This object specifies the period of time in seconds after which
a new secret for creating local anti-clogging tokens is
created. The previous secret is remembered, so that the
anti-clogging tokens created with the previous secret are
also recognized as valid. After the local secret is recreated
again, the old tokens are not recognized anymore and all IKE
packets belonging to the old security associations are
discarded. This means that the maximum lifetime of an ISAKMP SA
is twice the value of this timer.
Parsed from file mibipsec.mib.txt
Company: None
Module: BIANCA-BRICK-IPSEC-MIB
This object specifies the period of time in seconds after which
a new secret for creating local anti-clogging tokens is
created. The previous secret is remembered, so that the
anti-clogging tokens created with the previous secret are
also recognized as valid. After the local secret is recreated
again, the old tokens are not recognized anymore and all IKE
packets belonging to the old security associations are
discarded. This means that the maximum lifetime of an ISAKMP SA
is twice the value of this timer.
Parsed from file BIANCA-BRICK-IPSEC-MIB.mib
Module: BIANCA-BRICK-IPSEC-MIB
Vendor: BinTec Communications GmbH
Module: BIANCA-BRICK-IPSEC-MIB
[Automatically extracted from oidview.com]
ipsecGlobLocalSecretPeriodsec OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the period of time in seconds after which a new secret for creating local anti-clogging tokens is created. The previous secret is remembered, so that the anti-clogging tokens created with the previous secret are also recognized as valid. After the local secret is recreated again, the old tokens are not recognized anymore and all IKE packets belonging to the old security associations are discarded. This means that the maximum lifetime of an ISAKMP SA is twice the value of this timer." ::= { ipsecGlobals 28 }
ipsecGlobLocalSecretPeriodsec OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies the period of time in seconds after which a new secret for creating local anti-clogging tokens is created. The previous secret is remembered, so that the anti-clogging tokens created with the previous secret are also recognized as valid. After the local secret is recreated again, the old tokens are not recognized anymore and all IKE packets belonging to the old security associations are discarded. This means that the maximum lifetime of an ISAKMP SA is twice the value of this timer." ::= { ipsecGlobals 28 }
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.28.0 | ipsecGlobLocalSecretPeriodsec | 0 | 0 | None |
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.1 | ipsecGlobPeerIndex | 1 | 1 | Index of first IPsec peer in ipsecPeerTable. If this object is set to a Value <= 0, IPSec is switched explicitly off. If the peer referenced by this obj… |
| 1.3.6.1.4.1.272.4.26.1.2 | ipsecGlobDefaultAuthMethod | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.3 | ipsecGlobDefaultCertificate | 1 | 1 | The index of the default certificate in the certTable used for local authentication for ike keyed rules with non pre-shared-key a… |
| 1.3.6.1.4.1.272.4.26.1.4 | ipsecGlobDefaultLocalId | 1 | 1 | The default ID used for local authentication for ike keyed rules. If this is an empty or invaid id string one of the subject alt… |
| 1.3.6.1.4.1.272.4.26.1.5 | ipsecGlobDefaultIpsecProposal | 1 | 1 | Index of default ipsec proposal used for traffic entries with empty ipsec proposal, defined for peers with empty default ipsec pr… |
| 1.3.6.1.4.1.272.4.26.1.6 | ipsecGlobDefaultIkeProposal | 1 | 1 | Index of default ike proposal used for peers with empty default ike proposal. |
| 1.3.6.1.4.1.272.4.26.1.7 | ipsecGlobDefaultIpsecLifeTime | 1 | 1 | Index of default lifetime for ike SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry specif… |
| 1.3.6.1.4.1.272.4.26.1.8 | ipsecGlobDefaultIkeLifeTime | 1 | 1 | Index of default lifetime for ipsec SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry spe… |
| 1.3.6.1.4.1.272.4.26.1.9 | ipsecGlobDefaultIkeGroup | 1 | 1 | Index of default IKE group used if no IKE group is defined for a peer. Possible values: 1 (768 bit MODP), 2 (1024 bit MODP), 5 (153… |
| 1.3.6.1.4.1.272.4.26.1.10 | ipsecGlobMaxSysLogLevel | 1 | 1 | Maximum level for syslog messages issued by IPSec. All messages with a level higher than this value are suppressed, independently… |
| 1.3.6.1.4.1.272.4.26.1.11 | ipsecGlobDefaultGranularity | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.12 | ipsecGlobDefaultPh1Mode | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.13 | ipsecGlobDefaultPfsGroup | 1 | 1 | This object specifies the PFS group to use. PFS is done only for phase 2, i.e. the Phase 1 SAs are not deleted after phase 2 nego… |
| 1.3.6.1.4.1.272.4.26.1.20 | ipsecGlobIkePort | 1 | 1 | This object specifies the port the IKE key management service listens to. |
| 1.3.6.1.4.1.272.4.26.1.21 | ipsecGlobMaxRetries | 1 | 1 | This object specifies the maximum number of retries sent by IKE for one message. |
| 1.3.6.1.4.1.272.4.26.1.22 | ipsecGlobRetryTimeout0milli | 1 | 1 | This object specifies the period of time in milliseconds before an IKE message is repeated for the first time if the answer is mi… |
| 1.3.6.1.4.1.272.4.26.1.23 | ipsecGlobRetryTimeoutMaxsec | 1 | 1 | This object specifies the maximum period of time in seconds before an IKE message is repeated if the answer is missing. The retry… |
| 1.3.6.1.4.1.272.4.26.1.24 | ipsecGlobMaxNegotiationTimeoutsec | 1 | 1 | This object specifies the maximum number of seconds after which a negotiation is canceled if it is not finished. |
| 1.3.6.1.4.1.272.4.26.1.25 | ipsecGlobMaxIkeSas | 1 | 1 | This object specifies the maximum number of simultaneous ISAKMP Security associations allowed. If this limit is reached, the entr… |
| 1.3.6.1.4.1.272.4.26.1.26 | ipsecGlobAntiCloggingLength | 1 | 1 | This object specifies the length in bits of the local secret used for ISAKMP anti-clogging cookies. |
| 1.3.6.1.4.1.272.4.26.1.27 | ipsecGlobAntiCloggingHash | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.29 | ipsecGlobIgnoreCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.30 | ipsecGlobNoCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.31 | ipsecGlobNoKeyHashPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.32 | ipsecGlobNoCrls | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.33 | ipsecGlobSendFullCertChains | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.34 | ipsecGlobTrustIcmpMsg | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.35 | ipsecGlobSpiSize | 1 | 1 | A compatibility flag that specifies the length of the SPI in bytes, which is used when an ISAKMP SA SPI (Cookie) is sent to the r… |
| 1.3.6.1.4.1.272.4.26.1.36 | ipsecGlobZeroIsakmpCookies | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.37 | ipsecGlobMaxKeyLength | 1 | 1 | This object specifies the maximum length of an encryption key (in bits) that is accepted from the remote end. This limit prevents… |
| 1.3.6.1.4.1.272.4.26.1.38 | ipsecGlobNoInitialContact | 1 | 1 | None |