| Index |
| A unique index identifying this entry. |
| NextChoice |
| This object specifies the index of the next proposal of a choice of proposals. If this object is 0, this marks the end of a proposal chain. |
| Description |
| An optional textual description of the proposal chain beginning at this entry. |
| EncAlg |
| This object specifies the encryption algorithm used to protect traffic sent over an IKE SA. Possible values: none(1), -- No encryption applied des-cbc(2), -- DES in CBC mode des3-cbc(3), -- Triple DES in CBC mode blowfish-cbc(4), -- Blowfish in CBC mode cast128-cbc(5) -- CAST in CBC mode with 128 bit key twofish-cbc(6), -- Twofish in CBC mode aes-cbc(7), -- AES in CBC mode rijndael-cbc(31) -- rijndael (former name for AES). |
| HashAlg |
| This object specifies the hash algorithm used to protect traffic sent over an IKE SA. Possible values: delete(1), -- Delete this entry none(2), -- No hash algorithm md5(3), -- The MD5 hash algorithm sha1(4), -- The Secure Hash Algorithm ripemd160(5),-- The RipeMD160 Hash Algorithm tiger192(6), -- The Tiger Hash Algorithm sha2-256(7), -- SHA2 256 bit sha2-384(8), -- SHA2 384 bit sha2-512(9) -- SHA2 512 bit. |
| Group |
| This object specifies the IKE group used with this proposal. Possible values: 0 (use default setting), 1 (768 bit MODP), 2 (1024 bit MODP), 5 (1536 bit MODP), 14 (2048 bit MODP), 15 (3072 bit MODP), 16 (4096 bit MODP). In IKEv1 case it is overridden by the value in ikePrfGroup. In IKEv2 case a configured value of '0' is replaced with '2'. |
| AuthMethod |
| This object specifies the authentication method used with this proposal. It may be overridden by the setting in the ipsecPeerEntry table. If set to 'default' the value in ipsecGlobDefaultAuthMethod is used. Possible values: pre-sh-key(1), -- Authentication using pre shared keys dss-sig(2), -- Authentication using DSS signatures rsa-sig(3), -- Authentication using RSA signatures rsa-enc(4), -- Authentication using RSA encryption default(33) -- Use default authentication method. |
| EncKeySize |
| This object specifies the encryption key size used with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible. |
| EncKeySizeMin |
| This object specifies the maximum encryption key size accepted with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible. |
| EncKeySizeMax |
| This object specifies the maximum encryption key size accepted with this proposal. The limits for the individual algorithms can be seen in the ipsecAlgorithmTable. If a length outside the limits for the specified algorithm is specified, it is reset to the max/min value possible. |