• Related Topics
• IPsec Generic Flow Monitoring Object MIB
• Branch Tree Objects
• Number of IKE Tunnels Currently Active
• IPsec Phase 1 IKE Tunnel Table
• IPsec Phase 2 IKE Tunnel Table
• IPsec Phase 2 Security Association Table

Text Conventions

• JnxIkePeerType—The type of IPsec Phase 1 IKE peer identity. This identity is the local IKE identity to send in the exchange. The IKE peer may be identified by one of the ID types defined in IPsec DOI (see Table 1).

  Table 1: IKE Identity Type Text Conventions

  Type	Description	Syntax Integer
  Unknown	Unknown type	(0)
  idIpv4Addr	IPv4 address	(1)
  idFqdn	Fully qualified domain name	(2)
  idDn	Distinguished name	(3)
  idUfqdn	User fully qualified domain name	(4)

• JnxIkeNegoMode—The IPsec Phase 1 IKE negotiation mode (see Table 2).

  Table 2: IKE Negotiation Mode Text Conventions

  Type	Description	Syntax Integer
  Main mode	A six-message Phase 1 exchange that provides identity protection	(1)
  Aggressive mode	A three-message Phase 1 exchange that does not provide identity protection	(2)

• JnxIkeHashAlgo—The hash algorithm used in IPsec Phase 1 IKE negotiations (see Table 3).

  Table 3: IKE Negotiations Hash Alogorithms

  Hash Alogorithm	Syntax Integer
  md5	(1)
  sha	(2)

• JnxIkeAuthMethod—The authentication method used in IPsec Phase 1 IKE negotiations (see Table 4).

  Table 4: IKE Authentication Method

  Method	Syntax Integer
  preSharedKey	(1)
  dssSignature	(2)
  rsaSignature	(3)
  rsaEncryption	(4)
  revRsaEncryption	(5)
  xauthPreSharedKey	(6)
  xauthDssSignature	(7)
  xauthRsaSignature	(8)
  xauthRsaEncryption	(9)
  xauthRevRsaEncryption	(10)

• JnxIkePeerRole—The role of the local endpoint in negotiating the IPsec Phase 1 IKE security association (SA). It can be either initiator or responder (see Table 5).

  Table 5: Role of Local Endpoint in Negotiations

  Role	Syntax Integer
  Initiator	(1)
  Responder	(2)

• JnxIkeTunStateType—State of the Phase 1 IKE negotiation (see Table 6).

  Table 6: State of Phase 1 IKE Negotiation

  State	Syntax Integer
  Up	(1)
  Down	(2)

• JnxDiffHellmanGrp—The Diffie-Hellman Group used in negotiations (see Table 7).

  Table 7: Diffie-Hellman Group in Negotiations

  Diffie Hellman Group	Description	Syntax Integer
  Unknown	Unknown	(0)
  modp768	768-bit MODP	(1)
  modp1024	1024-bit MODP	(2)
  modp1536	modp1536	(3)

• JnxKeyType—The type of key used by an IPsec Phase 2 Tunnel (see Table 8).

  Table 8: Key Used by IPsec Phase 2 Tunnel

  Key	Syntax Integer
  Unknown	(0)
  keyIke	(1)
  keyManual	(2)

• JnxEncryptAlgo —The encryption algorithm used in negotiations (see Table 9).

  Table 9: Encryption Algorithm in Negotiations

  Algorithm	Syntax Integer
  espDes	(1)
  esp3des	(2)
  espNull	(3)
  espAes128	(4)
  espAes192	(5)
  espAes256	(6)

• JnxAuthAlgo—The authentication algorithm used by an SA of an IPsec Phase 2 Tunnel (see Table 10).

  Table 10: Role of Local Endpoint in Negotiations

  Algorithm	Syntax Integer
  Unknown	(0)
  hmacMd5	(1)
  hmacSha	(2)

• JnxRemotePeerType—The type of the remote peer gateway (endpoint) (see Table 11). .

  Table 11: Type of Remote Peer Gateway

  Gateway Type	Syntax Integer and Description
  Unknown	(0)
  static	(1) Static (remote peer whose IP address is known beforehand)
  dynamic	(2) Dynamic (remote peer whose IP address is not known beforehand)

• JnxSpiType—The type of the SPI associated with IPsec Phase 2 SAs. An unsigned 32–bit integer (256. . . 4294967295).
• JnxSAType—The SA type (see Table 12).

  Table 12: Role of Local Endpoint in Negotiations

  SA Type	Syntax Integer
  Unknown	(0)
  manual	(1)
  dynamic	(2)