Index |
A unique index identifying this entry. |
NextChoice |
This object specifies the index of the next proposal
of a choice of proposals. If this object is 0, this
marks the end of a proposal chain. |
Description |
An optional textual description of the proposal chain
beginning at this entry. |
EncAlg |
This object specifies the encryption algorithm used
to protect traffic sent over an IKE SA.
Possible values:
none(1), -- No encryption applied
des-cbc(2), -- DES in CBC mode
des3-cbc(3), -- Triple DES in CBC mode
blowfish-cbc(4), -- Blowfish in CBC mode
cast128-cbc(5) -- CAST in CBC mode with 128 bit key
twofish-cbc(6), -- Twofish in CBC mode
rijndael-cbc(7) -- Rijndael in CBC mode. Enumerations: - none (1)
- des-cbc (2)
- des3-cbc (3)
- blowfish-cbc (4)
- cast128-cbc (5)
- twofish-cbc (6)
- rijndael-cbc (7)
|
HashAlg |
This object specifies the hash algorithm used to
protect traffic sent over an IKE SA.
Possible values:
delete(1), -- Delete this entry
none(2), -- No hash algorithm
md5(3), -- The MD5 hash algorithm
sha1(4), -- The Secure Hash Algorithm
ripemd160(5),-- The RipeMD160 Hash Algorithm
tiger192(6) -- The Tiger Hash Algorithm. Enumerations: - delete (1)
- none (2)
- md5 (3)
- sha1 (4)
- ripemd160 (5)
- tiger192 (6)
|
LifeTime |
This object specifies an index in the ipsecLifeTimeTable with the
lifetime settings to be used for IKE SA negotiation with this
proposal.
If this object is set to zero or the lifetime pointed to by this
index does not exist or is inappropriate, the setting in the
profile is used. |
Group |
Index of the IKE group used with this proposal.
It may be overridden by a valid IKE group index of an IPSec peer
or in ipsecGlobDefaultIkeGroup.
Possible values:
0 (use default setting in ipsecPeerIkeGroup
or ipsecGlobDefaultIkeGroup),
1 (768 bit MODP),
2 (1024 bit MODP),
5 (1536 bit MODP). |
AuthMethod |
This object specifies the authentication method used with this
proposal.
It may be overridden by the setting in the ipsecPeerEntry table.
If set to 'default' the value in ipsecGlobDefaultAuthMethod is used.
Possible values:
pre-sh-key(1), -- Authentication using pre shared keys
dss-sig(2), -- Authentication using DSS signatures
rsa-sig(3), -- Authentication using RSA signatures
rsa-enc(4), -- Authentication using RSA encryption
default(33) -- Use default authentication method. Enumerations: - pre-sh-key (1)
- dss-sig (2)
- rsa-sig (3)
- rsa-enc (4)
- default (33)
|