| Index |
| A unique index for this entry. |
| PeerIndex |
| The index of the peer for which this bundle was created. |
| TrafficIndex |
| The index of the traffic entry for which this bundle was created. |
| State |
| The current state of the bundle Possible values: established(1), -- The bundle is alive expired(2), -- The bundle is expired delete (3), -- Mark this bundle for deletion negotiating(4), -- This bundle is currently negotiated rekeyed(5), -- Rekeying of bundle succeeded heartbeat-lost(6), -- Heartbeat receive timeout failed(7), -- The negotiation failed initiating(8) -- This bundle is currently initiated. |
| NumSas |
| The number of SAs contained in this bundle. |
| Role |
| This object specifies by which side the SA bundle negotiation was initiated. Possible values: initiator(1), -- this end initiated the negotiation responder(2) -- the remote end initiated the negotiation. |
| RekeyedBundle |
| This object indicates upon rekeying, which bundle (actually its BundleIndex) is going to be replaced by that one. |
| RekeyingBundle |
| This object indicates upon rekeying, which bundle (actually its BundleIndex) is going to replace that one. |
| LastStateChange |
| This object indicates the time in time ticks from system start by which the state of this bundle entry was changed last. To determine the absolute time, the current sysUpTime must be subtracted from this value. |
| HeartbeatsEnabled |
| This object specifies whether heartbeats are sent and/or expected over this bundle. Possible values: none(1), -- neither sending nor expecting heartbeats expect(2), -- expecting heartbeats send(3), -- sending heartbeats both(4) -- sending and expecting heartbeats. |
| Creator |
| This object specifies how the SA was created Possible values: manual(1),-- A manually keyed IPSec SA bundle ike(2) -- An automatically keyed SA bundle created by IKE. |
| TunnelLocal |
| The local IP address of the outer packet header. For transport mode bundles this address is the same as the ipsecBundleLocalAddress. |
| TunnelRemote |
| The remote IP address of the outer packet header. For transport mode bundles, this address is the same as the ipsecBundleRemoteAddress. |
| PmtuDiscovery |
| This object specifies the initialization of the DF bit in outgoing IPSec packets for this bundle. It decides whether PMTU discovery is propagated over the IPSec tunnel or not. Possible values: enabled(1), -- copy DF bit from original packet; propagate PMTU disabled(2) -- clear DF bit in IPSec packet; -- fragment if necessary. |
| KeepAlive |
| This object specifies the circumstances under which this SA bundle will be rekeyed. Possible values: true(1), -- rekey even if no traffic was processed false(2) -- rekey only if at least one packet was processed. |
| VerifyPad |
| This object specifies the kind of padding expected for ESP SAs within this bundle. Possible values: true(1), -- normal, self-describing ESP padding false(2) -- old style ESP padding. |
| LifeSeconds |
| The period in seconds after which this bundle will be destroyed. |
| LifeKBytes |
| The amount of data allowed to be protected by this bundle until it is destroyed (ipsecBundleOutBytes or ipecBundleOutBytes). |
| RekeySeconds |
| The period in seconds after which this bundle will be rekeyed. |
| RekeyKBytes |
| The amount of data allowed to be protected by this bundle until it is rekeyed (ipsecBundleOutBytes or ipecBundleOutBytes). |
| Proto |
| The protocol of the traffic selectors. |
| LocalAddress |
| The local address (host or network or range start address) of the traffic selectors, source for outbound, destination for inbound. |
| LocalMaskLen |
| The local network masklen of the traffic selectors, source for outbound, destination for inbound. |
| LocalRange |
| The local address range end address of the traffic selectors, source for outbound, destination for inbound. |
| LocalPort |
| The local port of the traffic selectors, source for outbound, destination for inbound. |
| RemoteAddress |
| The remote address (host or network or range start address) of the traffic selectors source for outbound, destination for inbound. |
| RemoteMaskLen |
| The remote network masklen of the traffic selectors source for outbound, destination for inbound. |
| RemoteRange |
| The remote address range end address of the traffic selectors source for outbound, destination for inbound. |
| RemotePort |
| The remote port of the traffic selectors source for outbound, destination for inbound. |
| InPkt |
| The total number of inbound packets processed by this bundle. |
| InHb |
| The number of heartbeat packets received over this bundle. (only for IKEv1) |
| InBytes |
| The number of inbound bytes (including IPSec overhead) processed by this bundle. |
| InBytesNetto |
| The number of inbound bytes (netto: IPSec headers excluded) processed by this bundle. |
| OutPkt |
| The total number of outbound packets processed by this bundle. |
| OutHb |
| The number of heartbeat packets sent for this bundle. (only for IKEv1) |
| OutBytes |
| The number of outbound bytes (including IPSec overhead) processed by this bundle. |
| OutBytesNetto |
| The number of outbound bytes (netto: IPSec headers excluded) processed by this bundle. |
| NatT |
| This object specifies if the udp encapsulation of ESP packets is active within this bundle. Possible values: enabled(1), -- use udp encapsulation disabled(2) -- do not use udp encapsulation. |
| NatOaLocal |
| The local IP address as seen by the remote side. Only valid for transport mode bundles with NatT enabled. |
| NatOaRemote |
| The remote IP address as seen by the remote side. Only valid for transport mode bundles with NatT enabled. |
| IkeMajVersion |
| The IKE major version number. |
| IkeMinVersion |
| The IKE minor version number. |
| Ip6TunnelLocal |
| The local IPv6 address of the outer packet header. For transport mode bundles this address is the same as the ipsecBundleIp6LocalAddress. |
| Ip6TunnelRemote |
| The remote IPv6 address of the outer packet header. For transport mode bundles, this address is the same as the ipsecBundleIp6RemoteAddress. |
| Ip6LocalAddress |
| The local IPv6 address (host or network or range start address) of the traffic selectors, source for outbound, destination for inbound. |
| Ip6LocalMaskLen |
| Indicates the prefix length associated with the source (local) IPv6 address. |
| Ip6RemoteAddress |
| The remote IPv6 address (host or network or range start address) of the traffic selectors, source for outbound, destination for inbound. |
| Ip6RemoteMaskLen |
| Indicates the prefix length associated with the destination (remote) IPv6 address. |
| IpVersion |
| Used IP version connecting this peer: ipv4 -- bundle is associated to IPv4 ipv6 -- bundle is associated to IPv6 |