Provided by: strongswan-starter_4.5.2-1.2_amd64 bug


       strongswan.conf - strongSwan configuration file


       While  the  ipsec.conf(5)  configuration  file  is  well  suited  to  define IPsec related
       configuration parameters, it is not useful  for  other  strongSwan  applications  to  read
       options  from  this  file.  The file is hard to parse and only ipsec starter is capable of
       doing so. As the number of components of the strongSwan project is continually growing,  a
       more flexible configuration file was needed, one that is easy to extend and can be used by
       all components. With strongSwan 4.2.1 strongswan.conf(5) was introduced which meets  these


       The  format  of  the  strongswan.conf file consists of hierarchical sections and a list of
       key/value pairs in each section. Each section  has  a  name,  followed  by  C-Style  curly
       brackets  defining  the  section body. Each section body contains a set of subsections and
       key/value pairs:

            settings := (section|keyvalue)*
            section  := name { settings }
            keyvalue := key = value\n

       Values must be terminated by a newline.

       Comments are possible using the #-character, but be careful: The parser implementation  is
       currently limited and does not like brackets in comments.

       Section names and keys may contain any printable character except:

            . { } # \n \t space

       An example file in this format might look like this:

            a = b
            section-one {
                 somevalue = asdf
                 subsection {
                      othervalue = xxx
                 # yei, a comment
                 yetanother = zz
            section-two {
                 x = 12

       Indentation is optional, you may use tabs or spaces.


       Using  the  include  statement it is possible to include other files into strongswan.conf,

            include /some/path/*.conf

       If the file name is not an absolute path, it is considered to be relative to the directory
       of  the  file  containing the include statement. The file name may include shell wildcards
       (see sh(1)).  Also, such inclusions can be nested.

       Sections loaded from included files extend previously loaded  sections;  already  existing
       values  are  replaced.   It  is  important to note that settings are added relative to the
       section the include statement is in.

       As an example, the following three files result in the same final config as the one  given

            a = b
            section-one {
                 somevalue = before include
                 include include.conf
            include other.conf

            # settings loaded from this file are added to section-one
            # the following replaces the previous value
            somevalue = asdf
            subsection {
                 othervalue = yyy
            yetanother = zz

            # this extends section-one and subsection
            section-one {
                 subsection {
                      # this replaces the previous value
                      othervalue = xxx
            section-two {
                 x = 12


       Values  are  accessed using a dot-separated section list and a key.  With reference to the
       example above, accessing section-one.subsection.othervalue will return xxx.


       The following keys are currently defined (using dot notation). The default value (if  any)
       is listed in brackets after the key.

   charon section
       charon.block_threshold [5]
              Maximum number of half-open IKE_SAs for a single peer IP

       charon.close_ike_on_child_failure [no]
              Close the IKE_SA if setup of the CHILD_SA along with IKE_AUTH failed

       charon.cookie_threshold [10]
              Number of half-open IKE_SAs that activate the cookie mechanism

              DNS servers assigned to peer via configuration payload (CP)

       charon.dos_protection [yes]
              Enable Denial of Service protection using cookies and aggressiveness checks

              Section to define file loggers, see LOGGER CONFIGURATION

       charon.flush_auth_cfg [no]

       charon.hash_and_url [no]
              Enable hash and URL support

              A list of routing tables to be excluded from route lookup

       charon.ikesa_table_segments [1]
              Number of exclusively locked segments in the hash table

       charon.ikesa_table_size [1]
              Size of the IKE_SA hash table

       charon.inactivity_close_ike [no]
              Whether to close IKE_SA if the only CHILD_SA closed due to inactivity

       charon.install_routes [yes]
              Install routes into a separate routing table for established IPsec tunnels

       charon.install_virtual_ip [yes]
              Install virtual IP addresses

       charon.keep_alive [20s]
              NAT keep alive interval

              Plugins to load in the IKEv2 daemon charon

       charon.max_packet [10000]
              Maximum packet size accepted by charon

       charon.multiple_authentication [yes]
              Enable multiple authentication exchanges (RFC 4739)

              WINS servers assigned to peer via configuration payload (CP)

       charon.process_route [yes]
              Process RTM_NEWROUTE and RTM_DELROUTE events

       charon.receive_delay [0]
              Delay for receiving packets, to simulate larger RTT

       charon.receive_delay_response [yes]
              Delay response messages

       charon.receive_delay_request [yes]
              Delay request messages

       charon.receive_delay_type [0]
              Specific IKEv2 message type to delay, 0 for any

       charon.replay_window [32]
              Size of the AH/ESP replay window, in packets.

       charon.retransmit_base [1.8]
              Base to use for calculating exponential back off, see IKEv2 RETRANSMISSION

       charon.retransmit_timeout [4.0]
              Timeout in seconds before sending first retransmit

       charon.retransmit_tries [5]
              Number of times to retransmit a packet before giving up

       charon.reuse_ikesa [yes]
              Initiate CHILD_SA within existing IKE_SAs

              Numerical routing table to install routes to

              Priority of the routing table

       charon.send_delay [0]
              Delay for sending packets, to simulate larger RTT

       charon.send_delay_response [yes]
              Delay response messages

       charon.send_delay_request [yes]
              Delay request messages

       charon.send_delay_type [0]
              Specific IKEv2 message type to delay, 0 for any

       charon.send_vendor_id [no]
              Send strongSwan vendor ID payload

              Section to define syslog loggers, see LOGGER CONFIGURATION

       charon.threads [16]
              Number of worker threads in charon

   charon.plugins subsection [1]
              Loglevel for logging to Android specific logger

              Section   to  specify  arbitrary  attributes  that  are  assigned  to  a  peer  via
              configuration payload (CP)

       charon.plugins.dhcp.identity_lease [no]
              Derive user-defined MAC address from hash of IKEv2 identity

       charon.plugins.dhcp.server []
              DHCP server unicast or broadcast IP address

       charon.plugins.duplicheck.enable [yes]
              enable loaded duplicheck plugin

       charon.plugins.eap-aka.request_identity [yes]


       charon.plugins.eap-gtc.pam_service [login]
              PAM service to be used for authentication

       charon.plugins.eap-peap.fragment_size [1024]
              Maximum size of an EAP-PEAP packet

       charon.plugins.eap-peap.max_message_count [32]
              Maximum number of processed EAP-PEAP packets

       charon.plugins.eap-peap.include_length [no]
              Include length in non-fragmented EAP-PEAP packets

       charon.plugins.eap-peap.phase2_method [mschapv2]
              Phase2 EAP client authentication method

       charon.plugins.eap-peap.phase2_piggyback [no]
              Phase2 EAP Identity request piggybacked by server onto TLS Finished message

       charon.plugins.eap-peap.phase2_tnc [no]
              Start phase2 EAP TNC protocol after successful client authentication

       charon.plugins.eap-peap.request_peer_auth [no]
              Request peer authentication based on a client certificate

       charon.plugins.eap-radius.class_group [no]
              Use the class attribute sent in  the  RADIUS-Accept  message  as  group  membership
              information  that  is compared to the groups specified in the rightgroups option in
              ipsec.conf (5).

       charon.plugins.eap-radius.eap_start [no]
              Send EAP-Start instead of EAP-Identity to start RADIUS conversation

       charon.plugins.eap-radius.filter_id [no]
              If the RADIUS tunnel_type attribute with value ESP is received, use  the  filter_id
              attribute sent in the RADIUS-Accept message as group membership information that is
              compared to the groups specified in the rightgroups option in ipsec.conf (5).

              Prefix to EAP-Identity, some AAA servers use a IMSI prefix to select the EAP method

       charon.plugins.eap-radius.nas_identifier [strongSwan]
              NAS-Identifier to include in RADIUS messages

       charon.plugins.eap-radius.port [1812]
              Port of RADIUS server (authentication)

              Shared secret between RADIUS and NAS

              IP/Hostname of RADIUS server

              Section to specify multiple RADIUS servers. The nas_identifier, secret, sockets and
              port  options  can  be  specified  for  each  server. A server's IP/Hostname can be
              configured using the address option. For each  RADIUS  server  a  priority  can  be
              specified using the preference [0] option.

       charon.plugins.eap-radius.sockets [1]
              Number of sockets (ports) to use, increase for high load

       charon.plugins.eap-sim.request_identity [yes]



       charon.plugins.eap-tls.fragment_size [1024]
              Maximum size of an EAP-TLS packet

       charon.plugins.eap-tls.max_message_count [32]
              Maximum number of processed EAP-TLS packets

       charon.plugins.eap-tls.include_length [yes]
              Include length in non-fragmented EAP-TLS packets

       charon.plugins.eap-tnc.fragment_size [50000]
              Maximum size of an EAP-TNC packet

       charon.plugins.eap-tnc.max_message_count [10]
              Maximum number of processed EAP-TNC packets

       charon.plugins.eap-tnc.include_length [yes]
              Include length in non-fragmented EAP-TNC packets

       charon.plugins.eap-ttls.fragment_size [1024]
              Maximum size of an EAP-TTLS packet

       charon.plugins.eap-ttls.max_message_count [32]
              Maximum number of processed EAP-TTLS packets

       charon.plugins.eap-ttls.include_length [yes]
              Include length in non-fragmented EAP-TTLS packets

       charon.plugins.eap-ttls.phase2_method [md5]
              Phase2 EAP client authentication method

       charon.plugins.eap-ttls.phase2_piggyback [no]
              Phase2 EAP Identity request piggybacked by server onto TLS Finished message

       charon.plugins.eap-ttls.phase2_tnc [no]
              Start phase2 EAP TNC protocol after successful client authentication

       charon.plugins.eap-ttls.request_peer_auth [no]
              Request peer authentication based on a client certificate

       charon.plugins.ha.fifo_interface [yes]

       charon.plugins.ha.heartbeat_delay [1000]

       charon.plugins.ha.heartbeat_timeout [2100]


       charon.plugins.ha.monitor [yes]



       charon.plugins.ha.resync [yes]


       charon.plugins.ha.segment_count [1]


       charon.plugins.led.blink_time [50]

       charon.plugins.kernel-klips.ipsec_dev_count [4]
              Number of ipsecN devices

       charon.plugins.kernel-klips.ipsec_dev_mtu [0]
              Set MTU of ipsecN device

              Section to configure the load-tester plugin, see LOAD TESTS

       charon.plugins.resolve.file [/etc/resolv.conf]
              File where to add DNS server entries

              Database URI for charons SQL plugin

       charon.plugins.sql.loglevel [-1]
              Loglevel for logging to SQL database

       charon.plugins.tnc-imc.preferred_language [en]
              Preferred language for TNC recommendations

       charon.plugins.tnc-imc.tnc_config [/etc/tnc_config]
              TNC IMC configuration directory

       charon.plugins.tnc-imv.tnc_config [/etc/tnc_config]
              TNC IMV configuration directory

       charon.plugins.whitelist.enable [yes]
              enable loaded whitelist plugin

   libstrongswan section
       libstrongswan.crypto_test.bench [no]

       libstrongswan.crypto_test.bench_size [1024]

       libstrongswan.crypto_test.bench_time [50]

       libstrongswan.crypto_test.on_add [no]
              Test crypto algorithms during registration

       libstrongswan.crypto_test.on_create [no]
              Test crypto algorithms on each crypto primitive instantiation

       libstrongswan.crypto_test.required [no]
              Strictly require at least one test vector to enable an algorithm

       libstrongswan.crypto_test.rng_true [no]
              Whether to test RNG with TRUE quality; requires a lot of entropy

       libstrongswan.dh_exponent_ansi_x9_42 [yes]
              Use ANSI X9.42 DH exponent size or optimum size matched to cryptographical strength

       libstrongswan.ecp_x_coordinate_only [yes]
              Compliance with the errata for RFC 4753

       libstrongswan.integrity_test [no]
              Check daemon, libstrongswan and plugin integrity at startup

       libstrongswan.leak_detective.detailed [yes]
              Includes source file names and line numbers in leak detective output

       libstrongswan.x509.enforce_critical [yes]
              Discard certificates with unsupported or unknown critical extensions

   libstrongswan.plugins subsection
              Database URI for attr-sql plugin used by charon and pluto

       libstrongswan.plugins.attr-sql.lease_history [yes]
              Enable logging of SQL IP pool leases

       libstrongswan.plugins.gcrypt.quick_random [no]
              Use faster random numbers in gcrypt; for testing only, produces weak keys!

       libstrongswan.plugins.openssl.engine_id [pkcs11]
              ENGINE ID to use in the OpenSSL plugin


       libstrongswan.plugins.pkcs11.use_hasher [no]

   libtls section
              List of TLS encryption ciphers

              List of TLS key exchange methods

              List of TLS MAC algorithms

              List of TLS cipher suites

   manager section
              Credential database URI for manager

       manager.debug [no]
              Enable debugging in manager

              Plugins to load in manager

              FastCGI socket of manager, to run it statically

       manager.threads [10]
              Threads to use for request handling

       manager.timeout [15m]
              Session timeout for manager

   mediation client section
              Mediation client database URI

       medcli.dpd [5m]
              DPD timeout to use in mediation client plugin

       medcli.rekey [20m]
              Rekeying time on mediation connections in mediation client plugin

   mediation server section
              Mediation server database URI

       medsrv.debug [no]
              Debugging in mediation server web application

       medsrv.dpd [5m]
              DPD timeout to use in mediation server plugin

              Plugins to load in mediation server plugin

       medsrv.password_length [6]
              Minimum password length required for mediation server user accounts

       medsrv.rekey [20m]
              Rekeying time on mediation connections in mediation server plugin

              Run Mediation server web application statically on socket

       medsrv.threads [5]
              Number of thread for mediation service web application

       medsrv.timeout [15m]
              Session timeout for mediation service

   openac section
              Plugins to load in ipsec openac tool

   pki section
              Plugins to load in ipsec pki tool

   pluto section
              DNS servers assigned to peer via Mode Config

              Plugins to load in IKEv1 pluto daemon

              WINS servers assigned to peer via Mode Config

       pluto.threads [4]
              Number of worker threads in pluto

   pluto.plugins section
              Section to specify arbitrary attributes that are assigned to a peer via Mode Config

       charon.plugins.kernel-klips.ipsec_dev_count [4]
              Number of ipsecN devices

       charon.plugins.kernel-klips.ipsec_dev_mtu [0]
              Set MTU of ipsecN device

   pool section
              Plugins to load in ipsec pool tool

   scepclient section
              Plugins to load in ipsec scepclient tool

   starter section
       starter.load_warning [yes]
              Disable charon/pluto plugin load option warning


       The  options described below provide a much more flexible way to configure loggers for the
       IKEv2 daemon charon than using the charondebug option in ipsec.conf(5).

       Please note that if any loggers are specified in  strongswan.conf,  charondebug  does  not
       have any effect.

       There are currently two types of loggers defined:

       File loggers
              Log  directly  to a file and are defined by specifying the full path to the file as
              subsection in the charon.filelog section. To log to the  console  the  two  special
              filenames stdout and stderr can be used.

       Syslog loggers
              Log  into a syslog facility and are defined by specifying the facility to log to as
              the name of a subsection in the charon.syslog section. The following facilities are
              currently supported: daemon and auth.

       Multiple  loggers  can  be  defined  for  each  type  with different log verbosity for the
       different subsystems of the daemon.

       charon.filelog.<filename>.default [1]
              Specifies the default loglevel to be used for  subsystems  for  which  no  specific
              loglevel is defined.

       charon.filelog.<filename>.<subsystem> [<default>]
              Specifies the loglevel for the given subsystem.

       charon.filelog.<filename>.append [yes]
              If this option is enabled log entries are appended to the existing file.

       charon.filelog.<filename>.flush_line [no]
              Enabling this option disables block buffering and enables line buffering.

       charon.filelog.<filename>.ike_name [no]
              Prefix  each  log  entry with the connection name and a unique numerical identifier
              for each IKE_SA.

              Prefix each log entry with a timestamp. The  option  accepts  a  format  string  as
              passed to strftime(3).

       dmn    Main daemon setup/cleanup/signal handling

       mgr    IKE_SA manager, handling synchronization for IKE_SA access

       ike    IKE_SA

       chd    CHILD_SA

       job    Jobs queueing/processing and thread pool management

       cfg    Configuration management and plugins

       knl    IPsec/Networking kernel interface

       net    IKE network communication

       enc    Packet encoding/decoding encryption/decryption operations

       tls    libtls library messages

       lib    libstrongwan library messages

       -1     Absolutely silent

       0      Very basic auditing logs, (e.g. SA up/SA down)

       1      Generic control flow with errors, a good default to see whats going on

       2      More detailed debugging control flow

       3      Including RAW data dumps in Hex

       4      Also include sensitive material in dumps, e.g. keys

            charon {
                 filelog {
                      /var/log/charon.log {
                           time_format = %b %e %T
                           append = no
                           default = 1
                      stderr {
                           ike = 2
                           knl = 3
                           ike_name = yes
                 syslog {
                      # enable logging to LOG_DAEMON, use defaults
                      daemon {
                      # minimalistic IKE auditing logging to LOG_AUTHPRIV
                      auth {
                           default = -1
                           ike = 0


       To  do  stability  testing and performance optimizations, the IKEv2 daemon charon provides
       the load-tester plugin. This plugin allows to  setup  thousands  of  tunnels  concurrently
       against the daemon itself or a remote host.

       WARNING:  Never  enable  the  load-testing  plugin  on  productive  systems.  It  provides
       preconfigured credentials and allows an attacker to authenticate as any user.

       charon.plugins.load-tester.child_rekey [600]
              Seconds to start CHILD_SA rekeying after setup

       charon.plugins.load-tester.delay [0]
              Delay between initiatons for each thread

       charon.plugins.load-tester.delete_after_established [no]
              Delete an IKE_SA as soon as it has been established

       charon.plugins.load-tester.dynamic_port [0]
              Base port to be used for requests (each client uses a different port)

       charon.plugins.load-tester.enable [no]
              Enable the load testing plugin

       charon.plugins.load-tester.fake_kernel [no]
              Fake the kernel interface to allow load-testing against self

       charon.plugins.load-tester.ike_rekey [0]
              Seconds to start IKE_SA rekeying after setup

       charon.plugins.load-tester.initiators [0]
              Number of concurrent initiator threads to use in load test

       charon.plugins.load-tester.initiator_auth [pubkey]
              Authentication method(s) the intiator uses

       charon.plugins.load-tester.iterations [1]
              Number of IKE_SAs to initate by each initiator in load test

              Provide INTERNAL_IPV4_ADDRs from a named pool

       charon.plugins.load-tester.proposal [aes128-sha1-modp768]
              IKE proposal to use in load test

       charon.plugins.load-tester.remote []
              Address to initiation connections to

       charon.plugins.load-tester.responder_auth [pubkey]
              Authentication method(s) the responder uses

       charon.plugins.load-tester.request_virtual_ip [no]
              Request an INTERNAL_IPV4_ADDR from the server

       charon.plugins.load-tester.shutdown_when_complete [no]
              Shutdown the daemon after all IKE_SAs have been established

   Configuration details
       For public key authentication, the responder uses the "CN=srv, OU=load-test, O=strongSwan"
       identity. For the initiator, each connection attempt uses a different identity in the form
       "CN=c1-r1, OU=load-test, O=strongSwan", where  the  first  number  inidicates  the  client
       number, the second the authentication round (if multiple authentication is used).

       For  PSK authentication, FQDN identities are used. The server uses, the
       client uses an identity in the form

       For EAP authentication, the client uses a NAI in the form

       To configure multiple authentication, concatenate multiple methods using, e.g.
            initiator_auth = pubkey|psk|eap-md5|eap-aka

       The responder uses a hardcoded certificate based on a 1024-bit RSA key.  This  certificate
       additionally  serves  as  CA  certificate. A peer uses the same private key, but generates
       client certificates on demand signed by  the  CA  certificate.  Install  the  Responder/CA
       certificate on the remote host to authenticate all clients.

       To  speed  up  testing,  the  load  tester  plugin  implements  a  special  Diffie-Hellman
       implementation called modpnull. By setting
            proposal = aes128-sha1-modpnull
       this wicked fast DH implementation is used. It does not provide any security at  all,  but
       allows to run tests without DH calculation overhead.

       In  the  simplest  case,  the  daemon  initiates IKE_SAs against itself using the loopback
       interface. This will actually establish double the number of IKE_SAs,  as  the  daemon  is
       initiator and responder for each IKE_SA at the same time.  Installation of IPsec SAs would
       fails, as each SA gets installed twice. To simulate the correct behavior,  a  fake  kernel
       interface can be enabled which does not install the IPsec SAs at the kernel level.

       A simple loopback configuration might look like this:

            charon {
                 # create new IKE_SAs for each CHILD_SA to simulate
                 # different clients
                 reuse_ikesa = no
                 # turn off denial of service protection
                 dos_protection = no

                 plugins {
                      load-tester {
                           # enable the plugin
                           enable = yes
                           # use 4 threads to initiate connections
                           # simultaneously
                           initiators = 4
                           # each thread initiates 1000 connections
                           iterations = 1000
                           # delay each initiation in each thread by 20ms
                           delay = 20
                           # enable the fake kernel interface to
                           # avoid SA conflicts
                           fake_kernel = yes

       This  will  initiate  4000  IKE_SAs within 20 seconds. You may increase the delay value if
       your box can not handle that much load, or decrease it to put more  load  on  it.  If  the
       daemon  starts  retransmitting  messages  your  box probably can not handle all connection

       The plugin also allows to test against a remote host. This might help to  test  against  a
       real  world configuration. A connection setup to do stress testing of a gateway might look
       like this:

            charon {
                 reuse_ikesa = no
                 threads = 32

                 plugins {
                      load-tester {
                           enable = yes
                           # 10000 connections, ten in parallel
                           initiators = 10
                           iterations = 1000
                           # use a delay of 100ms, overall time is:
                           # iterations * delay = 100s
                           delay = 100
                           # address of the gateway
                           remote =
                           # IKE-proposal to use
                           proposal = aes128-sha1-modp1024
                           # use faster PSK authentication instead
                           # of 1024bit RSA
                           initiator_auth = psk
                           responder_auth = psk
                           # request a virtual IP using configuration
                           # payloads
                           request_virtual_ip = yes
                           # enable CHILD_SA every 60s
                           child_rekey = 60


       Retransmission timeouts in the IKEv2 daemon charon can be configured  globally  using  the
       three keys listed below:

              charon.retransmit_base [1.8]
              charon.retransmit_timeout [4.0]
              charon.retransmit_tries [5]

       The following algorithm is used to calculate the timeout:

            relative timeout = retransmit_timeout * retransmit_base ^ (n-1)

       Where n is the current retransmission count.

       Using the default values, packets are retransmitted in:

       Retransmission   Relative Timeout   Absolute Timeout
       1                              4s                 4s
       2                              7s                11s
       3                             13s                24s
       4                             23s                47s
       5                             42s                89s
       giving up                     76s               165s




       ipsec.conf(5), ipsec.secrets(5), ipsec(8)


       Written  for the strongSwan project ⟨⟩ by Tobias Brunner, Andreas
       Steffen and Martin Willi.