tmnxIPsecTransformPfsDhGroup
TIMETRA-IPSEC-MIB ·
.1.3.6.1.4.1.6527.3.1.2.48.2.1.6
Object
column
r/w
TmnxIPsecTransformPfsDhGrp
The value of tmnxIPsecTransformPfsDhGroup specifies the Diffie-hellman
(DH) key exchange to be used each time the Security Association (SA)
key is renegotiated. After the SA expires, the key is forgotten and
another key is generated (if the SA remains up). This means that an
attacker who cracks part of the exchange can only read the part that
used the key before the key changed. There is no advantage of cracking
the other parts if the attacker has already cracked one.
The value of 'inherit (-1)' specifies that the IPsec tunnel or gateway
which refers to this IPsec transform will reuse the DH group
configurations from its associated IKE policy table
(tmnxIkePolicyTable). Specifically, if the value of
tmnxIkePolicyPFSEnabled is 'true (1)', the IPsec transform will use
the value of tmnxIkePolicyPFSDHGroup. If the value of
tmnxIkePolicyPFSEnabled is 'false (2)', the IPsec transform doesn't
use any DH group.
Context
- MIB
- TIMETRA-IPSEC-MIB
- OID
.1.3.6.1.4.1.6527.3.1.2.48.2.1.6- Type
- column
- Access
- readwrite
- Status
- current
- Parent
- tmnxIPsecTransformEntry
- Table
- tmnxIPsecTransformTable
- Siblings
- 6
Syntax
TmnxIPsecTransformPfsDhGrp
- Source
- TmnxIPsecTransformPfsDhGrp
- Base type
Enumeration
Values & Constraints
Type Values
-1 | inherit |
0 | disablePfs |
1 | group1 |
2 | group2 |
5 | group5 |
14 | group14 |
15 | group15 |
19 | group19 |
20 | group20 |
21 | group21 |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| tmnxIPsecTransformId The value of tmnxIPsecTransformId specifies the id of a transform
entry and is the primary index for the table tmnxIPsecTransformTable. | column | TmnxIPsecTransformId | .1.3.6.1.4.1.6527.3.1.2.48.2.1.1 |
| tmnxIPsecTransformRowStatus The tmnxIPsecTransformRowStatus object is used to create and delete
rows in the tmnxIPsecTransformTable. | column | SNMPv2-TCRowStatus | .1.3.6.1.4.1.6527.3.1.2.48.2.1.2 |
| tmnxIPsecTransformLastChanged The value of tmnxIPsecTransformLastChanged indicates the sysUpTime at
the time of the last modification of this entry.
If no changes were made to the entry since th… | column | SNMPv2-TCTimeStamp | .1.3.6.1.4.1.6527.3.1.2.48.2.1.3 |
| tmnxIPsecTransformAuthAlgorithm The value of tmnxIPsecTransformAuthAlgorithm specifies the Hashing
algorithm used for the AH (Authentication Header) protocol's
authentication function. If 'none' is used then AH … | column | TIMETRA-TC-MIBTmnxAuthAlgorithm | .1.3.6.1.4.1.6527.3.1.2.48.2.1.4 |
| tmnxIPsecTransformEncrAlgorithm The value of tmnxIPsecTransformEncrAlgorithm specifies the
Encryption algorithm to be used for the IPsec session. Encryption
only applies to ESP(Encapsulating Security Payload)
co… | column | TIMETRA-TC-MIBTmnxEncrAlgorithm | .1.3.6.1.4.1.6527.3.1.2.48.2.1.5 |
| tmnxIPsecTransformLifeTime The value of tmnxIPsecTransformLifeTime specifies the lifetime of the
phase 2 IKE key.
The value of zero specifies that the IPsec tunnel or gateway which
refers thi… | column | seconds Unsigned32 | .1.3.6.1.4.1.6527.3.1.2.48.2.1.7 |