strongSwan as TNC Client » History » Version 4
Version 3 (Andreas Steffen, 13.12.2010 23:43) → Version 4/22 (Andreas Steffen, 14.12.2010 16:19)
h1. strongSwan as TNC Client
The following plugins must activated for strongSwan to take on the role of a TNC Client
h3. Configuration as a TNCCS 2.0 Client with EAP-MD5 password-based authentication
<pre>
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
... --enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
[--enable-eap-md5]
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-20
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-2.0
}
}
}
</pre>
h3. Configuration as a TNCCS 2.0 Client with EAP-TLS certicate-based authentication
<pre>
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
--enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-20
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-2.0
}
}
}
</pre>
h3. Configuration as a TNCCS 1.1 Client with EAP-TLS certicate-based authentication
<pre>
./configure --prefix=/usr --sysconfdir =/etc --enable-curl
--enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-11
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-1.1
}
}
} --enable-tnccs-11|--enable-tnccs-20
</pre>
The following plugins must activated for strongSwan to take on the role of a TNC Client
h3. Configuration as a TNCCS 2.0 Client with EAP-MD5 password-based authentication
<pre>
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
... --enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
[--enable-eap-md5]
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-20
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-2.0
}
}
}
</pre>
h3. Configuration as a TNCCS 2.0 Client with EAP-TLS certicate-based authentication
<pre>
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
--enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-20
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-2.0
}
}
}
</pre>
h3. Configuration as a TNCCS 1.1 Client with EAP-TLS certicate-based authentication
<pre>
./configure --prefix=/usr --sysconfdir =/etc --enable-curl
--enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
--enable-eap-tnc --enable-tnc-imc --enable-tnccs-11
</pre>
/etc/strongswan.conf - strongSwan configuration file
<pre>
charon {
plugins {
eap-tnc {
protocol = tnccs-1.1
}
}
} --enable-tnccs-11|--enable-tnccs-20
</pre>