This object specifies the PFS group to use.
PFS is done only for phase 2, i.e. the Phase 1 SAs are not
deleted after phase 2 negotiation is completed.
Note however, that if the peer has configured PFS for
identity and destroys phase 1 SAs, this side will also
destroy them when notified.
Possible values:
0 (no PFS)
1 (768 bit MODP),
2 (1024 bit MODP),
5 (1536 bit MODP).
Parsed from file mibipsec.mib.txt
Company: None
Module: BIANCA-BRICK-IPSEC-MIB
This object specifies the PFS group to use.
PFS is done only for phase 2, i.e. the Phase 1 SAs are not
deleted after phase 2 negotiation is completed.
Note however, that if the peer has configured PFS for
identity and destroys phase 1 SAs, this side will also
destroy them when notified.
Possible values:
0 (no PFS)
1 (768 bit MODP),
2 (1024 bit MODP),
5 (1536 bit MODP).
Parsed from file BIANCA-BRICK-IPSEC-MIB.mib
Module: BIANCA-BRICK-IPSEC-MIB
Vendor: BinTec Communications GmbH
Module: BIANCA-BRICK-IPSEC-MIB
[Automatically extracted from oidview.com]
ipsecGlobDefaultPfsGroup OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the PFS group to use. PFS is done only for phase 2, i.e. the Phase 1 SAs are not deleted after phase 2 negotiation is completed. Note however, that if the peer has configured PFS for identity and destroys phase 1 SAs, this side will also destroy them when notified. Possible values: 0 (no PFS) 1 (768 bit MODP), 2 (1024 bit MODP), 5 (1536 bit MODP)." ::= { ipsecGlobals 13 }
ipsecGlobDefaultPfsGroup OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the PFS group to use. PFS is done only for phase 2, i.e. the Phase 1 SAs are not deleted after phase 2 negotiation is completed. Note however, that if the peer has configured PFS for identity and destroys phase 1 SAs, this side will also destroy them when notified. Possible values: 0 (no PFS) 1 (768 bit MODP), 2 (1024 bit MODP), 5 (1536 bit MODP)." ::= { ipsecGlobals 13 }
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.13.0 | ipsecGlobDefaultPfsGroup | 0 | 0 | None |
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.1 | ipsecGlobPeerIndex | 1 | 1 | Index of first IPsec peer in ipsecPeerTable. If this object is set to a Value <= 0, IPSec is switched explicitly off. If the peer referenced by this obj… |
| 1.3.6.1.4.1.272.4.26.1.2 | ipsecGlobDefaultAuthMethod | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.3 | ipsecGlobDefaultCertificate | 1 | 1 | The index of the default certificate in the certTable used for local authentication for ike keyed rules with non pre-shared-key a… |
| 1.3.6.1.4.1.272.4.26.1.4 | ipsecGlobDefaultLocalId | 1 | 1 | The default ID used for local authentication for ike keyed rules. If this is an empty or invaid id string one of the subject alt… |
| 1.3.6.1.4.1.272.4.26.1.5 | ipsecGlobDefaultIpsecProposal | 1 | 1 | Index of default ipsec proposal used for traffic entries with empty ipsec proposal, defined for peers with empty default ipsec pr… |
| 1.3.6.1.4.1.272.4.26.1.6 | ipsecGlobDefaultIkeProposal | 1 | 1 | Index of default ike proposal used for peers with empty default ike proposal. |
| 1.3.6.1.4.1.272.4.26.1.7 | ipsecGlobDefaultIpsecLifeTime | 1 | 1 | Index of default lifetime for ike SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry specif… |
| 1.3.6.1.4.1.272.4.26.1.8 | ipsecGlobDefaultIkeLifeTime | 1 | 1 | Index of default lifetime for ipsec SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry spe… |
| 1.3.6.1.4.1.272.4.26.1.9 | ipsecGlobDefaultIkeGroup | 1 | 1 | Index of default IKE group used if no IKE group is defined for a peer. Possible values: 1 (768 bit MODP), 2 (1024 bit MODP), 5 (153… |
| 1.3.6.1.4.1.272.4.26.1.10 | ipsecGlobMaxSysLogLevel | 1 | 1 | Maximum level for syslog messages issued by IPSec. All messages with a level higher than this value are suppressed, independently… |
| 1.3.6.1.4.1.272.4.26.1.11 | ipsecGlobDefaultGranularity | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.12 | ipsecGlobDefaultPh1Mode | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.20 | ipsecGlobIkePort | 1 | 1 | This object specifies the port the IKE key management service listens to. |
| 1.3.6.1.4.1.272.4.26.1.21 | ipsecGlobMaxRetries | 1 | 1 | This object specifies the maximum number of retries sent by IKE for one message. |
| 1.3.6.1.4.1.272.4.26.1.22 | ipsecGlobRetryTimeout0milli | 1 | 1 | This object specifies the period of time in milliseconds before an IKE message is repeated for the first time if the answer is mi… |
| 1.3.6.1.4.1.272.4.26.1.23 | ipsecGlobRetryTimeoutMaxsec | 1 | 1 | This object specifies the maximum period of time in seconds before an IKE message is repeated if the answer is missing. The retry… |
| 1.3.6.1.4.1.272.4.26.1.24 | ipsecGlobMaxNegotiationTimeoutsec | 1 | 1 | This object specifies the maximum number of seconds after which a negotiation is canceled if it is not finished. |
| 1.3.6.1.4.1.272.4.26.1.25 | ipsecGlobMaxIkeSas | 1 | 1 | This object specifies the maximum number of simultaneous ISAKMP Security associations allowed. If this limit is reached, the entr… |
| 1.3.6.1.4.1.272.4.26.1.26 | ipsecGlobAntiCloggingLength | 1 | 1 | This object specifies the length in bits of the local secret used for ISAKMP anti-clogging cookies. |
| 1.3.6.1.4.1.272.4.26.1.27 | ipsecGlobAntiCloggingHash | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.28 | ipsecGlobLocalSecretPeriodsec | 1 | 1 | This object specifies the period of time in seconds after which a new secret for creating local anti-clogging tokens is created. … |
| 1.3.6.1.4.1.272.4.26.1.29 | ipsecGlobIgnoreCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.30 | ipsecGlobNoCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.31 | ipsecGlobNoKeyHashPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.32 | ipsecGlobNoCrls | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.33 | ipsecGlobSendFullCertChains | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.34 | ipsecGlobTrustIcmpMsg | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.35 | ipsecGlobSpiSize | 1 | 1 | A compatibility flag that specifies the length of the SPI in bytes, which is used when an ISAKMP SA SPI (Cookie) is sent to the r… |
| 1.3.6.1.4.1.272.4.26.1.36 | ipsecGlobZeroIsakmpCookies | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.37 | ipsecGlobMaxKeyLength | 1 | 1 | This object specifies the maximum length of an encryption key (in bits) that is accepted from the remote end. This limit prevents… |
| 1.3.6.1.4.1.272.4.26.1.38 | ipsecGlobNoInitialContact | 1 | 1 | None |