tmnxIkePolicyPFSDHGroup
TIMETRA-IPSEC-MIB ·
.1.3.6.1.4.1.6527.3.1.2.48.4.1.8
Object
column
r/w
TmnxIkePolicyDHGroup
The value of tmnxIkePolicyPFSDHGroup is used only if the value of the
tmnxIkePolicyPFSEnabled is 'true'.
The value of tmnxIkePolicyPFSDHGroup specifies the new
Diffie-hellman key exchange each time the SA(Security Association)
key is renegotiated. After the SA expires, the key is forgotten
and another key is generated (if the SA remains up). This means
that an attacker who cracks part of the exchange can only read the
part that used the key before the key changed. There is no
advantage of cracking the other parts if the attacker has already
cracked one.
Context
- MIB
- TIMETRA-IPSEC-MIB
- OID
.1.3.6.1.4.1.6527.3.1.2.48.4.1.8- Type
- column
- Access
- readwrite
- Status
- current
- Parent
- tmnxIkePolicyEntry
Syntax
TmnxIkePolicyDHGroup
Values & Constraints
No enumerated values or constraints recorded.