Text Conventions

• JnxIkePeerType—The type of IPsec Phase 1 IKE peer identity. This identity is the local IKE identity to send in the exchange. The IKE peer may be identified by one of the ID types defined in IPsec DOI (see Table 154).

  Table 154: IKE Identity Type Text Conventions

  Type	Description	Syntax Integer
  Unknown	Unknown type	(0)
  idIpv4Addr	IPv4 address	(1)
  idFqdn	Fully qualified domain name	(2)
  idDn	Distinguished name	(3)
  idUfqdn	User fully qualified domain name	(4)

• JnxIkeNegoMode—The IPsec Phase 1 IKE negotiation mode (see Table 155).

  Table 155: IKE Negotiation Mode Text Conventions

  Type	Description	Syntax Integer
  Main mode	A six-message Phase 1 exchange that provides identity protection	(1)
  Aggressive mode	A three-message Phase 1 exchange that does not provide identity protection	(2)

• JnxIkeHashAlgo—The hash algorithm used in IPsec Phase 1 IKE negotiations (see Table 156).

  Table 156: IKE Negotiations Hash Alogorithms

  Hash Alogorithm	Syntax Integer
  md5	(1)
  sha	(2)

• JnxIkeAuthMethod—The authentication method used in IPsec Phase 1 IKE negotiations (see Table 157).

  Table 157: IKE Authentication Method

  Method	Syntax Integer
  preSharedKey	(1)
  dssSignature	(2)
  rsaSignature	(3)
  rsaEncryption	(4)
  revRsaEncryption	(5)
  xauthPreSharedKey	(6)
  xauthDssSignature	(7)
  xauthRsaSignature	(8)
  xauthRsaEncryption	(9)
  xauthRevRsaEncryption	(10)

• JnxIkePeerRole—The role of the local endpoint in negotiating the IPsec Phase 1 IKE security association (SA). It can be either initiator or responder (see Table 158).

  Table 158: Role of Local Endpoint in Negotiations

  Role	Syntax Integer
  Initiator	(1)
  Responder	(2)

• JnxIkeTunStateType—State of the Phase 1 IKE negotiation (see Table 159).

  Table 159: State of Phase 1 IKE Negotiation

  State	Syntax Integer
  Up	(1)
  Down	(2)

• JnxDiffHellmanGrp—The Diffie-Hellman Group used in negotiations (see Table 160).

  Table 160: Diffie-Hellman Group in Negotiations

  Diffie Hellman Group	Description	Syntax Integer
  Unknown	Unknown	(0)
  modp768	768-bit MODP	(1)
  modp1024	1024-bit MODP	(2)
  modp1536	modp1536	(3)

• JnxKeyType—The type of key used by an IPsec Phase 2 Tunnel (see Table 161).

  Table 161: Key Used by IPsec Phase 2 Tunnel

  Key	Syntax Integer
  Unknown	(0)
  keyIke	(1)
  keyManual	(2)

• JnxEncryptAlgo —The encryption algorithm used in negotiations (see Table 162).

  Table 162: Encryption Algorithm in Negotiations

  Algorithm	Syntax Integer
  espDes	(1)
  esp3des	(2)
  espNull	(3)
  espAes128	(4)
  espAes192	(5)
  espAes256	(6)

• JnxAuthAlgo—The authentication algorithm used by an SA of an IPsec Phase 2 Tunnel (see Table 163).

  Table 163: Role of Local Endpoint in Negotiations

  Algorithm	Syntax Integer
  Unknown	(0)
  hmacMd5	(1)
  hmacSha	(2)

• JnxRemotePeerType—The type of the remote peer gateway (endpoint) (see Table 164). .

  Table 164: Type of Remote Peer Gateway

  Gateway Type	Syntax Integer and Description
  Unknown	(0)
  static	(1) Static (remote peer whose IP address is known beforehand)
  dynamic	(2) Dynamic (remote peer whose IP address is not known beforehand)

• JnxSpiType—The type of the SPI associated with IPsec Phase 2 SAs. An unsigned 32–bit integer (256. . . 4294967295).
• JnxSAType—The SA type (see Table 165).

  Table 165: Role of Local Endpoint in Negotiations

  SA Type	Syntax Integer
  Unknown	(0)
  manual	(1)
  dynamic	(2)

Related Topics

• IPsec Generic Flow Monitoring Object MIB
• Branch Tree Objects
• Number of IKE Tunnels Currently Active
• IPsec Phase 1 IKE Tunnel Table
• IPsec Phase 2 IKE Tunnel Table
• IPsec Phase 2 Security Association Table