>> MIB - Management Information Base

>> Table: ikeProposalTable - (.1.3.6.1.4.1.272.4.26.6.1)

Description: This object contains an IKE proposal, i.e. the encryption algorithm and the hash algorithm used to protect traffic sent over an IKE SA.

ikeProposalTable
OIDNameTypeAccess
.1IndexINTEGERR
.2NextChoiceINTEGERRW
.3DescriptionDisplayStringRW
.4EncAlgENUMRW
.5HashAlgENUMD
.7GroupINTEGERRW
.8AuthMethodENUMRW
.9EncKeySizeINTEGERRW
.10EncKeySizeMinINTEGERRW
.11EncKeySizeMaxINTEGERRW

Index
A unique index identifying this entry.
NextChoice
This object specifies the index of the next proposal
of a choice of proposals. If this object is 0, this
marks the end of a proposal chain.
Description
An optional textual description of the proposal chain
beginning at this entry.
EncAlg
This object specifies the encryption algorithm used
to protect traffic sent over an IKE SA.
Possible values:
none(1),	    -- No encryption applied
des-cbc(2), 	    -- DES in CBC mode
des3-cbc(3),     -- Triple DES in CBC mode
blowfish-cbc(4), -- Blowfish in CBC mode
cast128-cbc(5)   -- CAST in CBC mode with 128 bit key
twofish-cbc(6),  -- Twofish in CBC mode
aes-cbc(7),      -- AES in CBC mode
rijndael-cbc(31) -- rijndael (former name for AES).
Enumerations:
  • none (1)
  • des-cbc (2)
  • des3-cbc (3)
  • blowfish-cbc (4)
  • cast128-cbc (5)
  • twofish-cbc (6)
  • aes-cbc (7)
  • rijndael-cbc (31)
HashAlg
This object specifies the hash algorithm used to
protect traffic sent over an IKE SA.
Possible values:
delete(1),	-- Delete this entry
none(2),	-- No hash algorithm
md5(3),	-- The MD5 hash algorithm
sha1(4),	-- The Secure Hash Algorithm
ripemd160(5),-- The RipeMD160 Hash Algorithm
tiger192(6)	-- The Tiger Hash Algorithm.
Enumerations:
  • delete (1)
  • none (2)
  • md5 (3)
  • sha1 (4)
  • ripemd160 (5)
  • tiger192 (6)
Group
Index of the IKE group used with this proposal.
It may be overridden by a valid IKE group index of an IPSec peer
or in ipsecGlobDefaultIkeGroup.
Possible values:
0 (use default setting in ipsecPeerIkeGroup 
or ipsecGlobDefaultIkeGroup), 
1 (768 bit MODP), 
2 (1024 bit MODP), 
5 (1536 bit MODP).
AuthMethod
This object specifies the authentication method used with this 
proposal. 
It may be overridden by the setting in the ipsecPeerEntry table.
If set to 'default' the value in ipsecGlobDefaultAuthMethod is used.
Possible values:
pre-sh-key(1), -- Authentication using pre shared keys
dss-sig(2),	  -- Authentication using DSS signatures
rsa-sig(3),	  -- Authentication using RSA signatures
rsa-enc(4),	  -- Authentication using RSA encryption
default(33)	  -- Use default authentication method.
Enumerations:
  • pre-sh-key (1)
  • dss-sig (2)
  • rsa-sig (3)
  • rsa-enc (4)
  • default (33)
EncKeySize
This object specifies the encryption key size used with this 
proposal. The limits for the individual algorithms can be seen
in the ipsecAlgorithmTable.
If a length outside the limits for the specified algorithm is
specified, it is reset to the max/min value possible.
EncKeySizeMin
This object specifies the maximum encryption key size accepted
with this proposal. 
The limits for the individual algorithms can be seen in the 
ipsecAlgorithmTable.
If a length outside the limits for the specified algorithm is
specified, it is reset to the max/min value possible.
EncKeySizeMax
This object specifies the maximum encryption key size accepted
with this proposal. 
The limits for the individual algorithms can be seen in the 
ipsecAlgorithmTable.
If a length outside the limits for the specified algorithm is
specified, it is reset to the max/min value possible.


MIB Reference to Software Version 7.5.1 generated on 2006/08/03. Provided by webmaster@funkwerk-ec.com
Copyright ©2006 by Funkwerk Enterprise Communications GmbH