Project

General

Profile

History

strongSwan User Documentation » Trusted Network Connect (TNC) HOWTO »

strongSwan as TNC Client » History » Version 5

« Previous - Version 5/22 (diff) - Next » - Current version
Andreas Steffen, 14.12.2010 16:37
completed strongswan.conf

strongSwan as TNC Client

The following plugins must activated for strongSwan to take on the role of a TNC Client

Configuration as a TNCCS 2.0 Client with EAP-MD5 password-based authentication
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
            --enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
            --enable-eap-tnc --enable-tnc-imc --enable-tnccs-20

/etc/strongswan.conf - strongSwan configuration file

charon {
  plugins {
    eap-tnc {
      protocol = tnccs-2.0
    }
    tnc-imc {
      preferred_language = de, en
    }
  }
}

Configuration as a TNCCS 2.0 Client with EAP-TLS certicate-based authentication
./configure --prefix=/usr --sysconfdir=/etc --enable-curl
            --enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
            --enable-eap-tnc --enable-tnc-imc --enable-tnccs-20

/etc/strongswan.conf - strongSwan configuration file

charon {
  plugins {
    eap-tnc {
      protocol = tnccs-2.0
    }
    tnc-imc {
      preferred_language = ru, fr, en
    }
  }
}

Configuration as a TNCCS 1.1 Client with EAP-TLS certicate-based authentication
./configure --prefix=/usr --sysconfdir =/etc --enable-curl
            --enable-eap-tls --enable-eap-ttls --enable-eap-identity --enable-eap-md5
            --enable-eap-tnc --enable-tnc-imc --enable-tnccs-11

/etc/strongswan.conf - strongSwan configuration file

charon {
  plugins {
    eap-tnc {
      protocol = tnccs-1.1
    }
  }
}