable = yes
3120 # 10000 connections, ten in parallel
3121 initiators = 10
3122 iterations = 1000
3123 # use a delay of 100ms, overall time is:
3124 # iterations * delay = 100s
3125 delay = 100
3126 # address of the gateway
3127 remote = 1.2.3.4
3128 # IKE-proposal to use
3129 proposal = aes128-sha1-modp1024
3130 # use faster PSK authentication instead
3131 # of 1024bit RSA
3132 initiator_auth = psk
3133 responder_auth = psk
3134 # request a virtual IP using configuration
3135 # payloads
3136 request_virtual_ip = yes
3137 # enable CHILD_SA every 60s
3138 child_rekey = 60
3139 }
3140 }
3141 }
3142
3145 Retransmission timeouts in the IKEv2 daemon charon can be configured
3146 globally using the three keys listed below:
3147 charon.retransmit_base [1.8]
3149 charon.retransmit_timeout [4.0]
3150 charon.retransmit_tries [5]
3151 charon.retransmit_jitter [0]
3152 charon.retransmit_limit [0]
3153 The following algorithm is used to calculate the timeout:
3155 relative timeout = retransmit_timeout * retransmit_base ^ (n-1)
3157 Where n is the current retransmission count. The calculated timeout
3159 can't exceed the configured retransmit_limit (if any), which is useful
3160 if the number of retries is high.
3161 If a jitter in percent is configured, the timeout is modified as fol‐
3163 lows:
3164 relative timeout -= random(0, retransmit_jitter * relative timeout)
3166 Using the default values, packets are retransmitted in:
3168 Retransmission Relative Timeout Absolute Timeout
3171 ─────────────────────────────────────────────────────
3172 1 4s 4s
3173 2 7s 11s
3174 3 13s 24s
3175 4 23s 47s
3176 5 42s 89s
3177 giving up 76s 165s
3178
3180 The variables used above are configured as follows:
3181 ${piddir} /run/strongswan
3183 ${prefix} /usr
3184 ${random_device} /dev/random
3185 ${urandom_device} /dev/urandom
3186
3188 /etc/strongswan.conf configuration file
3189 /etc/strongswan.d/ directory containing included config snippets
3190 /etc/strongswan.d/charon/ plugin specific config snippets
3191
3193 ipsec.conf(5), ipsec.secrets(5), ipsec(8), charon-cmd(8)
3194
3197 Written for the strongSwan project ⟨http://www.strongswan.org⟩ by To‐
3198 bias Brunner, Andreas Steffen and Martin Willi.
31995.9.4 STRONGSWAN.CONF(5)