| Index |
| A unique index for this entry. |
| State |
| The current state of the security association Possible values: alive(1), -- The SA is alive expired(2), -- The SA is expired negotiating(4),-- This SA is currently negotiated established(5) -- The SA is alive and will eventually be rekeyed. |
| Dir |
| This object specifies whether the SA is used for inbound or outbound processing. Possible values: inbound(1), -- An inbound security association outbound(2) -- An outbound security association. |
| Mode |
| This object specifies whether the SA is in tunnel or transport mode. Possible values: tunnel(1), -- A tunnel mode SA transport(2) -- A transport mode SA tp-greipv4(3)-- A transport mode SA with GRE IPv4 encapsulation tp-greipv6(4)-- A transport mode SA with GRE IPv6 encapsulation. |
| SecProto |
| This object specifies the security protocol applied by this SA. Possible values: esp(50), -- Encapsulating Security Payload ah(51), -- Authentication Header ipcomp(108) -- Internet Payload Compression Protocol. |
| Spi |
| The Security Parameters Index of this SA. |
| AuthAlg |
| The hash algorithm used, if any. Possible Values: none(2), -- No hash algorithm applied md5-96(4), -- The MD5 hash algorithm sha1-96(6), -- The Secure Hash Algorithm sha2-256(7), -- SHA2 256 bit sha2-384(8), -- SHA2 384 bit sha2-512(9) -- SHA2 512 bit. |
| EncAlg |
| The encryption algorithm used, if any. Possible Values: none(1), -- No encryption applied des-cbc(2), -- DES in CBC mode des3-cbc(3), -- Triple DES in CBC mode blowfish-cbc(4), -- Blowfish in CBC mode cast128-cbc(5), -- CAST with 128 bit key in CBC mode twofish-cbc(6), -- Twofish in CBC mode aes-cbc(7) -- AES in CBC mode. |
| CompAlg |
| The compression algorithm used, if any. Possible Values: none(1), -- No compression deflate(2) -- DEFLATE compression algorithm. |
| AuthKeyLen |
| The length in bytes of the key used for authentication, if any. |
| EncKeyLen |
| The length in bytes of the key used for encryption, if any. |
| ReplayErrors |
| The number of replayed packets detected for this SA. |
| RecvErrors |
| The number of receive errors (replayed packets not counted) detected for this SA. |
| DecryptErrors |
| The number of decryption errors (ESP only) detected for this SA. |
| Bundle |
| unique id of SA-bundle within this SA is used. |
| BundleNesting |
| place of SA within SA-Bundle. |
| SpiSize |
| The size of the SPI in bytes. |
| EncKey |
| description not available |
| AuthKey |
| description not available |
| IkeMajVersion |
| The IKE major version number. |
| IkeMinVersion |
| The IKE minor version number. |
| PfsGroup |
| The Diffie-Hellman group used for PFS: 0: no PFS 1: a 768-bit MODP group 2: a 1024-bit MODP group 5: a 1536-bit MODP group 14: a 2048-bit MODP group 15: a 3072-bit MODP group 16: a 4096-bit MODP group. |