1STRONGSWAN.CONF(5) strongSwan STRONGSWAN.CONF(5)
2
6 strongswan.conf - strongSwan configuration file
7
9 While the ipsec.conf(5) configuration file is well suited to define
10 IPsec related configuration parameters, it is not useful for other
11 strongSwan applications to read options from this file. The file is
12 hard to parse and only ipsec starter is capable of doing so. As the
13 number of components of the strongSwan project is continually growing,
14 a more flexible configuration file was needed, one that is easy to ex‐
15 tend and can be used by all components. With strongSwan 4.2.1
16 strongswan.conf(5) was introduced which meets these requirements.
17
20 The format of the strongswan.conf file consists of hierarchical sec‐
21 tions and a list of key/value pairs in each section. Each section has a
22 name, followed by C-Style curly brackets defining the section body.
23 Each section body contains a set of subsections and key/value pairs:
24 settings := (section|keyvalue)*
26 section := name { settings }
27 keyvalue := key = value\n
28 Values must be terminated by a newline.
30 Comments are possible using the #-character.
32 Section names and keys may contain any printable character except:
34 . , : { } = " # \n \t space
36 An example file in this format might look like this:
38 a = b
40 section-one {
41 somevalue = asdf
42 subsection {
43 othervalue = xxx
44 }
45 # yei, a comment
46 yetanother = zz
47 }
48 section-two {
49 x = 12
50 }
51 Indentation is optional, you may use tabs or spaces.
53
56 Options that define an integer value can be specified as decimal (the
57 default) or hexadecimal ("0x" prefix, upper- or lowercase letters are
58 accepted). Locale-dependent strings (e.g. the thousands separator of
59 the current locale) may also be accepted in locales other than "C".
60 Options that define a floating-point value can be specified as decimal
62 (the default) or hexadecimal ("0x" prefix, upper- or lowercase letters
63 are accepted). The radix character (decimal separator) in either case
64 is locale-dependent, usually ".".
65
68 Unless stated otherwise, options that define a time are specified in
69 seconds. The "s", "m", "h" and "d" suffixes may be used to automati‐
70 cally convert values given in seconds, minutes, hours or days (for in‐
71 stance, instead of configuring a rekey time of 4 hours as "14400" sec‐
72 onds, "4h" may be used).
73 There are some global options that don't accept these suffixes as they
75 are configured as integer values in seconds or milliseconds, or even as
76 floating-point numbers (e.g. the retransmission timeout). Options that
77 accept the suffixes have a corresponding default value.
78
81 It is possible to inherit settings and sections from another section.
82 This feature is mainly useful in swanctl.conf (which uses the same file
83 format). The syntax is as follows:
84 section := name : references { settings }
86 references := absname[, absname]*
87 absname := name[.name]*
88 All key/value pairs and all subsections of the referenced sections will
90 be inherited by the section that references them via their absolute
91 name. Values may be overridden in the section or any of its sub-sec‐
92 tions (use an empty assignment to clear a value so its default value,
93 if any, will apply). It is currently not possible to limit the inclu‐
94 sion level or clear/remove inherited sub-sections.
95 If the order is important (e.g. for auth rounds in a connection, if
97 round is not used), it should be noted that inherited settings/sections
98 will follow those defined in the current section (if multiple sections
99 are referenced, their settings are enumerated left to right).
100 References are evaluated dynamically at runtime, so referring to sec‐
102 tions later in the config file or included via other files is no prob‐
103 lem.
104 Here is an example of how this might look like:
106 conn-defaults {
108 # default settings for all conns (e.g. a cert, or IP pools)
109 }
110 eap-defaults {
111 # defaults if eap is used (e.g. a remote auth round)
112 }
113 child-defaults {
114 # defaults for child configs (e.g. traffic selectors)
115 }
116 connections {
117 conn-a : conn-defaults, eap-defaults {
118 # set/override stuff specific to this connection
119 children {
120 child-a : child-defaults {
121 # set/override stuff specific to this child
122 }
123 }
124 }
125 conn-b : conn-defaults {
126 # set/override stuff specific to this connection
127 children {
128 child-b : child-defaults {
129 # set/override stuff specific to this child
130 }
131 }
132 }
133 conn-c : connections.conn-a {
134 # everything is inherited, including everything conn-a
135 # already inherits from the sections it and its
136 # sub-section reference
137 }
138 }
139
141 Using the include statement it is possible to include other files into
142 strongswan.conf, e.g.
143 include /some/path/*.conf
145 If the file name is not an absolute path, it is considered to be rela‐
147 tive to the directory of the file containing the include statement. The
148 file name may include shell wildcards (see sh(1)). Also, such inclu‐
149 sions can be nested.
150 Sections loaded from included files extend previously loaded sections;
152 already existing values are replaced. It is important to note that
153 settings are added relative to the section the include statement is in.
154 As an example, the following three files result in the same final con‐
156 fig as the one given above:
157 a = b
159 section-one {
160 somevalue = before include
161 include include.conf
162 }
163 include other.conf
164 include.conf:
166 # settings loaded from this file are added to section-one
167 # the following replaces the previous value
168 somevalue = asdf
169 subsection {
170 othervalue = yyy
171 }
172 yetanother = zz
173 other.conf:
175 # this extends section-one and subsection
176 section-one {
177 subsection {
178 # this replaces the previous value
179 othervalue = xxx
180 }
181 }
182 section-two {
183 x = 12
184 }
185
188 Values are accessed using a dot-separated section list and a key. With
189 reference to the example above, accessing section-one.subsection.other‐
190 value will return xxx.
191
194 The following keys are currently defined (using dot notation). The de‐
195 fault value (if any) is listed in brackets after the key.
196 aikgen.load []
198 Plugins to load in ipsec aikgen tool.
199 attest.database []
202 File measurement information database URI. If it contains a
203 password, make sure to adjust the permissions of the config file
204 accordingly.
205 attest.load []
208 Plugins to load in ipsec attest tool.
209 charon
212 Options for the charon IKE daemon.
213 Note: Many of the options in this section also apply to
215 charon-cmd and other charon derivatives. Just use their respec‐
216 tive name (e.g. charon-cmd instead of charon). For many op‐
217 tions defaults can be defined in the libstrongswan section.
218 charon.accept_private_algs [no]
221 Deliberately violate the IKE standard's requirement and allow
222 the use of private algorithm identifiers, even if the peer im‐
223 plementation is unknown.
224 charon.accept_unencrypted_mainmode_messages [no]
227 Accept unencrypted ID and HASH payloads in IKEv1 Main Mode.
228 Some implementations send the third Main Mode message unen‐
230 crypted, probably to find the PSKs for the specified ID for au‐
231 thentication. This is very similar to Aggressive Mode, and has
232 the same security implications: A passive attacker can sniff the
233 negotiated Identity, and start brute forcing the PSK using the
234 HASH payload.
235 It is recommended to keep this option to no, unless you know ex‐
237 actly what the implications are and require compatibility to
238 such devices (for example, some SonicWall boxes).
239 charon.block_threshold [5]
242 Maximum number of half-open IKE_SAs (including unprocessed
243 IKE_SA_INITs) for a single peer IP.
244 charon.cache_crls [no]
247 Whether Certificate Revocation Lists (CRLs) fetched via HTTP or
248 LDAP should be saved under a unique file name derived from the
249 public key of the Certification Authority (CA) to
250 ${sysconfdir}/ipsec.d/crls (stroke) or
251 ${sysconfdir}/swanctl/x509crl (vici), respectively.
252 charon.cert_cache [yes]
255 Whether relations in validated certificate chains should be
256 cached in memory.
257 charon.check_current_path [no]
260 By default, after detecting any changes to interfaces and/or ad‐
261 dresses no action is taken if the current path to the remote
262 peer still looks usable. Enabling this option will use DPD to
263 check if the path actually still works, or, for instance, the
264 peer removed the state after a longer phase without connectiv‐
265 ity. It will also trigger a MOBIKE update if NAT mappings were
266 removed during the downtime.
267 charon.cisco_flexvpn [no]
270 Send the Cisco FlexVPN vendor ID payload, which is required in
271 order to make Cisco brand devices allow negotiating a local
272 traffic selector (from strongSwan's point of view) that is not
273 the assigned virtual IP address if such an address is requested
274 by strongSwan. Sending the Cisco FlexVPN vendor ID prevents
275 the peer from narrowing the initiator's local traffic selector
276 and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0
277 instead. This has been tested with a "tunnel mode ipsec ipv4"
278 Cisco template but should also work for GRE encapsulation.
279 charon.cisco_unity [no]
282 Send Cisco Unity vendor ID payload (IKEv1 only).
283 charon.close_ike_on_child_failure [no]
286 Close the IKE_SA if setup of the CHILD_SA along with IKE_AUTH
287 failed.
288 charon.cookie_threshold [30]
291 Number of half-open IKE_SAs (including unprocessed IKE_SA_INITs)
292 that activate the cookie mechanism.
293 charon.cookie_threshold_ip [3]
296 Number of half-open IKE_SAs (including unprocessed IKE_SA_INITs)
297 for a single peer IP that activate the cookie mechanism.
298 charon.crypto_test.bench [no]
301 Benchmark crypto algorithms and order them by efficiency.
302 charon.crypto_test.bench_size [1024]
305 Buffer size used for crypto benchmark.
306 charon.crypto_test.bench_time [50]
309 Time in ms during which crypto algorithm performance is mea‐
310 sured.
311 charon.crypto_test.on_add [no]
314 Test crypto algorithms during registration (requires test vec‐
315 tors provided by the test-vectors plugin).
316 charon.crypto_test.on_create [no]
319 Test crypto algorithms on each crypto primitive instantiation.
320 charon.crypto_test.required [no]
323 Strictly require at least one test vector to enable an algo‐
324 rithm.
325 charon.crypto_test.rng_true [no]
328 Whether to test RNG with TRUE quality; requires a lot of en‐
329 tropy.
330 charon.delete_rekeyed [no]
333 Delete CHILD_SAs right after they got successfully rekeyed
334 (IKEv1 only). Reduces the number of stale CHILD_SAs in scenarios
335 with a lot of rekeyings. However, this might cause problems with
336 implementations that continue to use rekeyed SAs until they ex‐
337 pire.
338 charon.delete_rekeyed_delay [5]
341 Delay in seconds until inbound IPsec SAs are deleted after
342 rekeyings (IKEv2 only). To process delayed packets the inbound
343 part of a CHILD_SA is kept installed up to the configured number
344 of seconds after it got replaced during a rekeying. If set to 0
345 the CHILD_SA will be kept installed until it expires (if no
346 lifetime is set it will be destroyed immediately).
347 charon.dh_exponent_ansi_x9_42 [yes]
350 Use ANSI X9.42 DH exponent size or optimum size matched to cryp‐
351 tographic strength.
352 charon.dlopen_use_rtld_now [no]
355 Use RTLD_NOW with dlopen when loading plugins and IMV/IMCs to
356 reveal missing symbols immediately.
357 charon.dns1 []
360 DNS server assigned to peer via configuration payload (CP).
361 charon.dns2 []
364 DNS server assigned to peer via configuration payload (CP).
365 charon.dos_protection [yes]
368 Enable Denial of Service protection using cookies and aggres‐
369 siveness checks.
370 charon.filelog
373 Section to define file loggers, see LOGGER CONFIGURATION in
374 strongswan.conf(5).
375 charon.filelog.<name>
379 <name> may be the full path to the log file if it only contains
380 characters permitted in section names. Is ignored if path is
381 specified.
382 charon.filelog.<name>.<subsystem> [<default>]
385 Loglevel for a specific subsystem.
386 charon.filelog.<name>.append [yes]
389 If this option is enabled log entries are appended to the exist‐
390 ing file.
391 charon.filelog.<name>.default [1]
394 Specifies the default loglevel to be used for subsystems for
395 which no specific loglevel is defined.
396 charon.filelog.<name>.flush_line [no]
399 Enabling this option disables block buffering and enables line
400 buffering.
401 charon.filelog.<name>.ike_name [no]
404 Prefix each log entry with the connection name and a unique nu‐
405 merical identifier for each IKE_SA.
406 charon.filelog.<name>.log_level [no]
409 Add the log level of each message after the subsystem (e.g.
410 [IKE2]).
411 charon.filelog.<name>.path []
414 Optional path to the log file. Overrides the section name. Must
415 be used if the path contains characters that aren't allowed in
416 section names.
417 charon.filelog.<name>.time_add_ms [no]
420 Adds the milliseconds within the current second after the time‐
421 stamp (separated by a dot, so time_format should end with %S or
422 %T).
423 charon.filelog.<name>.time_format []
426 Prefix each log entry with a timestamp. The option accepts a
427 format string as passed to strftime(3).
428 charon.flush_auth_cfg [no]
432 If enabled objects used during authentication (certificates,
433 identities etc.) are released to free memory once an IKE_SA is
434 established. Enabling this might conflict with plugins that
435 later need access to e.g. the used certificates.
436 charon.follow_redirects [yes]
439 Whether to follow IKEv2 redirects (RFC 5685).
440 charon.force_eap_only_authentication [no]
443 Violate RFC 5998 and use EAP-only authentication even if the
444 peer did not send an EAP_ONLY_AUTHENTICATION notify during
445 IKE_AUTH.
446 charon.fragment_size [1280]
449 Maximum size (complete IP datagram size in bytes) of a sent IKE
450 fragment when using proprietary IKEv1 or standardized IKEv2
451 fragmentation, defaults to 1280 (use 0 for address family spe‐
452 cific default values, which uses a lower value for IPv4). If
453 specified this limit is used for both IPv4 and IPv6.
454 charon.group []
457 Name of the group the daemon changes to after startup.
458 charon.half_open_timeout [30]
461 Timeout in seconds for connecting IKE_SAs (also see IKE_SA_INIT
462 DROPPING).
463 charon.hash_and_url [no]
466 Enable hash and URL support.
467 charon.host_resolver.max_threads [3]
470 Maximum number of concurrent resolver threads (they are termi‐
471 nated if unused).
472 charon.host_resolver.min_threads [0]
475 Minimum number of resolver threads to keep around.
476 charon.i_dont_care_about_security_and_use_aggressive_mode_psk [no]
479 If enabled responders are allowed to use IKEv1 Aggressive Mode
480 with pre-shared keys, which is discouraged due to security con‐
481 cerns (offline attacks on the openly transmitted hash of the
482 PSK).
483 charon.ignore_acquire_ts [no]
486 If this is disabled the traffic selectors from the kernel's ac‐
487 quire events, which are derived from the triggering packet, are
488 prepended to the traffic selectors from the configuration for
489 IKEv2 connection. By enabling this, such specific traffic selec‐
490 tors will be ignored and only the ones in the config will be
491 sent. This always happens for IKEv1 connections as the protocol
492 only supports one set of traffic selectors per CHILD_SA.
493 charon.ignore_routing_tables []
496 A space-separated list of routing tables to be excluded from
497 route lookups.
498 charon.ikesa_limit [0]
501 Maximum number of IKE_SAs that can be established at the same
502 time before new connection attempts are blocked.
503 charon.ikesa_table_segments [1]
506 Number of exclusively locked segments in the hash table.
507 charon.ikesa_table_size [1]
510 Size of the IKE_SA hash table.
511 charon.imcv
514 Defaults for options in this section can be configured in the
515 libimcv section.
516 charon.imcv.assessment_result [yes]
519 Whether IMVs send a standard IETF Assessment Result attribute.
520 charon.imcv.database []
523 Global IMV policy database URI. If it contains a password, make
524 sure to adjust the permissions of the config file accordingly.
525 charon.imcv.os_info.default_password_enabled [no]
528 Manually set whether a default password is enabled
529 charon.imcv.os_info.name []
532 Manually set the name of the client OS (e.g. Ubuntu).
533 charon.imcv.os_info.version []
536 Manually set the version of the client OS (e.g. 12.04 i686).
537 charon.imcv.policy_script [ipsec _imv_policy]
540 Script called for each TNC connection to generate IMV policies.
541 charon.inactivity_close_ike [no]
544 Whether to close IKE_SA if the only CHILD_SA closed due to inac‐
545 tivity.
546 charon.init_limit_half_open [0]
549 Limit new connections based on the current number of half open
550 IKE_SAs, see IKE_SA_INIT DROPPING in strongswan.conf(5).
551 charon.init_limit_job_load [0]
555 Limit new connections based on the number of jobs currently
556 queued for processing (see IKE_SA_INIT DROPPING).
557 charon.initiator_only [no]
560 Causes charon daemon to ignore IKE initiation requests.
561 charon.install_routes [yes]
564 Install routes into a separate routing table for established
565 IPsec tunnels.
566 charon.install_virtual_ip [yes]
569 Install virtual IP addresses.
570 charon.install_virtual_ip_on []
573 The name of the interface on which virtual IP addresses should
574 be installed. If not specified the addresses will be installed
575 on the outbound interface.
576 charon.integrity_test [no]
579 Check daemon, libstrongswan and plugin integrity at startup.
580 charon.interfaces_ignore []
583 A comma-separated list of network interfaces that should be ig‐
584 nored, if interfaces_use is specified this option has no effect.
585 charon.interfaces_use []
588 A comma-separated list of network interfaces that should be used
589 by charon. All other interfaces are ignored.
590 charon.keep_alive [20s]
593 NAT keep alive interval.
594 charon.keep_alive_dpd_margin [0s]
597 Number of seconds the keep alive interval may be exceeded before
598 a DPD is sent instead of a NAT keep alive (0 to disable). This
599 is only useful if a clock is used that includes time spent sus‐
600 pended (e.g. CLOCK_BOOTTIME).
601 charon.leak_detective.detailed [yes]
604 Includes source file names and line numbers in leak detective
605 output.
606 charon.leak_detective.usage_threshold [10240]
609 Threshold in bytes for allocations to be included in usage re‐
610 ports (0 to include all).
611 charon.leak_detective.usage_threshold_count [0]
614 Threshold in number of allocations for allocations to be in‐
615 cluded in usage reports (0 to include all).
616 charon.load []
619 Plugins to load in the IKE daemon charon.
620 charon.load_modular [no]
623 If enabled, the list of plugins to load is determined via the
624 value of the charon.plugins.<name>.load options. In addition to
625 a simple boolean flag that option may take an integer value in‐
626 dicating the priority of a plugin, which would influence the or‐
627 der of a plugin in the plugin list (the default is 1). If two
628 plugins have the same priority their order in the default plugin
629 list is preserved. Enabled plugins not found in that list are
630 ordered alphabetically before other plugins with the same prior‐
631 ity.
632 charon.make_before_break [no]
635 Initiate IKEv2 reauthentication with a make-before-break instead
636 of a break-before-make scheme. Make-before-break uses overlap‐
637 ping IKE and CHILD_SA during reauthentication by first recreat‐
638 ing all new SAs before deleting the old ones. This behavior can
639 be beneficial to avoid connectivity gaps during reauthentica‐
640 tion, but requires support for overlapping SAs by the peer.
641 strongSwan can handle such overlapping SAs since version 5.3.0.
642 charon.max_ikev1_exchanges [3]
645 Maximum number of IKEv1 phase 2 exchanges per IKE_SA to keep
646 state about and track concurrently.
647 charon.max_packet [10000]
650 Maximum packet size accepted by charon.
651 charon.multiple_authentication [yes]
654 Enable multiple authentication exchanges (RFC 4739).
655 charon.nbns1 []
658 WINS servers assigned to peer via configuration payload (CP).
659 charon.nbns2 []
662 WINS servers assigned to peer via configuration payload (CP).
663 charon.plugins.addrblock.depth [-1]
666 RFC3779 requires that all addrblocks claimed by a certificate
667 must be contained in the addrblock extension of the issuer cer‐
668 tificate, up to the root CA. The default depth setting of -1 en‐
669 forces this.
670 In practice, third party (root) CAs may not contain the exten‐
672 sion, making the addrblock extension unusable under such CAs. By
673 limiting the validation depth, only a certain level of issuer
674 certificates are validated for proper addrblock extensions: A
675 depth of 0 does not check any issuer certificate extensions, a
676 depth of 1 only the direct issuer of the end entity certificate
677 is checkend, and so on.
678 charon.plugins.addrblock.strict [yes]
681 If set to yes, a subject certificate without an addrblock exten‐
682 sion is rejected if the issuer certificate has such an addrblock
683 extension. If set to no, subject certificates issued without the
684 addrblock extension are accepted without any traffic selector
685 checks and no policy is enforced by the plugin.
686 charon.plugins.android_log.loglevel [1]
689 Loglevel for logging to Android specific logger.
690 charon.plugins.attr
693 Section to specify arbitrary attributes that are assigned to a
694 peer via configuration payload (CP).
695 charon.plugins.attr.<attr> []
698 <attr> can be either address, netmask, dns, nbns, dhcp, subnet,
699 split-include, split-exclude or the numeric identifier of the
700 attribute type. The assigned value can be an IPv4/IPv6 address,
701 a subnet in CIDR notation or an arbitrary value depending on the
702 attribute type. For some attribute types multiple values may be
703 specified as a comma separated list.
704 charon.plugins.attr-sql.crash_recovery [yes]
707 Release all online leases during startup. Disable this to share
708 the DB between multiple VPN gateways.
709 charon.plugins.attr-sql.database []
712 Database URI for attr-sql plugin used by charon. If it contains
713 a password, make sure to adjust the permissions of the config
714 file accordingly.
715 charon.plugins.attr-sql.lease_history [yes]
718 Enable logging of SQL IP pool leases.
719 charon.plugins.bliss.use_bliss_b [yes]
722 Use the enhanced BLISS-B key generation and signature algorithm.
723 charon.plugins.botan.internal_rng_only [no]
726 If enabled, only Botan's internal RNG will be used throughout
727 the plugin. Otherwise, and if supported by Botan, rng_t imple‐
728 mentations provided by other loaded plugins will be used as RNG.
729 charon.plugins.bypass-lan.interfaces_ignore []
732 A comma-separated list of network interfaces for which connected
733 subnets should be ignored, if interfaces_use is specified this
734 option has no effect.
735 charon.plugins.bypass-lan.interfaces_use []
738 A comma-separated list of network interfaces for which connected
739 subnets should be considered. All other interfaces are ignored.
740 charon.plugins.bypass-lan.load [no]
743 charon.plugins.certexpire.csv.cron []
745 Cron style string specifying CSV export times.
746 charon.plugins.certexpire.csv.empty_string []
749 String to use in empty intermediate CA fields.
750 charon.plugins.certexpire.csv.fixed_fields [yes]
753 Use a fixed intermediate CA field count.
754 charon.plugins.certexpire.csv.force [yes]
757 Force export of all trustchains we have a private key for.
758 charon.plugins.certexpire.csv.format [%d:%m:%Y]
761 strftime(3) format string to export expiration dates as.
762 charon.plugins.certexpire.csv.local []
765 strftime(3) format string for the CSV file name to export local
766 certificates to.
767 charon.plugins.certexpire.csv.remote []
770 strftime(3) format string for the CSV file name to export remote
771 certificates to.
772 charon.plugins.certexpire.csv.separator [,]
775 CSV field separator.
776 charon.plugins.coupling.file []
779 File to store coupling list to.
780 charon.plugins.coupling.hash [sha1]
783 Hashing algorithm to fingerprint coupled certificates.
784 charon.plugins.coupling.max [1]
787 Maximum number of coupling entries to create.
788 charon.plugins.curl.redir [-1]
791 Maximum number of redirects followed by the plugin, set to 0 to
792 disable following redirects, set to -1 for no limit.
793 charon.plugins.dhcp.force_server_address [no]
796 Always use the configured server address. This might be helpful
797 if the DHCP server runs on the same host as strongSwan, and the
798 DHCP daemon does not listen on the loopback interface. In that
799 case the server cannot be reached via unicast (or even
800 255.255.255.255) as that would be routed via loopback. Setting
801 this option to yes and configuring the local broadcast address
802 (e.g. 192.168.0.255) as server address might work.
803 charon.plugins.dhcp.identity_lease [no]
806 Derive user-defined MAC address from hash of IKE identity and
807 send client identity DHCP option.
808 charon.plugins.dhcp.interface []
811 Interface name the plugin uses for address allocation. The de‐
812 fault is to bind to any (0.0.0.0) and let the system decide
813 which way to route the packets to the DHCP server.
814 charon.plugins.dhcp.server [255.255.255.255]
817 DHCP server unicast or broadcast IP address.
818 charon.plugins.dhcp.use_server_port [no]
821 Use the DHCP server port (67) as source port, instead of the
822 DHCP client port (68), when a unicast server address is config‐
823 ured and the plugin acts as relay agent. When replying in this
824 mode the DHCP server will always send packets to the DHCP server
825 port and if no process binds that port an ICMP port unreachables
826 will be sent back, which might be problematic for some DHCP
827 servers. To avoid that, enabling this option will cause the
828 plugin to bind the DHCP server port to send its requests when
829 acting as relay agent. This is not necessary if a DHCP server is
830 already running on the same host and might even cause conflicts
831 (and since the server port is already bound, ICMPs should not be
832 an issue).
833 charon.plugins.dnscert.enable [no]
836 Enable fetching of CERT RRs via DNS.
837 charon.plugins.drbg.max_drbg_requests [4294967294]
840 Number of pseudo-random bit requests from the DRBG before an au‐
841 tomatic reseeding occurs.
842 charon.plugins.duplicheck.enable [yes]
845 Enable duplicheck plugin (if loaded).
846 charon.plugins.duplicheck.socket [unix://${piddir}/charon.dck]
849 Socket provided by the duplicheck plugin.
850 charon.plugins.eap-aka.request_identity [yes]
853 charon.plugins.eap-aka-3gpp.seq_check []
855 Enable to activate sequence check of the AKA SQN values in order
856 to trigger resync cycles.
857 charon.plugins.eap-aka-3gpp2.seq_check []
860 Enable to activate sequence check of the AKA SQN values in order
861 to trigger resync cycles.
862 charon.plugins.eap-dynamic.prefer_user [no]
865 If enabled the EAP methods proposed in an EAP-Nak message sent
866 by the peer are preferred over the methods registered locally.
867 charon.plugins.eap-dynamic.preferred []
870 The preferred EAP method(s) to be used. If it is not given the
871 first registered method will be used initially. If a comma sep‐
872 arated list is given the methods are tried in the given order
873 before trying the rest of the registered methods.
874 charon.plugins.eap-gtc.backend [pam]
877 XAuth backend to be used for credential verification.
878 charon.plugins.eap-peap.fragment_size [1024]
881 Maximum size of an EAP-PEAP packet.
882 charon.plugins.eap-peap.include_length [no]
885 Include length in non-fragmented EAP-PEAP packets.
886 charon.plugins.eap-peap.max_message_count [32]
889 Maximum number of processed EAP-PEAP packets (0 = no limit).
890 charon.plugins.eap-peap.phase2_method [mschapv2]
893 Phase2 EAP client authentication method.
894 charon.plugins.eap-peap.phase2_piggyback [no]
897 Phase2 EAP Identity request piggybacked by server onto TLS Fin‐
898 ished message.
899 charon.plugins.eap-peap.phase2_tnc [no]
902 Start phase2 EAP TNC protocol after successful client authenti‐
903 cation.
904 charon.plugins.eap-peap.request_peer_auth [no]
907 Request peer authentication based on a client certificate.
908 charon.plugins.eap-radius.accounting [no]
911 Send RADIUS accounting information to RADIUS servers.
912 charon.plugins.eap-radius.accounting_close_on_timeout [yes]
915 Close the IKE_SA if there is a timeout during interim RADIUS ac‐
916 counting updates.
917 charon.plugins.eap-radius.accounting_interval [0s]
920 Interval in seconds for interim RADIUS accounting updates, if
921 not specified by the RADIUS server in the Access-Accept message.
922 charon.plugins.eap-radius.accounting_requires_vip [no]
925 If enabled, accounting is disabled unless an IKE_SA has at least
926 one virtual IP. Only for IKEv2, for IKEv1 a virtual IP is
927 strictly necessary.
928 charon.plugins.eap-radius.accounting_send_class [no]
931 If enabled, adds the Class attributes received in Access-Accept
932 message to the RADIUS accounting messages.
933 charon.plugins.eap-radius.class_group [no]
936 Use the class attribute sent in the RADIUS-Accept message as
937 group membership information that is compared to the groups
938 specified in the rightgroups option in ipsec.conf(5).
939 charon.plugins.eap-radius.close_all_on_timeout [no]
943 Closes all IKE_SAs if communication with the RADIUS server times
944 out. If it is not set only the current IKE_SA is closed.
945 charon.plugins.eap-radius.dae.enable [no]
948 Enables support for the Dynamic Authorization Extension (RFC
949 5176).
950 charon.plugins.eap-radius.dae.listen [0.0.0.0]
953 Address to listen for DAE messages from the RADIUS server.
954 charon.plugins.eap-radius.dae.port [3799]
957 Port to listen for DAE requests.
958 charon.plugins.eap-radius.dae.secret []
961 Shared secret used to verify/sign DAE messages. If set, make
962 sure to adjust the permissions of the config file accordingly.
963 charon.plugins.eap-radius.eap_start [no]
966 Send EAP-Start instead of EAP-Identity to start RADIUS conversa‐
967 tion.
968 charon.plugins.eap-radius.filter_id [no]
971 If the RADIUS tunnel_type attribute with value ESP is received,
972 use the filter_id attribute sent in the RADIUS-Accept message as
973 group membership information that is compared to the groups
974 specified in the rightgroups option in ipsec.conf(5).
975 charon.plugins.eap-radius.forward.ike_to_radius []
979 RADIUS attributes to be forwarded from IKEv2 to RADIUS (can be
980 defined by name or attribute number, a colon can be used to
981 specify vendor-specific attributes, e.g. Reply-Message, or 11,
982 or 36906:12).
983 charon.plugins.eap-radius.forward.radius_to_ike []
986 Same as charon.plugins.eap-radius.forward.ike_to_radius but from
987 RADIUS to IKEv2, a strongSwan specific private notify (40969) is
988 used to transmit the attributes.
989 charon.plugins.eap-radius.id_prefix []
992 Prefix to EAP-Identity, some AAA servers use a IMSI prefix to
993 select the EAP method.
994 charon.plugins.eap-radius.nas_identifier [strongSwan]
997 NAS-Identifier to include in RADIUS messages.
998 charon.plugins.eap-radius.port [1812]
1001 Port of RADIUS server (authentication).
1002 charon.plugins.eap-radius.retransmit_base [1.4]
1005 Base to use for calculating exponential back off.
1006 charon.plugins.eap-radius.retransmit_timeout [2.0]
1009 Timeout in seconds before sending first retransmit.
1010 charon.plugins.eap-radius.retransmit_tries [4]
1013 Number of times to retransmit a packet before giving up.
1014 charon.plugins.eap-radius.secret []
1017 Shared secret between RADIUS and NAS. If set, make sure to ad‐
1018 just the permissions of the config file accordingly.
1019 charon.plugins.eap-radius.server []
1022 IP/Hostname of RADIUS server.
1023 charon.plugins.eap-radius.servers
1026 Section to specify multiple RADIUS servers. The nas_identifier,
1027 secret, sockets and port (or auth_port) options can be specified
1028 for each server. A server's IP/Hostname can be configured using
1029 the address option. The acct_port [1813] option can be used to
1030 specify the port used for RADIUS accounting. For each RADIUS
1031 server a priority can be specified using the preference [0] op‐
1032 tion. The retransmission time for each server can set set using
1033 retransmit_base, retransmit_timeout and retransmit_tries.
1034 charon.plugins.eap-radius.sockets [1]
1038 Number of sockets (ports) to use, increase for high load.
1039 charon.plugins.eap-radius.station_id_with_port [yes]
1042 Whether to include the UDP port in the Called- and Calling-Sta‐
1043 tion-Id RADIUS attributes.
1044 charon.plugins.eap-radius.xauth
1047 Section to configure multiple XAuth authentication rounds via
1048 RADIUS. The subsections define so called authentication profiles
1049 with arbitrary names. In each profile section one or more XAuth
1050 types can be configured, with an assigned message. For each type
1051 a separate XAuth exchange will be initiated and all replies get
1052 concatenated into the User-Password attribute, which then gets
1053 verified over RADIUS.
1054 Available XAuth types are password, passcode, nextpin, and an‐
1056 swer. This type is not relevant to strongSwan or the AAA
1057 server, but the client may show a different dialog (along with
1058 the configured message).
1059 To use the configured profiles, they have to be configured in
1061 the respective connection in ipsec.conf(5) by appending the pro‐
1062 file name, separated by a colon, to the xauth-radius XAauth
1063 backend configuration in rightauth or rightauth2, for instance,
1064 rightauth2=xauth-radius:profile.
1065 charon.plugins.eap-sim.request_identity [yes]
1069 charon.plugins.eap-simaka-sql.database []
1071 charon.plugins.eap-simaka-sql.remove_used [no]
1073 charon.plugins.eap-tls.fragment_size [1024]
1075 Maximum size of an EAP-TLS packet.
1076 charon.plugins.eap-tls.include_length [yes]
1079 Include length in non-fragmented EAP-TLS packets.
1080 charon.plugins.eap-tls.max_message_count [32]
1083 Maximum number of processed EAP-TLS packets (0 = no limit).
1084 charon.plugins.eap-tnc.max_message_count [10]
1087 Maximum number of processed EAP-TNC packets (0 = no limit).
1088 charon.plugins.eap-tnc.protocol [tnccs-2.0]
1091 IF-TNCCS protocol version to be used (tnccs-1.1, tnccs-2.0,
1092 tnccs-dynamic).
1093 charon.plugins.eap-ttls.fragment_size [1024]
1097 Maximum size of an EAP-TTLS packet.
1098 charon.plugins.eap-ttls.include_length [yes]
1101 Include length in non-fragmented EAP-TTLS packets.
1102 charon.plugins.eap-ttls.max_message_count [32]
1105 Maximum number of processed EAP-TTLS packets (0 = no limit).
1106 charon.plugins.eap-ttls.phase2_method [md5]
1109 Phase2 EAP client authentication method.
1110 charon.plugins.eap-ttls.phase2_piggyback [no]
1113 Phase2 EAP Identity request piggybacked by server onto TLS Fin‐
1114 ished message.
1115 charon.plugins.eap-ttls.phase2_tnc [no]
1118 Start phase2 EAP TNC protocol after successful client authenti‐
1119 cation.
1120 charon.plugins.eap-ttls.phase2_tnc_method [pt]
1123 Phase2 EAP TNC transport protocol (pt as IETF standard or legacy
1124 tnc)
1125 charon.plugins.eap-ttls.request_peer_auth [no]
1129 Request peer authentication based on a client certificate.
1130 charon.plugins.error-notify.socket [unix://${piddir}/charon.enfy]
1133 Socket provided by the error-notify plugin.
1134 charon.plugins.ext-auth.script []
1137 Command to pass to the system shell for peer authorization. Au‐
1138 thorization is considered successful if the command executes
1139 normally with an exit code of zero. For all other exit codes
1140 IKE_SA authorization is rejected.
1141 The following environment variables get passed to the script:
1143 IKE_UNIQUE_ID: The IKE_SA numerical unique identifier.
1144 IKE_NAME: The peer configuration connection name. IKE_LO‐
1145 CAL_HOST: Local IKE IP address. IKE_REMOTE_HOST: Remote IKE IP
1146 address. IKE_LOCAL_ID: Local IKE identity. IKE_REMOTE_ID: Re‐
1147 mote IKE identity. IKE_REMOTE_EAP_ID: Remote EAP or XAuth iden‐
1148 tity, if used.
1149 charon.plugins.forecast.groups
1152 [224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250]
1153 Comma separated list of multicast groups to join locally. The
1154 local host receives and forwards packets in the local LAN for
1155 joined multicast groups only. Packets matching the list of mul‐
1156 ticast groups get forwarded to connected clients. The default
1157 group includes host multicasts, IGMP, mDNS, LLMNR and
1158 SSDP/WS-Discovery, and is usually a good choice for Windows
1159 clients.
1160 charon.plugins.forecast.interface []
1163 Name of the local interface to listen for broadcasts messages to
1164 forward. If no interface is configured, the first usable inter‐
1165 face is used, which is usually just fine for single-homed hosts.
1166 If your host has multiple interfaces, set this option to the lo‐
1167 cal LAN interface you want to forward broadcasts from/to.
1168 charon.plugins.forecast.reinject []
1171 Comma separated list of CHILD_SA configuration names for which
1172 to perform multi/broadcast reinjection. For clients connecting
1173 over such a configuration, any multi/broadcast received over the
1174 tunnel gets reinjected to all active tunnels. This makes the
1175 broadcasts visible to other peers, and for examples allows
1176 clients to see others shares. If disabled, multi/broadcast mes‐
1177 sages received over a tunnel are injected to the local network
1178 only, but not to other IPsec clients.
1179 charon.plugins.gcrypt.quick_random [no]
1182 Use faster random numbers in gcrypt; for testing only, produces
1183 weak keys!
1184 charon.plugins.ha.autobalance [0]
1187 Interval in seconds to automatically balance handled segments
1188 between nodes. Set to 0 to disable.
1189 charon.plugins.ha.buflen [2048]
1192 Buffer size for received HA messages. For IKEv1 the public DH
1193 factors are also transmitted so depending on the DH group the HA
1194 messages can get quite big (the default should be fine up to
1195 modp4096).
1196 charon.plugins.ha.fifo_interface [yes]
1200 charon.plugins.ha.heartbeat_delay [1000]
1202 charon.plugins.ha.heartbeat_timeout [2100]
1204 charon.plugins.ha.local []
1206 charon.plugins.ha.monitor [yes]
1208 charon.plugins.ha.pools []
1210 charon.plugins.ha.remote []
1212 charon.plugins.ha.resync [yes]
1214 charon.plugins.ha.secret []
1216 charon.plugins.ha.segment_count [1]
1218 charon.plugins.ipseckey.enable [no]
1220 Enable fetching of IPSECKEY RRs via DNS.
1221 charon.plugins.kernel-libipsec.allow_peer_ts [no]
1224 Allow that the remote traffic selector equals the IKE peer. The
1225 route installed for such traffic (via TUN device) usually pre‐
1226 vents further IKE traffic. The fwmark options for the ker‐
1227 nel-netlink and socket-default plugins can be used to circumvent
1228 that problem.
1229 charon.plugins.kernel-netlink.buflen [<min(PAGE_SIZE, 8192)>]
1232 Buffer size for received Netlink messages.
1233 charon.plugins.kernel-netlink.force_receive_buffer_size [no]
1236 If the maximum Netlink socket receive buffer in bytes set by re‐
1237 ceive_buffer_size exceeds the system-wide maximum from
1238 /proc/sys/net/core/rmem_max, this option can be used to override
1239 the limit. Enabling this option requires special privileges
1240 (CAP_NET_ADMIN).
1241 charon.plugins.kernel-netlink.fwmark []
1244 Firewall mark to set on the routing rule that directs traffic to
1245 our routing table. The format is [!]mark[/mask], where the op‐
1246 tional exclamation mark inverts the meaning (i.e. the rule only
1247 applies to packets that don't match the mark).
1248 charon.plugins.kernel-netlink.hw_offload_feature_interface [lo]
1251 If the kernel supports hardware offloading, the plugin needs to
1252 find the feature flag which represents hardware offloading sup‐
1253 port for network devices. Using the loopback device for this
1254 purpose is usually fine, since it should always be present. For
1255 rare cases in which the loopback device cannot be used to obtain
1256 the appropriate feature flag, this option can be used to specify
1257 an alternative interface for offload feature detection.
1258 charon.plugins.kernel-netlink.ignore_retransmit_errors [no]
1261 Whether to ignore errors potentially resulting from a retrans‐
1262 mission.
1263 charon.plugins.kernel-netlink.mss [0]
1266 MSS to set on installed routes, 0 to disable.
1267 charon.plugins.kernel-netlink.mtu [0]
1270 MTU to set on installed routes, 0 to disable.
1271 charon.plugins.kernel-netlink.parallel_route [no]
1274 Whether to perform concurrent Netlink ROUTE queries on a single
1275 socket. While parallel queries can improve throughput, it has
1276 more overhead. On vanilla Linux, DUMP queries fail with EBUSY
1277 and must be retried, further decreasing performance.
1278 charon.plugins.kernel-netlink.parallel_xfrm [no]
1281 Whether to perform concurrent Netlink XFRM queries on a single
1282 socket.
1283 charon.plugins.kernel-netlink.policy_update [no]
1286 Whether to always use XFRM_MSG_UPDPOLICY to install policies.
1287 charon.plugins.kernel-netlink.port_bypass [no]
1290 Whether to use port or socket based IKE XFRM bypass policies.
1291 IKE bypass policies are used to exempt IKE traffic from XFRM
1292 processing. The default socket based policies are directly tied
1293 to the IKE UDP sockets, port based policies use global XFRM by‐
1294 pass policies for the used IKE UDP ports.
1295 charon.plugins.kernel-netlink.process_rules [no]
1298 Whether to process changes in routing rules to trigger roam
1299 events. This is currently only useful if the kernel based route
1300 lookup is used (i.e. if route installation is disabled or an in‐
1301 verted fwmark match is configured).
1302 charon.plugins.kernel-netlink.receive_buffer_size [0]
1305 Maximum Netlink socket receive buffer in bytes. This value con‐
1306 trols how many bytes of Netlink messages can be received on a
1307 Netlink socket. The default value is set by
1308 /proc/sys/net/core/rmem_default. The specified value cannot ex‐
1309 ceed the system-wide maximum from /proc/sys/net/core/rmem_max,
1310 unless force_receive_buffer_size is enabled.
1311 charon.plugins.kernel-netlink.retries [0]
1314 Number of Netlink message retransmissions to send on timeout.
1315 charon.plugins.kernel-netlink.roam_events [yes]
1318 Whether to trigger roam events when interfaces, addresses or
1319 routes change.
1320 charon.plugins.kernel-netlink.set_proto_port_transport_sa [no]
1323 Whether to set protocol and ports in the selector installed on
1324 transport mode IPsec SAs in the kernel. While doing so enforces
1325 policies for inbound traffic, it also prevents the use of a sin‐
1326 gle IPsec SA by more than one traffic selector.
1327 charon.plugins.kernel-netlink.spdh_thresh
1330 XFRM policy hashing threshold configuration for IPv4 and IPv6.
1331 The section defines hashing thresholds to configure in the ker‐
1333 nel during daemon startup. Each address family takes a threshold
1334 for the local subnet of an IPsec policy (src in out-policies,
1335 dst in in- and forward-policies) and the remote subnet (dst in
1336 out-policies, src in in- and forward-policies).
1337 If the subnet has more or equal net bits than the threshold, the
1339 first threshold bits are used to calculate a hash to lookup the
1340 policy.
1341 Policy hashing thresholds are not supported before Linux 3.18
1343 and might conflict with socket policies before Linux 4.8.
1344 charon.plugins.kernel-netlink.spdh_thresh.ipv4.lbits [32]
1347 Local subnet XFRM policy hashing threshold for IPv4.
1348 charon.plugins.kernel-netlink.spdh_thresh.ipv4.rbits [32]
1351 Remote subnet XFRM policy hashing threshold for IPv4.
1352 charon.plugins.kernel-netlink.spdh_thresh.ipv6.lbits [128]
1355 Local subnet XFRM policy hashing threshold for IPv6.
1356 charon.plugins.kernel-netlink.spdh_thresh.ipv6.rbits [128]
1359 Remote subnet XFRM policy hashing threshold for IPv6.
1360 charon.plugins.kernel-netlink.timeout [0]
1363 Netlink message retransmission timeout, 0 to disable retransmis‐
1364 sions.
1365 charon.plugins.kernel-netlink.xfrm_acq_expires [165]
1368 Lifetime of XFRM acquire state created by the kernel when traf‐
1369 fic matches a trap policy. The value gets written to
1370 /proc/sys/net/core/xfrm_acq_expires. Indirectly controls the
1371 delay between XFRM acquire messages triggered by the kernel for
1372 a trap policy. The same value is used as timeout for SPIs allo‐
1373 cated by the kernel. The default value equals the total re‐
1374 transmission timeout for IKE messages, see IKEv2 RETRANSMISSION
1375 in strongswan.conf(5).
1376 charon.plugins.kernel-pfkey.events_buffer_size [0]
1380 Size of the receive buffer for the event socket (0 for default
1381 size). Because events are received asynchronously installing
1382 e.g. lots of policies may require a larger buffer than the de‐
1383 fault on certain platforms in order to receive all messages.
1384 charon.plugins.kernel-pfkey.route_via_internal [no]
1387 Whether to use the internal or external interface in installed
1388 routes. The internal interface is the one where the IP address
1389 contained in the local traffic selector is located, the external
1390 interface is the one over which the destination address of the
1391 IPsec tunnel can be reached. This is not relevant if virtual IPs
1392 are used, for which a TUN device is created that's used in the
1393 routes.
1394 charon.plugins.kernel-pfroute.mtu [1400]
1397 MTU to set on TUN devices created for virtual IPs.
1398 charon.plugins.kernel-pfroute.vip_wait [1000]
1401 Time in ms to wait until virtual IP addresses appear/disappear
1402 before failing.
1403 charon.plugins.led.activity_led []
1406 charon.plugins.led.blink_time [50]
1408 charon.plugins.load-tester
1410 Section to configure the load-tester plugin, see LOAD TESTS in
1411 strongswan.conf(5) for details.
1412 charon.plugins.load-tester.addrs
1415 Section that contains key/value pairs with address pools (in
1416 CIDR notation) to use for a specific network interface e.g. eth0
1417 = 10.10.0.0/16.
1418 charon.plugins.load-tester.addrs_keep [no]
1421 Whether to keep dynamic addresses even after the associated SA
1422 got terminated.
1423 charon.plugins.load-tester.addrs_prefix [16]
1426 Network prefix length to use when installing dynamic addresses.
1427 If set to -1 the full address is used (i.e. 32 or 128).
1428 charon.plugins.load-tester.ca_dir []
1431 Directory to load (intermediate) CA certificates from.
1432 charon.plugins.load-tester.child_rekey [600]
1435 Seconds to start CHILD_SA rekeying after setup.
1436 charon.plugins.load-tester.crl []
1439 URI to a CRL to include as certificate distribution point in
1440 generated certificates.
1441 charon.plugins.load-tester.delay [0]
1444 Delay between initiations for each thread.
1445 charon.plugins.load-tester.delete_after_established [no]
1448 Delete an IKE_SA as soon as it has been established.
1449 charon.plugins.load-tester.digest [sha1]
1452 Digest algorithm used when issuing certificates.
1453 charon.plugins.load-tester.dpd_delay [0]
1456 DPD delay to use in load test.
1457 charon.plugins.load-tester.dynamic_port [0]
1460 Base port to be used for requests (each client uses a different
1461 port).
1462 charon.plugins.load-tester.eap_password [default-pwd]
1465 EAP secret to use in load test.
1466 charon.plugins.load-tester.enable [no]
1469 Enable the load testing plugin. WARNING: Never enable this
1470 plugin on productive systems. It provides preconfigured creden‐
1471 tials and allows an attacker to authenticate as any user.
1472 charon.plugins.load-tester.esp [aes128-sha1]
1475 CHILD_SA proposal to use for load tests.
1476 charon.plugins.load-tester.fake_kernel [no]
1479 Fake the kernel interface to allow load-testing against self.
1480 charon.plugins.load-tester.ike_rekey [0]
1483 Seconds to start IKE_SA rekeying after setup.
1484 charon.plugins.load-tester.init_limit [0]
1487 Global limit of concurrently established SAs during load test.
1488 charon.plugins.load-tester.initiator [0.0.0.0]
1491 Address to initiate from.
1492 charon.plugins.load-tester.initiator_auth [pubkey]
1495 Authentication method(s) the initiator uses.
1496 charon.plugins.load-tester.initiator_id []
1499 Initiator ID used in load test.
1500 charon.plugins.load-tester.initiator_match []
1503 Initiator ID to match against as responder.
1504 charon.plugins.load-tester.initiator_tsi []
1507 Traffic selector on initiator side, as proposed by initiator.
1508 charon.plugins.load-tester.initiator_tsr []
1511 Traffic selector on responder side, as proposed by initiator.
1512 charon.plugins.load-tester.initiators [0]
1515 Number of concurrent initiator threads to use in load test.
1516 charon.plugins.load-tester.issuer_cert []
1519 Path to the issuer certificate (if not configured a hard-coded
1520 default value is used).
1521 charon.plugins.load-tester.issuer_key []
1524 Path to private key that is used to issue certificates (if not
1525 configured a hard-coded default value is used).
1526 charon.plugins.load-tester.iterations [1]
1529 Number of IKE_SAs to initiate by each initiator in load test.
1530 charon.plugins.load-tester.mode [tunnel]
1533 IPsec mode to use, one of tunnel, transport, or beet.
1534 charon.plugins.load-tester.pool []
1538 Provide INTERNAL_IPV4_ADDRs from a named pool.
1539 charon.plugins.load-tester.preshared_key [<default-psk>]
1542 Preshared key to use in load test.
1543 charon.plugins.load-tester.proposal [aes128-sha1-modp768]
1546 IKE proposal to use in load test.
1547 charon.plugins.load-tester.request_virtual_ip [no]
1550 Request an INTERNAL_IPV4_ADDR and INTERNAL_IPV6_ADDR from the
1551 server.
1552 charon.plugins.load-tester.responder [127.0.0.1]
1555 Address to initiation connections to.
1556 charon.plugins.load-tester.responder_auth [pubkey]
1559 Authentication method(s) the responder uses.
1560 charon.plugins.load-tester.responder_id []
1563 Responder ID used in load test.
1564 charon.plugins.load-tester.responder_tsi [initiator_tsi]
1567 Traffic selector on initiator side, as narrowed by responder.
1568 charon.plugins.load-tester.responder_tsr [initiator_tsr]
1571 Traffic selector on responder side, as narrowed by responder.
1572 charon.plugins.load-tester.shutdown_when_complete [no]
1575 Shutdown the daemon after all IKE_SAs have been established.
1576 charon.plugins.load-tester.socket [unix://${piddir}/charon.ldt]
1579 Socket provided by the load-tester plugin.
1580 charon.plugins.load-tester.version [0]
1583 IKE version to use (0 means use IKEv2 as initiator and accept
1584 any version as responder).
1585 charon.plugins.lookip.socket [unix://${piddir}/charon.lkp]
1588 Socket provided by the lookip plugin.
1589 charon.plugins.ntru.parameter_set [optimum]
1592 The following parameter sets are available: x9_98_speed,
1593 x9_98_bandwidth, x9_98_balance and optimum, the last set not be‐
1594 ing part of the X9.98 standard but having the best performance.
1595 charon.plugins.openssl.engine_id [pkcs11]
1598 ENGINE ID to use in the OpenSSL plugin.
1599 charon.plugins.openssl.fips_mode [0]
1602 Set OpenSSL FIPS mode. With OpenSSL before 3.0, the supported
1603 values are disabled(0), enabled(1) and Suite B enabled(2). With
1604 OpenSSL 3+, any value other than 0 will explicitly load the fips
1605 and base providers (load_legacy will be ignored). The latter
1606 still requires the config in fipsmodule.cnf (e.g. for the mod‐
1607 ule's MAC), but allows explicitly loading the provider if it's
1608 not activated in that config.
1609 charon.plugins.openssl.load_legacy [yes]
1612 Load the legacy provider in OpenSSL 3+ for algorithms like MD4,
1613 DES, or Blowfish (the first two are required for EAP-MSCHAPv2).
1614 If disabled, the default provider is loaded, or those configured
1615 in the OpenSSL config (e.g. the fips provider).
1616 charon.plugins.osx-attr.append [yes]
1619 Whether DNS servers are appended to existing entries, instead of
1620 replacing them.
1621 charon.plugins.p-cscf.enable
1624 Section to enable requesting P-CSCF server addresses for indi‐
1625 vidual connections.
1626 charon.plugins.p-cscf.enable.<conn> [no]
1629 <conn> is the name of a connection with an ePDG from which to
1630 request P-CSCF server addresses. Requests will be sent for ad‐
1631 dresses of the same families for which internal IPs are re‐
1632 quested.
1633 charon.plugins.pkcs11.modules
1636 List of available PKCS#11 modules.
1637 charon.plugins.pkcs11.modules.<name>.load_certs [yes]
1640 Whether to automatically load certificates from tokens.
1641 charon.plugins.pkcs11.modules.<name>.os_locking [no]
1644 Whether OS locking should be enabled for this module.
1645 charon.plugins.pkcs11.modules.<name>.path []
1648 Full path to the shared object file of this PKCS#11 module.
1649 charon.plugins.pkcs11.reload_certs [no]
1652 Reload certificates from all tokens if charon receives a SIGHUP.
1653 charon.plugins.pkcs11.use_dh [no]
1656 Whether the PKCS#11 modules should be used for DH and ECDH (see
1657 use_ecc option).
1658 charon.plugins.pkcs11.use_ecc [no]
1661 Whether the PKCS#11 modules should be used for ECDH and ECDSA
1662 public key operations. ECDSA private keys can be used regardless
1663 of this option.
1664 charon.plugins.pkcs11.use_hasher [no]
1667 Whether the PKCS#11 modules should be used to hash data.
1668 charon.plugins.pkcs11.use_pubkey [no]
1671 Whether the PKCS#11 modules should be used for public key opera‐
1672 tions, even for keys not stored on tokens.
1673 charon.plugins.pkcs11.use_rng [no]
1676 Whether the PKCS#11 modules should be used as RNG.
1677 charon.plugins.radattr.dir []
1680 Directory where RADIUS attributes are stored in client-ID spe‐
1681 cific files.
1682 charon.plugins.radattr.message_id [-1]
1685 Attributes are added to all IKE_AUTH messages by default (-1),
1686 or only to the IKE_AUTH message with the given IKEv2 message ID.
1687 charon.plugins.random.random [${random_device}]
1690 File to read random bytes from.
1691 charon.plugins.random.strong_equals_true [no]
1694 If set to yes the RNG_STRONG class reads random bytes from the
1695 same source as the RNG_TRUE class.
1696 charon.plugins.random.urandom [${urandom_device}]
1699 File to read pseudo random bytes from.
1700 charon.plugins.resolve.file [/etc/resolv.conf]
1703 File where to add DNS server entries if not using resolvconf(8).
1704 charon.plugins.resolve.resolvconf.iface [lo.ipsec]
1707 The interface name and protocol sent to resolvconf(8). This has
1708 to be a valid interface name according to the rules defined by
1709 resolvconf. Also, it should have a high priority according to
1710 the order defined in interface-order(5) if relevant on the sys‐
1711 tem.
1712 charon.plugins.resolve.resolvconf.path [/sbin/resolvconf]
1715 Path/command for resolvconf(8). The command is executed by a
1716 shell, so "resolvconf" will work if it's in $PATH of the daemon.
1717 If not configured, resolvconf(8) will be used if found at the
1719 default location. Otherwise, the file in charon.plugins.re‐
1720 solve.file will be modified directly.
1721 charon.plugins.revocation.enable_crl [yes]
1724 Whether CRL validation should be enabled.
1725 charon.plugins.revocation.enable_ocsp [yes]
1728 Whether OCSP validation should be enabled.
1729 charon.plugins.revocation.timeout [10s]
1732 Timeout used when fetching OCSP/CRL.
1733 charon.plugins.save-keys.esp [no]
1736 Whether to save ESP keys.
1737 charon.plugins.save-keys.ike [no]
1740 Whether to save IKE keys.
1741 charon.plugins.save-keys.load [no]
1744 Whether to load the plugin.
1745 charon.plugins.save-keys.wireshark_keys []
1748 Directory where the keys are stored in the format supported by
1749 Wireshark. IKEv1 keys are stored in the ikev1_decryption_table
1750 file. IKEv2 keys are stored in the ikev2_decryption_table file.
1751 Keys for ESP CHILD_SAs are stored in the esp_sa file.
1752 charon.plugins.socket-default.fwmark []
1755 Firewall mark to set on outbound packets.
1756 charon.plugins.socket-default.set_source [yes]
1759 Set source address on outbound packets, if possible.
1760 charon.plugins.socket-default.set_sourceif [no]
1763 Force sending interface on outbound packets, if possible. This
1764 allows using IPv6 link-local addresses as tunnel endpoints.
1765 charon.plugins.socket-default.use_ipv4 [yes]
1768 Listen on IPv4, if possible.
1769 charon.plugins.socket-default.use_ipv6 [yes]
1772 Listen on IPv6, if possible.
1773 charon.plugins.sql.database []
1776 Database URI for charon's SQL plugin. If it contains a password,
1777 make sure to adjust the permissions of the config file accord‐
1778 ingly.
1779 charon.plugins.sql.loglevel [-1]
1782 Loglevel for logging to SQL database.
1783 charon.plugins.stroke.allow_swap [yes]
1786 Analyze addresses/hostnames in left|right to detect which side
1787 is local and swap configuration options if necessary. If dis‐
1788 abled left is always local.
1789 charon.plugins.stroke.ignore_missing_ca_basic_constraint [no]
1793 Treat certificates in ipsec.d/cacerts and ipsec.conf ca sections
1794 as CA certificates even if they don't contain a CA basic con‐
1795 straint.
1796 charon.plugins.stroke.max_concurrent [4]
1799 Maximum number of stroke messages handled concurrently.
1800 charon.plugins.stroke.prevent_loglevel_changes [no]
1803 If enabled log level changes via stroke socket are not allowed.
1804 charon.plugins.stroke.secrets_file [${sysconfdir}/ipsec.secrets]
1807 Location of the ipsec.secrets file
1808 charon.plugins.stroke.socket [unix://${piddir}/charon.ctl]
1811 Socket provided by the stroke plugin.
1812 charon.plugins.stroke.timeout [0]
1815 Timeout in ms for any stroke command. Use 0 to disable the time‐
1816 out.
1817 charon.plugins.systime-fix.interval [0]
1820 Interval in seconds to check system time for validity. 0 dis‐
1821 ables the check.
1822 charon.plugins.systime-fix.reauth [no]
1825 Whether to use reauth or delete if an invalid cert lifetime is
1826 detected.
1827 charon.plugins.systime-fix.threshold []
1830 Threshold date where system time is considered valid. Disabled
1831 if not specified.
1832 charon.plugins.systime-fix.threshold_format [%Y]
1835 strptime(3) format used to parse threshold option.
1836 charon.plugins.systime-fix.timeout [0s]
1839 How long to wait for a valid system time if an interval is con‐
1840 figured. 0 to recheck indefinitely.
1841 charon.plugins.tnc-ifmap.client_cert []
1844 Path to X.509 certificate file of IF-MAP client.
1845 charon.plugins.tnc-ifmap.client_key []
1848 Path to private key file of IF-MAP client.
1849 charon.plugins.tnc-ifmap.device_name []
1852 Unique name of strongSwan server as a PEP and/or PDP device.
1853 charon.plugins.tnc-ifmap.renew_session_interval [150]
1856 Interval in seconds between periodic IF-MAP RenewSession re‐
1857 quests.
1858 charon.plugins.tnc-ifmap.server_cert []
1861 Path to X.509 certificate file of IF-MAP server.
1862 charon.plugins.tnc-ifmap.server_uri [https://localhost:8444/imap]
1865 URI of the form [https://]servername[:port][/path].
1866 charon.plugins.tnc-ifmap.username_password []
1869 Credentials of IF-MAP client of the form username:password. If
1870 set, make sure to adjust the permissions of the config file ac‐
1871 cordingly.
1872 charon.plugins.tnc-imc.dlclose [yes]
1875 Unload IMC after use.
1876 charon.plugins.tnc-imc.preferred_language [en]
1879 Preferred language for TNC recommendations.
1880 charon.plugins.tnc-imv.dlclose [yes]
1883 Unload IMV after use.
1884 charon.plugins.tnc-imv.recommendation_policy [default]
1887 TNC recommendation policy, one of default, any, or all.
1888 charon.plugins.tnc-pdp.pt_tls.enable [yes]
1892 Enable PT-TLS protocol on the strongSwan PDP.
1893 charon.plugins.tnc-pdp.pt_tls.port [271]
1896 PT-TLS server port the strongSwan PDP is listening on.
1897 charon.plugins.tnc-pdp.radius.enable [yes]
1900 Enable RADIUS protocol on the strongSwan PDP.
1901 charon.plugins.tnc-pdp.radius.method [ttls]
1904 EAP tunnel method to be used.
1905 charon.plugins.tnc-pdp.radius.port [1812]
1908 RADIUS server port the strongSwan PDP is listening on.
1909 charon.plugins.tnc-pdp.radius.secret []
1912 Shared RADIUS secret between strongSwan PDP and NAS. If set,
1913 make sure to adjust the permissions of the config file accord‐
1914 ingly.
1915 charon.plugins.tnc-pdp.server []
1918 Name of the strongSwan PDP as contained in the AAA certificate.
1919 charon.plugins.tnc-pdp.timeout []
1922 Timeout in seconds before closing incomplete connections.
1923 charon.plugins.tnccs-11.max_message_size [45000]
1926 Maximum size of a PA-TNC message (XML & Base64 encoding).
1927 charon.plugins.tnccs-20.max_batch_size [65522]
1930 Maximum size of a PB-TNC batch (upper limit via PT-EAP = 65529).
1931 charon.plugins.tnccs-20.max_message_size [65490]
1934 Maximum size of a PA-TNC message (upper limit via PT-EAP =
1935 65497).
1936 charon.plugins.tnccs-20.mutual [no]
1939 Enable PB-TNC mutual protocol.
1940 charon.plugins.tnccs-20.tests.pb_tnc_noskip [no]
1943 Send an unsupported PB-TNC message type with the NOSKIP flag
1944 set.
1945 charon.plugins.tnccs-20.tests.pb_tnc_version [2]
1948 Send a PB-TNC batch with a modified PB-TNC version.
1949 charon.plugins.tpm.ek_handle []
1952 Handle of the RSA or ECC Endorsement Key (EK) to be used to set
1953 up an authenticated session with a TPM 2.0 (e.g. 0x81010001).
1954 charon.plugins.tpm.fips_186_4 [no]
1957 Is the TPM 2.0 FIPS-186-4 compliant, forcing e.g. the use of the
1958 default salt length instead of maximum salt length with RSAPSS
1959 padding.
1960 charon.plugins.tpm.tcti.name [device|tabrmd]
1963 Name of TPM 2.0 TCTI library. Valid values: tabrmd, device or
1964 mssim. Defaults are device if the /dev/tpmrm0 in-kernel TPM 2.0
1965 resource manager device exists, and tabrmd otherwise, requiring
1966 the d-bus based TPM 2.0 access broker and resource manager to be
1967 available.
1968 charon.plugins.tpm.tcti.opts [/dev/tpmrm0|<none>]
1971 Options for the TPM 2.0 TCTI library. Defaults are /dev/tpmrm0
1972 if the TCTI library name is device and no options otherwise.
1973 charon.plugins.tpm.use_rng [no]
1976 Whether the TPM should be used as RNG. For security reasons en‐
1977 able only if an authenticated session can be set up (see ek_han‐
1978 dle option).
1979 charon.plugins.unbound.dlv_anchors []
1982 File to read trusted keys for DLV (DNSSEC Lookaside Validation)
1983 from. It uses the same format as trust_anchors. Only one DLV
1984 can be configured, which is then used as a root trusted DLV,
1985 this means that it is a lookaside for the root.
1986 charon.plugins.unbound.resolv_conf [/etc/resolv.conf]
1989 File to read DNS resolver configuration from.
1990 charon.plugins.unbound.trust_anchors
1993 [${sysconfdir}/ipsec.d/dnssec.keys]
1994 File to read DNSSEC trust anchors from (usually root zone KSK).
1995 The format of the file is the standard DNS Zone file format, an‐
1996 chors can be stored as DS or DNSKEY entries in the file.
1997 charon.plugins.updown.dns_handler [no]
2000 Whether the updown script should handle DNS servers assigned via
2001 IKEv1 Mode Config or IKEv2 Config Payloads (if enabled they
2002 can't be handled by other plugins, like resolve)
2003 charon.plugins.vici.socket [unix://${piddir}/charon.vici]
2006 Socket the vici plugin serves clients.
2007 charon.plugins.whitelist.enable [yes]
2010 Enable loaded whitelist plugin.
2011 charon.plugins.whitelist.socket [unix://${piddir}/charon.wlst]
2014 Socket provided by the whitelist plugin.
2015 charon.plugins.wolfssl.fips_mode [no]
2018 Enable to prevent loading the plugin if wolfSSL is not in FIPS
2019 mode.
2020 charon.plugins.xauth-eap.backend [radius]
2023 EAP plugin to be used as backend for XAuth credential verifica‐
2024 tion.
2025 charon.plugins.xauth-pam.pam_service [login]
2028 PAM service to be used for authentication.
2029 charon.plugins.xauth-pam.session [no]
2032 Open/close a PAM session for each active IKE_SA.
2033 charon.plugins.xauth-pam.trim_email [yes]
2036 If an email address is received as an XAuth username, trim it to
2037 just the username part.
2038 charon.port [500]
2041 UDP port used locally. If set to 0 a random port will be allo‐
2042 cated.
2043 charon.port_nat_t [4500]
2046 UDP port used locally in case of NAT-T. If set to 0 a random
2047 port will be allocated. Has to be different from charon.port,
2048 otherwise a random port will be allocated.
2049 charon.prefer_best_path [no]
2052 By default, charon keeps SAs on the routing path with addresses
2053 it previously used if that path is still usable. By setting this
2054 option to yes, it tries more aggressively to update SAs with MO‐
2055 BIKE on routing priority changes using the cheapest path. This
2056 adds more noise, but allows to dynamically adapt SAs to routing
2057 priority changes. This option has no effect if MOBIKE is not
2058 supported or disabled.
2059 charon.prefer_configured_proposals [yes]
2062 Prefer locally configured proposals for IKE/IPsec over supplied
2063 ones as responder (disabling this can avoid keying retries due
2064 to INVALID_KE_PAYLOAD notifies).
2065 charon.prefer_temporary_addrs [no]
2068 By default, permanent IPv6 source addresses are preferred over
2069 temporary ones (RFC 4941), to make connections more stable. En‐
2070 able this option to reverse this.
2071 It also affects which IPv6 addresses are announced as additional
2073 addresses if MOBIKE is used. If the option is disabled, only
2074 permanent addresses are sent, and only temporary ones if it is
2075 enabled.
2076 charon.process_route [yes]
2079 Process RTM_NEWROUTE and RTM_DELROUTE events.
2080 charon.processor.priority_threads
2083 Section to configure the number of reserved threads per priority
2084 class see JOB PRIORITY MANAGEMENT in strongswan.conf(5).
2085 charon.rdn_matching [strict]
2089 How RDNs in subject DNs of certificates are matched against con‐
2090 figured identities. Possible values are strict (the default),
2091 reordered, and relaxed. With strict the number, type and order
2092 of all RDNs has to match, wildcards (*) for the values of RDNs
2093 are allowed (that's the case for all three variants). Using re‐
2094 ordered also matches DNs if the RDNs appear in a different or‐
2095 der, the number and type still has to match. Finally, relaxed
2096 also allows matches of DNs that contain more RDNs than the con‐
2097 figured identity (missing RDNs are treated like a wildcard
2098 match).
2099 Note that reordered and relaxed impose a considerable overhead
2101 on memory usage and runtime, in particular, for mismatches, com‐
2102 pared to strict.
2103 charon.receive_delay [0]
2107 Delay in ms for receiving packets, to simulate larger RTT.
2108 charon.receive_delay_request [yes]
2111 Delay request messages.
2112 charon.receive_delay_response [yes]
2115 Delay response messages.
2116 charon.receive_delay_type [0]
2119 Specific IKEv2 message type to delay, 0 for any.
2120 charon.replay_window [32]
2123 Size of the AH/ESP replay window, in packets.
2124 charon.reqid_base [1]
2127 Value of the first reqid to be automatically assigned to a
2128 CHILD_SA.
2129 charon.retransmit_base [1.8]
2132 Base to use for calculating exponential back off, see IKEv2 RE‐
2133 TRANSMISSION in strongswan.conf(5).
2134 charon.retransmit_jitter [0]
2138 Maximum jitter in percent to apply randomly to calculated re‐
2139 transmission timeout (0 to disable).
2140 charon.retransmit_limit [0]
2143 Upper limit in seconds for calculated retransmission timeout (0
2144 to disable).
2145 charon.retransmit_timeout [4.0]
2148 Timeout in seconds before sending first retransmit.
2149 charon.retransmit_tries [5]
2152 Number of times to retransmit a packet before giving up.
2153 charon.retry_initiate_interval [0s]
2156 Interval in seconds to use when retrying to initiate an IKE_SA
2157 (e.g. if DNS resolution failed), 0 to disable retries.
2158 charon.reuse_ikesa [yes]
2161 Initiate CHILD_SA within existing IKE_SAs (always enabled for
2162 IKEv1).
2163 charon.routing_table []
2166 Numerical routing table to install routes to.
2167 charon.routing_table_prio []
2170 Priority of the routing table.
2171 charon.rsa_pss [no]
2174 Whether to use RSA with PSS padding instead of PKCS#1 padding by
2175 default.
2176 charon.rsa_pss_trailerfield [no]
2179 Whether to encode an explicit trailerField value of 0x01 in the
2180 RSA-PSS algorithmIdentifier (CONTEXT3) or using the DEFAULT
2181 value by omitting it.
2182 charon.send_delay [0]
2185 Delay in ms for sending packets, to simulate larger RTT.
2186 charon.send_delay_request [yes]
2189 Delay request messages.
2190 charon.send_delay_response [yes]
2193 Delay response messages.
2194 charon.send_delay_type [0]
2197 Specific IKEv2 message type to delay, 0 for any.
2198 charon.send_vendor_id [no]
2201 Send strongSwan vendor ID payload
2202 charon.signature_authentication [yes]
2205 Whether to enable Signature Authentication as per RFC 7427.
2206 charon.signature_authentication_constraints [yes]
2209 If enabled, signature schemes configured in rightauth, in addi‐
2210 tion to getting used as constraints against signature schemes
2211 employed in the certificate chain, are also used as constraints
2212 against the signature scheme used by peers during IKEv2.
2213 charon.spi_label [0x0000000000000000]
2216 Value mixed into the local IKE SPIs after applying spi_mask.
2217 charon.spi_mask [0x0000000000000000]
2221 Mask applied to local IKE SPIs before mixing in spi_label (bits
2222 set will be replaced with spi_label).
2223 charon.spi_max [0xcfffffff]
2227 The upper limit for SPIs requested from the kernel for IPsec
2228 SAs.
2229 charon.spi_min [0xc0000000]
2232 The lower limit for SPIs requested from the kernel for IPsec
2233 SAs. Should not be set lower than 0x00000100 (256), as SPIs be‐
2234 tween 1 and 255 are reserved by IANA.
2235 charon.start-scripts
2238 Section containing a list of scripts (name = path) that are exe‐
2239 cuted when the daemon is started.
2240 charon.stop-scripts
2243 Section containing a list of scripts (name = path) that are exe‐
2244 cuted when the daemon is terminated.
2245 charon.syslog
2248 Section to define syslog loggers, see LOGGER CONFIGURATION in
2249 strongswan.conf(5).
2250 charon.syslog.<facility>
2254 <facility> is one of the supported syslog facilities, see LOGGER
2255 CONFIGURATION in strongswan.conf(5).
2256 charon.syslog.<facility>.<subsystem> [<default>]
2260 Loglevel for a specific subsystem.
2261 charon.syslog.<facility>.default [1]
2264 Specifies the default loglevel to be used for subsystems for
2265 which no specific loglevel is defined.
2266 charon.syslog.<facility>.ike_name [no]
2269 Prefix each log entry with the connection name and a unique nu‐
2270 merical identifier for each IKE_SA.
2271 charon.syslog.<facility>.log_level [no]
2274 Add the log level of each message after the subsystem (e.g.
2275 [IKE2]).
2276 charon.syslog.<facility>.map_level [-1]
2279 The default setting of -1 passes all messages to syslog using a
2280 log level of LOG_INFO. A non-negative value maps the strongSwan
2281 specific loglevels (0..4) to the syslog level starting at the
2282 specified number. For example, a value of 5 (LOG_NOTICE) maps
2283 strongSwan loglevel 0 to LOG_NOTICE, level 1 to LOG_INFO, and
2284 levels 2, 3 and 4 to LOG_DEBUG. This allows (additional) filter‐
2285 ing of log messages on the syslog server.
2286 charon.syslog.identifier []
2289 Global identifier used for an openlog(3) call, prepended to each
2290 log message by syslog. If not configured, openlog(3) is not
2291 called, so the value will depend on system defaults (often the
2292 program name).
2293 charon.threads [16]
2296 Number of worker threads in charon. Several of these are re‐
2297 served for long running tasks in internal modules and plugins.
2298 Therefore, make sure you don't set this value too low. The num‐
2299 ber of idle worker threads listed in ipsec statusall might be
2300 used as indicator on the number of reserved threads.
2301 charon.tls.cipher []
2304 List of TLS encryption ciphers.
2305 charon.tls.ke_group []
2308 List of TLS key exchange groups.
2309 charon.tls.key_exchange []
2312 List of TLS key exchange methods.
2313 charon.tls.mac []
2316 List of TLS MAC algorithms.
2317 charon.tls.send_certreq_authorities [yes]
2320 Whether to include CAs in a server's CertificateRequest message.
2321 May be disabled if clients can't handle a long list of CAs.
2322 charon.tls.signature []
2325 List of TLS signature schemes.
2326 charon.tls.suites []
2329 List of TLS cipher suites.
2330 charon.tls.version_max [1.2]
2333 Maximum TLS version to negotiate.
2334 charon.tls.version_min [1.2]
2337 Minimum TLS version to negotiate.
2338 charon.tnc.tnc_config [/etc/tnc_config]
2341 TNC IMC/IMV configuration file.
2342 charon.user []
2345 Name of the user the daemon changes to after startup.
2346 charon.x509.enforce_critical [yes]
2349 Discard certificates with unsupported or unknown critical exten‐
2350 sions.
2351 charon-nm.ca_dir [<default>]
2354 Directory from which to load CA certificates if no certificate
2355 is configured.
2356 charon-systemd.journal
2359 Section to configure native systemd journal logger, very similar
2360 to the syslog logger as described in LOGGER CONFIGURATION in
2361 strongswan.conf(5).
2362 charon-systemd.journal.<subsystem> [<default>]
2366 Loglevel for a specific subsystem.
2367 charon-systemd.journal.default [1]
2370 Specifies the default loglevel to be used for subsystems for
2371 which no specific loglevel is defined.
2372 imv_policy_manager.command_allow []
2375 Shell command to be executed with recommendation allow.
2376 imv_policy_manager.command_block []
2379 Shell command to be executed with all other recommendations.
2380 imv_policy_manager.database []
2383 Database URI for the database that stores the package informa‐
2384 tion. If it contains a password, make sure to adjust the permis‐
2385 sions of the config file accordingly.
2386 imv_policy_manager.load [sqlite]
2389 Plugins to load in IMV policy manager.
2390 libimcv.debug_level [1]
2393 Debug level for a stand-alone libimcv library.
2394 libimcv.load [random nonce gmp pubkey x509]
2397 Plugins to load in IMC/IMVs with stand-alone libimcv library.
2398 libimcv.plugins.imc-attestation.aik_blob []
2401 AIK encrypted private key blob file.
2402 libimcv.plugins.imc-attestation.aik_cert []
2405 AIK certificate file.
2406 libimcv.plugins.imc-attestation.aik_handle []
2409 AIK object handle.
2410 libimcv.plugins.imc-attestation.aik_pubkey []
2413 AIK public key file.
2414 libimcv.plugins.imc-attestation.hash_algorithm [sha384]
2417 Preferred measurement hash algorithm.
2418 libimcv.plugins.imc-attestation.mandatory_dh_groups [yes]
2421 Enforce mandatory Diffie-Hellman groups.
2422 libimcv.plugins.imc-attestation.nonce_len [20]
2425 DH nonce length.
2426 libimcv.plugins.imc-attestation.pcr17_after []
2429 PCR17 value after measurement.
2430 libimcv.plugins.imc-attestation.pcr17_before []
2433 PCR17 value before measurement.
2434 libimcv.plugins.imc-attestation.pcr17_meas []
2437 Dummy measurement value extended into PCR17 if the TBOOT log is
2438 not available.
2439 libimcv.plugins.imc-attestation.pcr18_after []
2442 PCR18 value after measurement.
2443 libimcv.plugins.imc-attestation.pcr18_before []
2446 PCR18 value before measurement.
2447 libimcv.plugins.imc-attestation.pcr18_meas []
2450 Dummy measurement value extended into PCR17 if the TBOOT log is
2451 not available.
2452 libimcv.plugins.imc-attestation.pcr_info [no]
2455 Whether to send pcr_before and pcr_after info.
2456 libimcv.plugins.imc-attestation.pcr_padding [no]
2459 Whether to pad IMA SHA1 measurements values when extending into
2460 SHA256 PCR bank.
2461 libimcv.plugins.imc-attestation.use_quote2 [yes]
2464 Use Quote2 AIK signature instead of Quote signature.
2465 libimcv.plugins.imc-attestation.use_version_info [no]
2468 Version Info is included in Quote2 signature.
2469 libimcv.plugins.imc-hcd.push_info [yes]
2472 Send quadruple info without being prompted.
2473 libimcv.plugins.imc-hcd.subtypes []
2476 Section to define PWG HCD PA subtypes.
2477 libimcv.plugins.imc-hcd.subtypes.<section> []
2480 Defines a PWG HCD PA subtype section. Recognized subtype section
2481 names are system, control, marker, finisher, interface and scan‐
2482 ner.
2483 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type> []
2487 Defines a software type section. Recognized software type sec‐
2488 tion names are firmware, resident_application and user_applica‐
2489 tion.
2490 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software> []
2494 Defines a software section having an arbitrary name.
2495 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.name []
2498 Name of the software installed on the hardcopy device.
2499 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.patches
2502 []
2503 String describing all patches applied to the given software on
2504 this hardcopy device. The individual patches are separated by a
2505 newline character '\n'.
2506 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<soft‐
2509 ware>.string_version []
2510 String describing the version of the given software on this
2511 hardcopy device.
2512 libimcv.plugins.imc-hcd.subtypes.<section>.<sw_type>.<software>.version
2515 []
2516 Hex-encoded version string with a length of 16 octets consisting
2517 of the fields major version number (4 octets), minor version
2518 number (4 octets), build number (4 octets), service pack major
2519 number (2 octets) and service pack minor number (2 octets).
2520 libimcv.plugins.imc-hcd.subtypes.<section>.attributes_natural_language
2523 [en]
2524 Variable length natural language tag conforming to RFC 5646
2525 specifies the language to be used in the health assessment mes‐
2526 sage of a given subtype.
2527 libimcv.plugins.imc-hcd.subtypes.system.certification_state []
2530 Hex-encoded certification state.
2531 libimcv.plugins.imc-hcd.subtypes.system.configuration_state []
2534 Hex-encoded configuration state.
2535 libimcv.plugins.imc-hcd.subtypes.system.machine_type_model []
2538 String specifying the machine type and model of the hardcopy de‐
2539 vice.
2540 libimcv.plugins.imc-hcd.subtypes.system.pstn_fax_enabled [no]
2543 Specifies if a PSTN facsimile interface is installed and enabled
2544 on the hardcopy device.
2545 libimcv.plugins.imc-hcd.subtypes.system.time_source []
2548 String specifying the hostname of the network time server used
2549 by the hardcopy device.
2550 libimcv.plugins.imc-hcd.subtypes.system.user_application_enabled [no]
2553 Specifies if users can dynamically download and execute applica‐
2554 tions on the hardcopy device.
2555 libimcv.plugins.imc-hcd.subtypes.system.user_application_persis‐
2558 tence_enabled [no]
2559 Specifies if user dynamically downloaded applications can per‐
2560 sist outside the boundaries of a single job on the hardcopy de‐
2561 vice.
2562 libimcv.plugins.imc-hcd.subtypes.system.vendor_name []
2565 String specifying the manufacturer of the hardcopy device.
2566 libimcv.plugins.imc-hcd.subtypes.system.vendor_smi_code []
2569 Integer specifying the globally unique 24-bit SMI code assigned
2570 to the manufacturer of the hardcopy device.
2571 libimcv.plugins.imc-os.device_cert []
2574 Manually set the path to the client device certificate (e.g.
2575 /etc/pts/aikCert.der)
2576 libimcv.plugins.imc-os.device_handle []
2579 Manually set handle to a private key bound to a smartcard or TPM
2580 (e.g. 0x81010004)
2581 libimcv.plugins.imc-os.device_id []
2584 Manually set the client device ID in hexadecimal format (e.g.
2585 1083f03988c9762703b1c1080c2e46f72b99cc31)
2586 libimcv.plugins.imc-os.device_pubkey []
2589 Manually set the path to the client device public key (e.g.
2590 /etc/pts/aikPub.der)
2591 libimcv.plugins.imc-os.push_info [yes]
2594 Send operating system info without being prompted.
2595 libimcv.plugins.imc-scanner.push_info [yes]
2598 Send open listening ports without being prompted.
2599 libimcv.plugins.imc-swima.eid_epoch [0x11223344]
2602 Set 32 bit epoch value for event IDs manually if software col‐
2603 lector database is not available.
2604 libimcv.plugins.imc-swima.subscriptions [no]
2607 Accept SW Inventory or SW Events subscriptions.
2608 libimcv.plugins.imc-swima.swid_database []
2611 URI to software collector database containing event timestamps,
2612 software creation and deletion events and collected software
2613 identifiers. If it contains a password, make sure to adjust the
2614 permissions of the config file accordingly.
2615 libimcv.plugins.imc-swima.swid_directory [${prefix}/share]
2618 Directory where SWID tags are located.
2619 libimcv.plugins.imc-swima.swid_full [no]
2622 Include file information in the XML-encoded SWID tags.
2623 libimcv.plugins.imc-swima.swid_pretty [no]
2626 Generate XML-encoded SWID tags with pretty indentation.
2627 libimcv.plugins.imc-test.additional_ids [0]
2630 Number of additional IMC IDs.
2631 libimcv.plugins.imc-test.command [none]
2634 Command to be sent to the Test IMV.
2635 libimcv.plugins.imc-test.dummy_size [0]
2638 Size of dummy attribute to be sent to the Test IMV (0 = dis‐
2639 abled).
2640 libimcv.plugins.imc-test.retry [no]
2643 Do a handshake retry.
2644 libimcv.plugins.imc-test.retry_command []
2647 Command to be sent to the Test IMV in the handshake retry.
2648 libimcv.plugins.imv-attestation.cadir []
2651 Path to directory with AIK cacerts.
2652 libimcv.plugins.imv-attestation.dh_group [ecp256]
2655 Preferred Diffie-Hellman group.
2656 libimcv.plugins.imv-attestation.hash_algorithm [sha384]
2659 Preferred measurement hash algorithm.
2660 libimcv.plugins.imv-attestation.mandatory_dh_groups [yes]
2663 Enforce mandatory Diffie-Hellman groups.
2664 libimcv.plugins.imv-attestation.min_nonce_len [0]
2667 DH minimum nonce length.
2668 libimcv.plugins.imv-os.remediation_uri []
2671 URI pointing to operating system remediation instructions.
2672 libimcv.plugins.imv-scanner.remediation_uri []
2675 URI pointing to scanner remediation instructions.
2676 libimcv.plugins.imv-swima.rest_api.timeout [120]
2679 Timeout of SWID REST API HTTP POST transaction.
2680 libimcv.plugins.imv-swima.rest_api.uri []
2683 HTTP URI of the SWID REST API.
2684 libimcv.plugins.imv-test.rounds [0]
2687 Number of IMC-IMV retry rounds.
2688 libimcv.stderr_quiet [no]
2691 Disable output to stderr with a stand-alone libimcv library.
2692 libimcv.swid_gen.command [/usr/local/bin/swid_generator]
2695 SWID generator command to be executed.
2696 libimcv.swid_gen.tag_creator.name [strongSwan Project]
2699 Name of the tagCreator entity.
2700 libimcv.swid_gen.tag_creator.regid [strongswan.org]
2703 regid of the tagCreator entity.
2704 manager.database []
2707 Credential database URI for manager. If it contains a password,
2708 make sure to adjust the permissions of the config file accord‐
2709 ingly.
2710 manager.debug [no]
2713 Enable debugging in manager.
2714 manager.load []
2717 Plugins to load in manager.
2718 manager.socket []
2721 FastCGI socket of manager, to run it statically.
2722 manager.threads [10]
2725 Threads to use for request handling.
2726 manager.timeout [15m]
2729 Session timeout for manager.
2730 medsrv.database []
2733 Mediation server database URI. If it contains a password, make
2734 sure to adjust the permissions of the config file accordingly.
2735 medsrv.debug [no]
2738 Debugging in mediation server web application.
2739 medsrv.dpd [5m]
2742 DPD timeout to use in mediation server plugin.
2743 medsrv.load []
2746 Plugins to load in mediation server plugin.
2747 medsrv.password_length [6]
2750 Minimum password length required for mediation server user ac‐
2751 counts.
2752 medsrv.rekey [20m]
2755 Rekeying time on mediation connections in mediation server
2756 plugin.
2757 medsrv.socket []
2760 Run Mediation server web application statically on socket.
2761 medsrv.threads [5]
2764 Number of thread for mediation service web application.
2765 medsrv.timeout [15m]
2768 Session timeout for mediation service.
2769 pki.load []
2772 Plugins to load in the pki tool.
2773 pki.scep.http_bind []
2776 Source IP address to bind for HTTP operations.
2777 pki.scep.http_timeout [30s]
2780 Timeout for HTTP operations.
2781 pki.scep.renewal_via_pkcs_req [no]
2784 Some SCEP servers (e.g. openxpki) are incorrectly doing certifi‐
2785 cate renewal via messageType PKCSReq (19) instead of RenewalReq
2786 (17).
2787 pool.database []
2790 Database URI for the database that stores IP pools and configu‐
2791 ration attributes. If it contains a password, make sure
2792 to adjust the permissions of the config file accordingly.
2793 pool.load []
2796 Plugins to load in ipsec pool tool.
2797 sec-updater
2800 Options for the sec-updater tool.
2801 sec-updater.database []
2804 Global IMV policy database URI. If it contains a password, make
2805 sure to adjust the permissions of the config file accordingly.
2806 sec-updater.load []
2809 Plugins to load in sec-updater tool.
2810 sec-updater.swid_gen.command [/usr/local/bin/swid_generator]
2813 SWID generator command to be executed.
2814 sec-updater.swid_gen.tag_creator.name [strongSwan Project]
2817 Name of the tagCreator entity.
2818 sec-updater.swid_gen.tag_creator.regid [strongswan.org]
2821 regid of the tagCreator entity.
2822 sec-updater.tmp.deb_file [/tmp/sec-updater.deb]
2825 Temporary storage for downloaded deb package file.
2826 sec-updater.tmp.tag_file [/tmp/sec-updater.tag]
2829 Temporary storage for generated SWID tags.
2830 sec-updater.tnc_manage_command [/var/www/tnc/manage.py]
2833 strongTNC manage.py command used to import SWID tags.
2834 starter.config_file [${sysconfdir}/ipsec.conf]
2837 Location of the ipsec.conf file
2838 starter.load_warning [yes]
2841 Disable charon plugin load option warning.
2842 sw-collector
2845 Options for the sw-collector tool.
2846 sw-collector.database []
2849 URI to software collector database containing event timestamps,
2850 software creation and deletion events and collected software
2851 identifiers. If it contains a password, make sure to adjust the
2852 permissions of the config file accordingly.
2853 sw-collector.first_file [/var/log/bootstrap.log]
2856 Path pointing to file created when the Linux OS was installed.
2857 sw-collector.first_time [0000-00-00T00:00:00Z]
2860 Time in UTC when the Linux OS was installed.
2861 sw-collector.history []
2864 Path pointing to apt history.log file.
2865 sw-collector.load []
2868 Plugins to load in sw-collector tool.
2869 sw-collector.rest_api.timeout [120]
2872 Timeout of REST API HTTP POST transaction.
2873 sw-collector.rest_api.uri []
2876 HTTP URI of the central collector's REST API.
2877 swanctl.load []
2880 Plugins to load in swanctl.
2881 swanctl.socket [unix://${piddir}/charon.vici]
2884 VICI socket to connect to by default.
2885
2888 Options in strongswan.conf(5) provide a much more flexible way to con‐
2889 figure loggers for the IKE daemon charon than using the charondebug op‐
2890 tion in ipsec.conf(5).
2891 Note: If any loggers are specified in strongswan.conf, charondebug does
2893 not have any effect.
2894 There are currently two types of loggers:
2896 File loggers
2898 Log directly to a file and are defined by specifying an arbi‐
2899 trarily named subsection in the charon.filelog section. The full
2900 path to the file is configured in the path setting of that sub‐
2901 section, however, if it only contains characters permitted in
2902 section names, the setting may also be omitted and the path
2903 specified as name of the subsection. To log to the console the
2904 two special filenames stdout and stderr may be used.
2905 Syslog loggers
2907 Log into a syslog facility and are defined by specifying the fa‐
2908 cility to log to as the name of a subsection in the charon.sys‐
2909 log section. The following facilities are currently supported:
2910 daemon and auth.
2911 Multiple loggers can be defined for each type with different log ver‐
2913 bosity for the different subsystems of the daemon.
2914 Subsystems
2917 dmn Main daemon setup/cleanup/signal handling
2918 mgr IKE_SA manager, handling synchronization for IKE_SA access
2920 ike IKE_SA
2922 chd CHILD_SA
2924 job Jobs queueing/processing and thread pool management
2926 cfg Configuration management and plugins
2928 knl IPsec/Networking kernel interface
2930 net IKE network communication
2932 asn Low-level encoding/decoding (ASN.1, X.509 etc.)
2934 enc Packet encoding/decoding encryption/decryption operations
2936 tls libtls library messages
2938 esp libipsec library messages
2940 lib libstrongswan library messages
2942 tnc Trusted Network Connect
2944 imc Integrity Measurement Collector
2946 imv Integrity Measurement Verifier
2948 pts Platform Trust Service
2950 Loglevels
2952 -1 Absolutely silent
2953 0 Very basic auditing logs, (e.g. SA up/SA down)
2955 1 Generic control flow with errors, a good default to see what's
2957 going on
2958 2 More detailed debugging control flow
2960 3 Including RAW data dumps in Hex
2962 4 Also include sensitive material in dumps, e.g. keys
2964 Example
2966 charon {
2967 filelog {
2968 charon {
2969 path = /var/log/charon.log
2970 time_format = %b %e %T
2971 append = no
2972 default = 1
2973 }
2974 stderr {
2975 ike = 2
2976 knl = 3
2977 ike_name = yes
2978 }
2979 }
2980 syslog {
2981 # enable logging to LOG_DAEMON, use defaults
2982 daemon {
2983 }
2984 # minimalistic IKE auditing logging to LOG_AUTHPRIV
2985 auth {
2986 default = -1
2987 ike = 0
2988 }
2989 }
2990 }
2991
2994 Some operations in the IKEv2 daemon charon are currently implemented
2995 synchronously and blocking. Two examples for such operations are commu‐
2996 nication with a RADIUS server via EAP-RADIUS, or fetching CRL/OCSP in‐
2997 formation during certificate chain verification. Under high load condi‐
2998 tions, the thread pool may run out of available threads, and some more
2999 important jobs, such as liveness checking, may not get executed in
3000 time.
3001 To prevent thread starvation in such situations job priorities were in‐
3003 troduced. The job processor will reserve some threads for higher pri‐
3004 ority jobs, these threads are not available for lower priority, locking
3005 jobs.
3006 Implementation
3008 Currently 4 priorities have been defined, and they are used in charon
3009 as follows:
3010 CRITICAL
3012 Priority for long-running dispatcher jobs.
3013 HIGH INFORMATIONAL exchanges, as used by liveness checking (DPD).
3015 MEDIUM Everything not HIGH/LOW, including IKE_SA_INIT processing.
3017 LOW IKE_AUTH message processing. RADIUS and CRL fetching block here
3019 Although IKE_SA_INIT processing is computationally expensive, it is ex‐
3021 plicitly assigned to the MEDIUM class. This allows charon to do the DH
3022 exchange while other threads are blocked in IKE_AUTH. To prevent the
3023 daemon from accepting more IKE_SA_INIT requests than it can handle, use
3024 IKE_SA_INIT DROPPING.
3025 The thread pool processes jobs strictly by priority, meaning it will
3027 consume all higher priority jobs before looking for ones with lower
3028 priority. Further, it reserves threads for certain priorities. A prior‐
3029 ity class having reserved n threads will always have n threads avail‐
3030 able for this class (either currently processing a job, or waiting for
3031 one).
3032 Configuration
3034 To ensure that there are always enough threads available for higher
3035 priority tasks, threads must be reserved for each priority class.
3036 charon.processor.priority_threads.critical [0]
3038 Threads reserved for CRITICAL priority class jobs
3039 charon.processor.priority_threads.high [0]
3041 Threads reserved for HIGH priority class jobs
3042 charon.processor.priority_threads.medium [0]
3044 Threads reserved for MEDIUM priority class jobs
3045 charon.processor.priority_threads.low [0]
3047 Threads reserved for LOW priority class jobs
3048 Let's consider the following configuration:
3050 charon {
3052 processor {
3053 priority_threads {
3054 high = 1
3055 medium = 4
3056 }
3057 }
3058 }
3059 With this configuration, one thread is reserved for HIGH priority
3061 tasks. As currently only liveness checking and stroke message process‐
3062 ing is done with high priority, one or two threads should be suffi‐
3063 cient.
3064 The MEDIUM class mostly processes non-blocking jobs. Unless your setup
3066 is experiencing many blocks in locks while accessing shared resources,
3067 threads for one or two times the number of CPU cores is fine.
3068 It is usually not required to reserve threads for CRITICAL jobs. Jobs
3070 in this class rarely return and do not release their thread to the
3071 pool.
3072 The remaining threads are available for LOW priority jobs. Reserving
3074 threads does not make sense (until we have an even lower priority).
3075 Monitoring
3077 To see what the threads are actually doing, invoke ipsec statusall.
3078 Under high load, something like this will show up:
3079 worker threads: 2 or 32 idle, 5/1/2/22 working,
3081 job queue: 0/0/1/149, scheduled: 198
3082 From 32 worker threads,
3084 2 are currently idle.
3086 5 are running CRITICAL priority jobs (dispatching from sockets,
3088 etc.).
3089 1 is currently handling a HIGH priority job. This is actually the
3091 thread currently providing this information via stroke.
3092 2 are handling MEDIUM priority jobs, likely IKE_SA_INIT or CRE‐
3094 ATE_CHILD_SA messages.
3095 22 are handling LOW priority jobs, probably waiting for an EAP-RA‐
3097 DIUS response while processing IKE_AUTH messages.
3098 The job queue load shows how many jobs are queued for each priority,
3100 ready for execution. The single MEDIUM priority job will get executed
3101 immediately, as we have two spare threads reserved for MEDIUM class
3102 jobs.
3103
3106 If a responder receives more connection requests per seconds than it
3107 can handle, it does not make sense to accept more IKE_SA_INIT messages.
3108 And if they are queued but can't get processed in time, an answer might
3109 be sent after the client has already given up and restarted its connec‐
3110 tion setup. This additionally increases the load on the responder.
3111 To limit the responder load resulting from new connection attempts, the
3113 daemon can drop IKE_SA_INIT messages just after reception. There are
3114 two mechanisms to decide if this should happen, configured with the
3115 following options:
3116 charon.init_limit_half_open [0]
3118 Limit based on the number of half open IKE_SAs. Half open
3119 IKE_SAs are SAs in connecting state, but not yet established.
3120 charon.init_limit_job_load [0]
3122 Limit based on the number of jobs currently queued for process‐
3123 ing (sum over all job priorities).
3124 The second limit includes load from other jobs, such as rekeying.
3126 Choosing a good value is difficult and depends on the hardware and ex‐
3127 pected load.
3128 The first limit is simpler to calculate, but includes the load from new
3130 connections only. If your responder is capable of negotiating 100 tun‐
3131 nels/s, you might set this limit to 1000. The daemon will then drop new
3132 connection attempts if generating a response would require more than 10
3133 seconds. If you are allowing for a maximum response time of more than
3134 30 seconds, consider adjusting the timeout for connecting IKE_SAs
3135 (charon.half_open_timeout). A responder, by default, deletes an IKE_SA
3136 if the initiator does not establish it within 30 seconds. Under high
3137 load, a higher value might be required.
3138
3141 To do stability testing and performance optimizations, the IKE daemon
3142 charon provides the load-tester plugin. This plugin allows one to setup
3143 thousands of tunnels concurrently against the daemon itself or a remote
3144 host.
3145 WARNING: Never enable the load-testing plugin on productive systems. It
3147 provides preconfigured credentials and allows an attacker to authenti‐
3148 cate as any user.
3149 Configuration details
3151 For public key authentication, the responder uses the "CN=srv, OU=load-
3152 test, O=strongSwan" identity. For the initiator, each connection at‐
3153 tempt uses a different identity in the form "CN=c1-r1, OU=load-test,
3154 O=strongSwan", where the first number indicates the client number, the
3155 second the authentication round (if multiple authentication rounds are
3156 used).
3157 For PSK authentication, FQDN identities are used. The server uses
3159 srv.strongswan.org, the client uses an identity in the form
3160 c1-r1.strongswan.org.
3161 For EAP authentication, the client uses a NAI in the form
3163 100000000010001@strongswan.org.
3164 To configure multiple authentication rounds, concatenate multiple meth‐
3166 ods using, e.g.
3167 initiator_auth = pubkey|psk|eap-md5|eap-aka
3168 The responder uses a hardcoded certificate based on a 1024-bit RSA key.
3170 This certificate additionally serves as CA certificate. A peer uses the
3171 same private key, but generates client certificates on demand signed by
3172 the CA certificate. Install the Responder/CA certificate on the remote
3173 host to authenticate all clients.
3174 To speed up testing, the load tester plugin implements a special
3176 Diffie-Hellman implementation called modpnull. By setting
3177 proposal = aes128-sha1-modpnull
3178 this wicked fast DH implementation is used. It does not provide any se‐
3179 curity at all, but allows one to run tests without DH calculation over‐
3180 head.
3181 Examples
3183 In the simplest case, the daemon initiates IKE_SAs against itself using
3184 the loopback interface. This will actually establish double the number
3185 of IKE_SAs, as the daemon is initiator and responder for each IKE_SA at
3186 the same time. Installation of IPsec SAs would fail, as each SA gets
3187 installed twice. To simulate the correct behavior, a fake kernel inter‐
3188 face can be enabled which does not install the IPsec SAs at the kernel
3189 level.
3190 A simple loopback configuration might look like this:
3192 charon {
3194 # create new IKE_SAs for each CHILD_SA to simulate
3195 # different clients
3196 reuse_ikesa = no
3197 # turn off denial of service protection
3198 dos_protection = no
3199 plugins {
3201 load-tester {
3202 # enable the plugin
3203 enable = yes
3204 # use 4 threads to initiate connections
3205 # simultaneously
3206 initiators = 4
3207 # each thread initiates 1000 connections
3208 iterations = 1000
3209 # delay each initiation in each thread by 20ms
3210 delay = 20
3211 # enable the fake kernel interface to
3212 # avoid SA conflicts
3213 fake_kernel = yes
3214 }
3215 }
3216 }
3217 This will initiate 4000 IKE_SAs within 20 seconds. You may increase the
3219 delay value if your box can not handle that much load, or decrease it
3220 to put more load on it. If the daemon starts retransmitting messages
3221 your box probably can not handle all connection attempts.
3222 The plugin also allows one to test against a remote host. This might
3224 help to test against a real world configuration. A connection setup to
3225 do stress testing of a gateway might look like this:
3226 charon {
3228 reuse_ikesa = no
3229 threads = 32
3230 plugins {
3232 load-tester {
3233 enable = yes
3234 # 10000 connections, ten in parallel
3235 initiators = 10
3236 iterations = 1000
3237 # use a delay of 100ms, overall time is:
3238 # iterations * delay = 100s
3239 delay = 100
3240 # address of the gateway
3241 remote = 1.2.3.4
3242 # IKE-proposal to use
3243 proposal = aes128-sha1-modp1024
3244 # use faster PSK authentication instead
3245 # of 1024bit RSA
3246 initiator_auth = psk
3247 responder_auth = psk
3248 # request a virtual IP using configuration
3249 # payloads
3250 request_virtual_ip = yes
3251 # enable CHILD_SA every 60s
3252 child_rekey = 60
3253 }
3254 }
3255 }
3256
3259 Retransmission timeouts in the IKEv2 daemon charon can be configured
3260 globally using the three keys listed below:
3261 charon.retransmit_base [1.8]
3263 charon.retransmit_timeout [4.0]
3264 charon.retransmit_tries [5]
3265 charon.retransmit_jitter [0]
3266 charon.retransmit_limit [0]
3267 The following algorithm is used to calculate the timeout:
3269 relative timeout = retransmit_timeout * retransmit_base ^ (n-1)
3271 Where n is the current retransmission count. The calculated timeout
3273 can't exceed the configured retransmit_limit (if any), which is useful
3274 if the number of retries is high.
3275 If a jitter in percent is configured, the timeout is modified as fol‐
3277 lows:
3278 relative timeout -= random(0, retransmit_jitter * relative timeout)
3280 Using the default values, packets are retransmitted in:
3282 Retransmission Relative Timeout Absolute Timeout
3285 ─────────────────────────────────────────────────────
3286 1 4s 4s
3287 2 7s 11s
3288 3 13s 24s
3289 4 23s 47s
3290 5 42s 89s
3291 giving up 76s 165s
3292
3294 The variables used above are configured as follows:
3295 ${piddir} /run/strongswan
3297 ${prefix} /usr
3298 ${sysconfdir} /etc/strongswan
3299 ${random_device} /dev/random
3300 ${urandom_device} /dev/urandom
3301
3303 /etc/strongswan/strongswan.conf configuration file
3304 /etc/strongswan/strongswan.d/ directory containing included config snippets
3305 /etc/strongswan/strongswan.d/charon/ plugin specific config snippets
3306
3308 swanctl.conf(5), swanctl(8), ipsec.conf(5), ipsec.secrets(5), ipsec(8),
3309 charon-cmd(8)
3310
3313 Written for the strongSwan project ⟨https://www.strongswan.org⟩ by To‐
3314 bias Brunner, Andreas Steffen and Martin Willi.
33155.9.9 STRONGSWAN.CONF(5)