-- These MIBs were created on 05/14/2001
-- This module defines enterprise MIBs for VPN Phase two negotiation.
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
---- MODULE-IDENTITY
-- OrgName
-- Juniper Networks, Inc.
-- ContactInfo
-- Customer Support
--
-- 1194 North Mathilda Avenue
-- Sunnyvale, California 94089-1206
-- USA
--
-- Tel: 1-800-638-8296
-- E-mail: customerservice@juniper.net
-- HTTP://www.juniper.net"
--
-- Last modified date: 05/03/2004
-- Modified copyright and contact info
--
-- Last modified date: 09/28/2001
--
-- Last modified date: 11/13/2003
-- Correct spelling mistake
--NETSCREEN-VPN-PHASETWO-MIB DEFINITIONS::=BEGIN
IMPORTSDisplayStringFROM RFC1213-MIB
netscreenVpn FROM NETSCREEN-SMI;nsVpnPhaseTwoCfg OBJECTIDENTIFIER::={netscreenVpn 6}nsVpnPhTwoTable OBJECT-TYPESYNTAXSEQUENCEOF NsVpnPhTwoEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"To establish an IKE IPSec tunnel, two phases of negotiation are required.
This table specifies the configuration attributes for Phase Two negotiation.
In Phase 2, the participants negotiate the IPSec SAs for encrypting and
authenticating the ensuing exchanges of user data."::={ nsVpnPhaseTwoCfg 1}nsVpnPhTwoEntry OBJECT-TYPESYNTAX NsVpnPhTwoEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"Each entry in the nsVpnPhTwoTable holds a set of configuration parameters
associated with an instance of Phase 2 setting."INDEX{ nsVpnPhTwoIndex }::={ nsVpnPhTwoTable 1}
NsVpnPhTwoEntry ::=SEQUENCE{
nsVpnPhTwoIndex
INTEGER,
nsVpnPhTwoName
DisplayString,
nsVpnPhTwoPFS
INTEGER,
nsVpnPhTwoEncapMethod
INTEGER,
nsVpnPhTwoESPEncryp
INTEGER,
nsVpnPhTwoESPAuth
INTEGER,
nsVpnPhTwoAhAuth
INTEGER,
nsVpnPhTwoLifetime
INTEGER,
nsVpnPhTwoLifetimeMeasure
INTEGER,
nsVpnPhTwoLifetimeKb
INTEGER,
nsVpnPhTwoVsys
INTEGER}nsVpnPhTwoIndex OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"A unique value for phase Two table. Its value
ranges between 1 and 65535 and may not be contiguous.
The index has no other meaning but a pure index"::={ nsVpnPhTwoEntry 1}nsVpnPhTwoName OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))
ACCESSread-onlySTATUSmandatoryDESCRIPTION"Phase two proposal name."::={ nsVpnPhTwoEntry 2}nsVpnPhTwoPFS OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Perfect Forward Secrecy - Diffie-Hellman exchange group."::={ nsVpnPhTwoEntry 3}nsVpnPhTwoEncapMethod OBJECT-TYPESYNTAXINTEGER{ah(0),esp(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Phase two proposal encapsulation method."::={ nsVpnPhTwoEntry 4}
nsVpnPhTwoESPEncryp OBJECT-TYPESYNTAXINTEGER{null(0),des(1),triple-des(2),aes(3),aes-192(4),aes-256(5)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Phase two proposal ESP encryption algorithm."::={ nsVpnPhTwoEntry 5}nsVpnPhTwoESPAuth OBJECT-TYPESYNTAXINTEGER{null(0),md5(1),
sha(2),sha-256(3)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Phase two proposal ESP authentication Algorithm."::={ nsVpnPhTwoEntry 6}nsVpnPhTwoAhAuth OBJECT-TYPESYNTAXINTEGER{null(0),md5(1),sha(2)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Phase two proposal AH authentication Algorithm."::={ nsVpnPhTwoEntry 7}nsVpnPhTwoLifetime OBJECT-TYPE
SYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Lifetime in time "::={ nsVpnPhTwoEntry 8}nsVpnPhTwoLifetimeMeasure OBJECT-TYPESYNTAXINTEGER{second(0),minute(1),hours(2),days(3)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"life time measurement."::={ nsVpnPhTwoEntry 9}nsVpnPhTwoLifetimeKb OBJECT-TYPESYNTAXINTEGERACCESSread-only
STATUSmandatoryDESCRIPTION"Lifetime in KBytes"::={ nsVpnPhTwoEntry 10}nsVpnPhTwoVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"vsys this proposal configuration belongs to."::={ nsVpnPhTwoEntry 11}END