The tnc-pdp plugin implements a RADIUS server interface allowing a strongSwan TNC server to act as a Policy Decision Point. Have a look at the tnc/tnccs-20-pdp-eap test case for an example.
The eap-radius authentication backend enforces Session-Timeout attributes using RFC 4478 repeated authentication and acts upon RADIUS Dynamic Authorization extensions, RFC 5176. Currently supported are disconnect requests and CoA messages containing a Session-Timeout.
The eap-radius plugin can forward arbitrary RADIUS attributes from and to clients using custom IKEv2 notify payloads. The new radattr plugin reads attributes to include from files and prints received attributes to the console.
Support for resolvconf(8)
The resolve plugin automatically installs nameservers via resolvconf(8) instead of modifying /etc/resolv.conf directly.