>> MIB - Management Information Base

>> Table: ipsecSaTable - (.1.3.6.1.4.1.272.4.26.3.1)

Description: This object contains an IPSec security association.

ipsecSaTable
OIDNameTypeAccess
.1IndexINTEGERR
.3StateENUMR
.5DirENUMR
.6ModeENUMR
.7SecProtoENUMR
.17SpiHexValueR
.18AuthAlgENUMR
.19EncAlgENUMR
.20CompAlgENUMR
.21AuthKeyLenINTEGERR
.22EncKeyLenINTEGERR
.33ReplayErrorsINTEGERR
.34RecvErrorsINTEGERR
.35DecryptErrorsINTEGERR
.39BundleINTEGERR
.40BundleNestingINTEGERR
.45SpiSizeINTEGERR

Index
A unique index for this entry.
State
The current state of the security association
Possible values:
alive(1),	  -- The SA is alive
expired(2),	  -- The SA is expired
negotiating(4),-- This SA is currently negotiated
established(5) -- The SA is alive and will eventually be 
rekeyed.
Enumerations:
  • expired (2)
  • negotiating (4)
  • established (5)
Dir
This object specifies whether the SA is used for inbound or
outbound processing.
Possible values:
inbound(1),	-- An inbound security association
outbound(2)	-- An outbound security association.
Enumerations:
  • inbound (1)
  • outbound (2)
Mode
This object specifies whether the SA is in tunnel or 
transport mode.
Possible values:
tunnel(1),	-- A tunnel mode SA
transport(2)	-- A transport mode SA.
Enumerations:
  • tunnel (1)
  • transport (2)
SecProto
This object specifies the security protocol applied by this SA.
Possible values:
esp(50),	-- Encapsulating Security Payload
ah(51),	-- Authentication Header
ipcomp(108)	-- Internet Payload Compression Protocol.
Enumerations:
  • esp (50)
  • ah (51)
  • ipcomp (108)
Spi
The Security Parameters Index of this SA.
AuthAlg
The hash algorithm used, if any.
Possible Values:
none(2),	   -- No hash algorithm applied
md5-96(4),	   -- The MD5 hash algorithm
sha1-96(6)	   -- The Secure Hash Algorithm.
Enumerations:
  • none (2)
  • md5-96 (4)
  • sha1-96 (6)
EncAlg
The encryption algorithm used, if any.
Possible Values:
none(1),	      -- No encryption applied
des-cbc(2),	      -- DES in CBC mode
des3-cbc(3),       -- Triple DES in CBC mode
blowfish-cbc(4),   -- Blowfish in CBC mode
cast128-cbc(5),    -- CAST with 128 bit key in CBC mode
twofish-cbc(6),    -- Twofish in CBC mode
rijndael-cbc(7)    -- Rijndael in CBC mode.
Enumerations:
  • none (1)
  • des-cbc (2)
  • des3-cbc (3)
  • blowfish-cbc (4)
  • cast128-cbc (5)
  • twofish-cbc (6)
  • rijndael-cbc (7)
CompAlg
The compression algorithm used, if any.
Possible Values:
none(1),	  -- No compression
deflate(2) 	  -- DEFLATE compression algorithm.
Enumerations:
  • none (2)
  • deflate (3)
AuthKeyLen
The length of the key used for authentication, if any.
EncKeyLen
The length of the key used for encryption, if any.
ReplayErrors
The number of replayed packets detected for this SA.
RecvErrors
The number of receive errors (replayed packets not counted)
detected for this SA.
DecryptErrors
The number of decryption errors (ESP only) detected for 
this SA.
Bundle
unique id of SA-bundle within this SA is used.
BundleNesting
place of SA within SA-Bundle.
SpiSize
The size of the SPI in bytes.


Copyright ©2003 by BinTec Access Networks GmbH