-- These MIBs were created on 05/14/2001 -- This module defines NetScreen private MIBs for VPN Phase two negotiation. -- -- Copyright (c) 1999 - 2001 by NetScreen Technologies, Inc. -- All rights reserved. -- -- MODULE-IDENTITY -- OrgName -- NetScreen Technologies, Inc. -- ContactInfo -- Customer Support -- -- 350 Oakmead Parkway -- Sunnyvale, CA 94085 -- USA -- -- Tel: 1.877.NETSCREEN -- E-mail: support@netscreen.com -- Http://www.netscreen.com -- -- Last modified date: 09/28/2001 -- NETSCREEN-VPN-PHASETWO-MIB DEFINITIONS ::= BEGIN IMPORTS DisplayString FROM RFC1213-MIB netscreenVpn FROM NETSCREEN-SMI; nsVpnPhaseTwoCfg OBJECT IDENTIFIER ::= {netscreenVpn 6} nsVpnPhTwoTable OBJECT-TYPE SYNTAX SEQUENCE OF NsVpnPhTwoEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "To establish an IKE IPSec tunnel, two phases of negotiation are required. This table specifies the configuration attributes for Phase Two negotiation. In Phase 2, the participants negotiate the IPSec SAs for encrypting and authenticating the ensuing exchanges of user data." ::= { nsVpnPhaseTwoCfg 1 } nsVpnPhTwoEntry OBJECT-TYPE SYNTAX NsVpnPhTwoEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry in the nsVpnPhTwoTable holds a set of configuration parameters associated with an instance of Phase 2 setting." INDEX { nsVpnPhTwoIndex } ::= { nsVpnPhTwoTable 1 } NsVpnPhTwoEntry ::= SEQUENCE { nsVpnPhTwoIndex INTEGER, nsVpnPhTwoName DisplayString, nsVpnPhTwoPFS INTEGER, nsVpnPhTwoEncapMethod INTEGER, nsVpnPhTwoESPEncryp INTEGER, nsVpnPhTwoESPAuth INTEGER, nsVpnPhTwoAhAuth INTEGER, nsVpnPhTwoLifetime INTEGER, nsVpnPhTwoLifetimeMeasure INTEGER, nsVpnPhTwoLifetimeKb INTEGER, nsVpnPhTwoVsys INTEGER } nsVpnPhTwoIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "A unique value for phase Two table. Its value ranges between 1 and 65535 and may not be contigous. the index has no other meaning but a pure index" ::= { nsVpnPhTwoEntry 1 } nsVpnPhTwoName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..32)) ACCESS read-only STATUS mandatory DESCRIPTION "Phase two proposal name." ::= { nsVpnPhTwoEntry 2 } nsVpnPhTwoPFS OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Perfect Forward Secrecy - Diffie-Hellman exchange group." ::= { nsVpnPhTwoEntry 3 } nsVpnPhTwoEncapMethod OBJECT-TYPE SYNTAX INTEGER { ah(0), esp(1) } ACCESS read-only STATUS mandatory DESCRIPTION "Phase two proposal encapsulation method." ::= { nsVpnPhTwoEntry 4 } nsVpnPhTwoESPEncryp OBJECT-TYPE SYNTAX INTEGER { null(0), des(1), triple-des(2), aes(3) } ACCESS read-only STATUS mandatory DESCRIPTION "Phase two proposal ESP encryption algorithm." ::= { nsVpnPhTwoEntry 5 } nsVpnPhTwoESPAuth OBJECT-TYPE SYNTAX INTEGER { null(0), md5(1), sha(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Phase two proposal ESP authentication Algorithm." ::= { nsVpnPhTwoEntry 6 } nsVpnPhTwoAhAuth OBJECT-TYPE SYNTAX INTEGER { null(0), md5(1), sha(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Phase two proposal AH authentication Algorithm." ::= { nsVpnPhTwoEntry 7 } nsVpnPhTwoLifetime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Lifetime in time " ::= { nsVpnPhTwoEntry 8 } nsVpnPhTwoLifetimeMeasure OBJECT-TYPE SYNTAX INTEGER { second(0), minute(1), hours(2), days(3) } ACCESS read-only STATUS mandatory DESCRIPTION "life time measurement." ::= { nsVpnPhTwoEntry 9 } nsVpnPhTwoLifetimeKb OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "Lifetime in KBytes" ::= { nsVpnPhTwoEntry 10 } nsVpnPhTwoVsys OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "vsys this proposal configuration belongs to." ::= { nsVpnPhTwoEntry 11 } END