Vendor: BinTec Communications GmbH
Module: BIANCA-BRICK-IPSEC-MIB
[Automatically extracted from oidview.com]
ipsecGlobTrustIcmpMsg OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies whether IKE should trust icmp port and host unreachable error messages. ICMP port and host unreachable messages are only trusted if there have not yet been received any datagrams from the remote host in this negotiation. This means, if the local side receives an ICMP port or host unreachable message as the first response to the initial packet of a new phase 1 negotiation, it cancels the negotiation immediately. Possible values: true(1), false(2) ::= { ipsecGlobals 34 }
ipsecGlobTrustIcmpMsg OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object specifies whether IKE should trust icmp port and host unreachable error messages. ICMP port and host unreachable messages are only trusted if there have not yet been received any datagrams from the remote host in this negotiation. This means, if the local side receives an ICMP port or host unreachable message as the first response to the initial packet of a new phase 1 negotiation, it cancels the negotiation immediately. Possible values: true(1), false(2) ::= { ipsecGlobals 34 }
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.34.0 | ipsecGlobTrustIcmpMsg | 0 | 0 | None |
| OID | Name | Sub children | Sub Nodes Total | Description |
|---|---|---|---|---|
| 1.3.6.1.4.1.272.4.26.1.1 | ipsecGlobPeerIndex | 1 | 1 | Index of first IPsec peer in ipsecPeerTable. If this object is set to a Value <= 0, IPSec is switched explicitly off. If the peer referenced by this obj… |
| 1.3.6.1.4.1.272.4.26.1.2 | ipsecGlobDefaultAuthMethod | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.3 | ipsecGlobDefaultCertificate | 1 | 1 | The index of the default certificate in the certTable used for local authentication for ike keyed rules with non pre-shared-key a… |
| 1.3.6.1.4.1.272.4.26.1.4 | ipsecGlobDefaultLocalId | 1 | 1 | The default ID used for local authentication for ike keyed rules. If this is an empty or invaid id string one of the subject alt… |
| 1.3.6.1.4.1.272.4.26.1.5 | ipsecGlobDefaultIpsecProposal | 1 | 1 | Index of default ipsec proposal used for traffic entries with empty ipsec proposal, defined for peers with empty default ipsec pr… |
| 1.3.6.1.4.1.272.4.26.1.6 | ipsecGlobDefaultIkeProposal | 1 | 1 | Index of default ike proposal used for peers with empty default ike proposal. |
| 1.3.6.1.4.1.272.4.26.1.7 | ipsecGlobDefaultIpsecLifeTime | 1 | 1 | Index of default lifetime for ike SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry specif… |
| 1.3.6.1.4.1.272.4.26.1.8 | ipsecGlobDefaultIkeLifeTime | 1 | 1 | Index of default lifetime for ipsec SA's in ipsecLifeTimeTable. This lifetime is used, when there is no valid lifetime entry spe… |
| 1.3.6.1.4.1.272.4.26.1.9 | ipsecGlobDefaultIkeGroup | 1 | 1 | Index of default IKE group used if no IKE group is defined for a peer. Possible values: 1 (768 bit MODP), 2 (1024 bit MODP), 5 (153… |
| 1.3.6.1.4.1.272.4.26.1.10 | ipsecGlobMaxSysLogLevel | 1 | 1 | Maximum level for syslog messages issued by IPSec. All messages with a level higher than this value are suppressed, independently… |
| 1.3.6.1.4.1.272.4.26.1.11 | ipsecGlobDefaultGranularity | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.12 | ipsecGlobDefaultPh1Mode | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.13 | ipsecGlobDefaultPfsGroup | 1 | 1 | This object specifies the PFS group to use. PFS is done only for phase 2, i.e. the Phase 1 SAs are not deleted after phase 2 nego… |
| 1.3.6.1.4.1.272.4.26.1.20 | ipsecGlobIkePort | 1 | 1 | This object specifies the port the IKE key management service listens to. |
| 1.3.6.1.4.1.272.4.26.1.21 | ipsecGlobMaxRetries | 1 | 1 | This object specifies the maximum number of retries sent by IKE for one message. |
| 1.3.6.1.4.1.272.4.26.1.22 | ipsecGlobRetryTimeout0milli | 1 | 1 | This object specifies the period of time in milliseconds before an IKE message is repeated for the first time if the answer is mi… |
| 1.3.6.1.4.1.272.4.26.1.23 | ipsecGlobRetryTimeoutMaxsec | 1 | 1 | This object specifies the maximum period of time in seconds before an IKE message is repeated if the answer is missing. The retry… |
| 1.3.6.1.4.1.272.4.26.1.24 | ipsecGlobMaxNegotiationTimeoutsec | 1 | 1 | This object specifies the maximum number of seconds after which a negotiation is canceled if it is not finished. |
| 1.3.6.1.4.1.272.4.26.1.25 | ipsecGlobMaxIkeSas | 1 | 1 | This object specifies the maximum number of simultaneous ISAKMP Security associations allowed. If this limit is reached, the entr… |
| 1.3.6.1.4.1.272.4.26.1.26 | ipsecGlobAntiCloggingLength | 1 | 1 | This object specifies the length in bits of the local secret used for ISAKMP anti-clogging cookies. |
| 1.3.6.1.4.1.272.4.26.1.27 | ipsecGlobAntiCloggingHash | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.28 | ipsecGlobLocalSecretPeriodsec | 1 | 1 | This object specifies the period of time in seconds after which a new secret for creating local anti-clogging tokens is created. … |
| 1.3.6.1.4.1.272.4.26.1.29 | ipsecGlobIgnoreCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.30 | ipsecGlobNoCrPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.31 | ipsecGlobNoKeyHashPayloads | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.32 | ipsecGlobNoCrls | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.33 | ipsecGlobSendFullCertChains | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.35 | ipsecGlobSpiSize | 1 | 1 | A compatibility flag that specifies the length of the SPI in bytes, which is used when an ISAKMP SA SPI (Cookie) is sent to the r… |
| 1.3.6.1.4.1.272.4.26.1.36 | ipsecGlobZeroIsakmpCookies | 1 | 1 | None |
| 1.3.6.1.4.1.272.4.26.1.37 | ipsecGlobMaxKeyLength | 1 | 1 | This object specifies the maximum length of an encryption key (in bits) that is accepted from the remote end. This limit prevents… |
| 1.3.6.1.4.1.272.4.26.1.38 | ipsecGlobNoInitialContact | 1 | 1 | None |