>> MIB - Management Information Base

>> Table: ikeProposalTable - (.1.3.6.1.4.1.272.4.26.6.1)

Description: This object contains an IKE proposal, i.e. the encryption algorithm and the hash algorithm used to protect traffic sent over an IKE SA.

ikeProposalTable
OIDNameTypeAccess
.1IndexINTEGERR
.2NextChoiceINTEGERRW
.3DescriptionDisplayStringRW
.4EncAlgENUMRW
.5HashAlgENUMD
.7GroupINTEGERRW
.8AuthMethodENUMRW
.9EncKeySizeINTEGERRW
.10EncKeySizeMinINTEGERRW
.11EncKeySizeMaxINTEGERRW

Index
A unique index identifying this entry.
NextChoice
This object specifies the index of the next proposal of a choice of proposals. If this object is 0, this marks the end of a proposal chain.
Description
An optional textual description of the proposal chain beginning at this entry.

Range: 0 to 255

EncAlg
This object specifies the encryption algorithm used to protect traffic sent over an IKE SA. Possible values: none(1), -- No encryption applied des-cbc(2), -- DES in CBC mode des3-cbc(3), -- Triple DES in CBC mode blowfish-cbc(4), -- Blowfish in CBC mode cast128-cbc(5) -- CAST in CBC mode with 128 bit key twofish-cbc(6), -- Twofish in CBC mode aes-cbc(7), -- AES in CBC mode rijndael-cbc(31) -- rijndael (former name for AES).

Enumerations:

  • none (1)
  • des-cbc (2)
  • des3-cbc (3)
  • blowfish-cbc (4)
  • cast128-cbc (5)
  • twofish-cbc (6)
  • aes-cbc (7)
  • rijndael-cbc (31)
HashAlg
This object specifies the hash algorithm used to protect traffic sent over an IKE SA. Possible values: delete(1), -- Delete this entry none(2), -- No hash algorithm md5(3), -- The MD5 hash algorithm sha1(4), -- The Secure Hash Algorithm ripemd160(5),-- The RipeMD160 Hash Algorithm tiger192(6) -- The Tiger Hash Algorithm.

Enumerations:

  • delete (1)
  • none (2)
  • md5 (3)
  • sha1 (4)
  • ripemd160 (5)
  • tiger192 (6)
Group
Index of the IKE group used with this proposal. It may be overridden by a valid IKE group index of an IPSec peer or in ipsecGlobDefaultIkeGroup. Possible values: 0 (use default setting in ipsecPeerIkeGroup or ipsecGlobDefaultIkeGroup), 1 (768 bit MODP), 2 (1024 bit MODP), 5 (1536 bit MODP).
AuthMethod
This object specifies the authentication method used with this proposal. It may be overridden by the setting in the ipsecPeerEntry table. If set to 'default' the value in ipsecGlobDefaultAuthMethod is used. Possible values: pre-sh-key(1), -- Authentication using pre shared keys dss-sig(2), -- Authentication using DSS signatures rsa-sig(3), -- Authentication using RSA signatures rsa-enc(4), -- Authentication using RSA encryption default(33) -- Use default authentication method.

Enumerations:

  • pre-sh-key (1)
  • dss-sig (2)
  • rsa-sig (3)
  • rsa-enc (4)
  • default (33)
EncKeySize
This object specifies the encryption key size used with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible.

Range: 0 to 2048

EncKeySizeMin
This object specifies the maximum encryption key size accepted with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible.

Range: 0 to 2048

EncKeySizeMax
This object specifies the maximum encryption key size accepted with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible.

Range: 0 to 2048


MIB Reference to Software Version 7.6.2 generated on 2008/03/07. Provided by webmaster@funkwerk-ec.com
Copyright ©2008 by Funkwerk Enterprise Communications GmbH