ipsecPrfLifePolicy
FEC-IPSEC-MIB ·
.0.15.1.19
Object
column
r/w
Enumeration
This object specifies the way a lifetime proposal is handled. Possible values: loose(1), -- accept and use anything proposed strict(2), -- accept and use only what is configured notify(3) -- accept anything, if own values are smaller than what was proposed use these and send responder lifetime notification use_default_lifetime(4) -- use lifetime values from default -- profile.
Context
- MIB
- FEC-IPSEC-MIB
- OID
.0.15.1.19- Type
- column
- Access
- readwrite
- Status
- current
- Parent
- ipsecProfileEntry
- Table
- ipsecProfileTable
- Siblings
- 14
Syntax
Enumeration
Values & Constraints
Enumerated Values
1 | loose |
2 | strict |
3 | notify |
4 | use-default-lifetime |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| ipsecPrfIndex A unique index identifying this entry. | column | Integer32 | .0.15.1.1 |
| ipsecPrfVerifyPad This object is a compatibility option for older ipsec
implementations. It enables or disables an old way of ESP
padding (no self describing padding).
Possible values:
true(1)… | column | Enumeration | .0.15.1.10 |
| ipsecPrfForceTunnelMode This object specifies the strategy when transport mode is used.
By default, the system always uses transport mode, if possible.
If this variable is set to true, always tunnel mode… | column | Enumeration | .0.15.1.11 |
| ipsecPrfLifeSeconds The maximum time (in seconds) after which an SA will be
deleted. | column | seconds SNMPv2-SMIUnsigned32 | .0.15.1.16 |
| ipsecPrfLifeKBytes The maximum amount of data (in KB) which may be protected
by an SA before it is deleted. | column | kilo bytes SNMPv2-SMIUnsigned32 | .0.15.1.17 |
| ipsecPrfLifeRekeyPercent The percentage of the lifetimes (traffic and time based)
after which rekeying is started. | column | Integer32 | .0.15.1.18 |
| ipsecPrfDescription An optional description for this profile. | column | SNMPv2-TCDisplayString | .0.15.1.2 |
| ipsecPrfProposal The index of the IPSec proposal used for this profile. | column | Integer32 | .0.15.1.3 |
| ipsecPrfPfsGroup The Diffie Hellman group used for additional Perfect
Forward Secrecy (PFS) DH exponentiations.
Possible values:
-1: do not use PFS
0: use value from default profile (do not u… | column | Integer32 | .0.15.1.4 |
| ipsecPrfLifeTime This object specifies an index in the
ipsecLifeTimeTable.
The usage of this object is deprecated, use the ipsecPrfLifeXxx
variables directly instead. | column | Integer32 | .0.15.1.5 |
| ipsecPrfHeartbeats This object specifies whether heartbeats should be sent
over phase 2 SAs for this profile (heartbeats are not
used for IPv6).
Possible values:
none(1), -- neither send no… | column | Enumeration | .0.15.1.6 |
| ipsecPrfPmtuDiscovery This object specifies the PMTU discovery policy for this peer.
Possible values:
disabled(1), -- do not perform PMTU discovery
enabled(2) -- perform PMTU discovery
default(… | column | Enumeration | .0.15.1.7 |
| ipsecPrfGranularity This object specifies the granularity with which SA's
are created with this profile.
Possible values:
default(1), -- use granulaity settings from default profile
-- (coarse i… | column | Enumeration | .0.15.1.8 |
| ipsecPrfKeepAlive This object specifies whether IKE SA's
are rekeyed even if there was no data transferred over
them.
Possible values:
true(1), -- rekey SA's even if no data was transferred
f… | column | Enumeration | .0.15.1.9 |