Text Conventions

• JnxIkePeerType—The type of IPsec Phase 1 IKE peer identity. This identity is the local IKE identity to send in the exchange. The IKE peer may be identified by one of the ID types defined in IPsec DOI (see Table 73).

  Table 73: IKE Identity Type Text Conventions

  Type	Description	Syntax Integer
  Unknown	Unknown type	(0)
  idIpv4Addr	IPv4 address	(1)
  idFqdn	Fully qualified domain name	(2)
  idDn	Distinguished name	(3)
  idUfqdn	User fully qualified domain name	(4)

• JnxIkeNegoMode—The IPsec Phase 1 IKE negotiation mode (see Table 74).

  Table 74: IKE Negotiation Mode Text Conventions

  Type	Description	Syntax Integer
  Main mode	A six-message Phase 1 exchange that provides identity protection	(1)
  Aggressive mode	A three-message Phase 1 exchange that does not provide identity protection	(2)

• JnxIkeHashAlgo—The hash algorithm used in IPsec Phase 1 IKE negotiations (see Table 75).

  Table 75: IKE Negotiations Hash Alogorithms

  Hash Alogorithm	Syntax Integer
  md5	(1)
  sha	(2)

• JnxIkeAuthMethod—The authentication method used in IPsec Phase 1 IKE negotiations (see Table 76).

  Table 76: IKE Authentication Method

  Method	Syntax Integer
  preSharedKey	(1)
  dssSignature	(2)
  rsaSignature	(3)
  rsaEncryption	(4)
  revRsaEncryption	(5)
  xauthPreSharedKey	(6)
  xauthDssSignature	(7)
  xauthRsaSignature	(8)
  xauthRsaEncryption	(9)
  xauthRevRsaEncryption	(10)

• JnxIkePeerRole—The role of the local endpoint in negotiating the IPsec Phase 1 IKE security association (SA). It can be either initiator or responder (see Table 77).

  Table 77: Role of Local Endpoint in Negotiations

  Role	Syntax Integer
  Initiator	(1)
  Responder	(2)

• JnxIkeTunStateType—State of the Phase 1 IKE negotiation (see Table 78).

  Table 78: State of Phase 1 IKE Negotiation

  State	Syntax Integer
  Up	(1)
  Down	(2)

• JnxDiffHellmanGrp—The Diffie-Hellman Group used in negotiations (see Table 79).

  Table 79: Diffie-Hellman Group in Negotiations

  Diffie Hellman Group	Description	Syntax Integer
  Unknown	Unknown	(0)
  modp768	768-bit MODP	(1)
  modp1024	1024-bit MODP	(2)
  modp1536	modp1536	(3)

• JnxKeyType—The type of key used by an IPsec Phase 2 Tunnel (see Table 80).

  Table 80: Key Used by IPsec Phase 2 Tunnel

  Key	Syntax Integer
  Unknown	(0)
  keyIke	(1)
  keyManual	(2)

• JnxEncryptAlgo —The encryption algorithm used in negotiations (see Table 81).

  Table 81: Encryption Algorithm in Negotiations

  Algorithm	Syntax Integer
  espDes	(1)
  esp3des	(2)
  espNull	(3)
  espAes128	(4)
  espAes192	(5)
  espAes256	(6)

• JnxAuthAlgo—The authentication algorithm used by an SA of an IPsec Phase 2 Tunnel (see Table 82).

  Table 82: Role of Local Endpoint in Negotiations

  Algorithm	Syntax Integer
  Unknown	(0)
  hmacMd5	(1)
  hmacSha	(2)

• JnxRemotePeerType—The type of the remote peer gateway (endpoint) (see Table 83). .

  Table 83: Type of Remote Peer Gateway

  Gateway Type	Syntax Integer and Description
  Unknown	(0)
  static	(1) Static (remote peer whose IP address is known beforehand)
  dynamic	(2) Dynamic (remote peer whose IP address is not known beforehand)

• JnxSpiType—The type of the SPI associated with IPsec Phase 2 SAs. An unsigned 32–bit integer (256. . . 4294967295).
• JnxSAType—The SA type (see Table 84).

  Table 84: Role of Local Endpoint in Negotiations

  SA Type	Syntax Integer
  Unknown	(0)
  manual	(1)
  dynamic	(2)

Related Topics

• IPsec Generic Flow Monitoring Object MIB
• Branch Tree Objects
• Number of IKE Tunnels Currently Active
• IPsec Phase 1 IKE Tunnel Table
• IPsec Phase 2 IKE Tunnel Table
• IPsec Phase 2 Security Association Table