Class CIM_IKEProposal
extends CIM_SAProposal

IKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation.

Class Hierarchy


Direct Known Subclasses


Class Qualifiers

NameData TypeValueScopeFlavors
DescriptionstringIKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation.None TRANSLATABLE= true

Local Class Properties

NameData TypeQualifiers
NameData TypeValueScopeFlavors
DescriptionstringAuthenticationMethod is an enumeration that specifies the authentication method to use for the proposal. If the value 0 (Any) is used, then the proposal should be multiplied in the IKE proposal list by as many authentication methods as correspond to credentials on the system (e.g., if the system has a preshared key and a certificate, then the proposal will be repeated twice -- once for each method).None TRANSLATABLE= true
ValueMapstring0, 1, 2, 3, 4, 5, 6None None
ValuesstringAny, Preshared, DSS_Signatures, RSA_Signatures, RSA_Encryption, Revised_RSA_Encryption, KerberosNone TRANSLATABLE= true
DescriptionstringCipherAlgorithm is an enumeration that specifies the proposed encryption algorithm.None TRANSLATABLE= true
ValueMapstring1, 2, 3, 4, 5, 6None None
ValuesstringDES, IDEA, Blowfish, RC5, 3DES, CASTNone TRANSLATABLE= true
DescriptionstringWhen IKEAction.ExchangeMode is set to "Base" or to "Main," the GroupId specifies the key exchange group ID to use in a proposal, otherwise, GroupId is set to 0, "Not Applicable," and ignored. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412 are: 0='Not Applicable', 1='DH768', 2='DH1024', 3='ECC2N155', 4='ECC2N185', and 5='DH1536'None TRANSLATABLE= true
ModelCorrespondencestringCIM_IKEProposal.VendorIDNone None
DescriptionstringHashAlgorithm is an enumeration that specifies the proposed hash function.None TRANSLATABLE= true
ValueMapstring1, 2, 3None None
ValuesstringMD5, SHA-1, TigerNone TRANSLATABLE= true
DescriptionstringLifetimeDerivedKeys specifies the number of times a phase 1 key will be used to derive a phase 2 (IPsec) key. A value of 0 indicates that there is no limit to the number of phase 2 keys that can be derived from the phase 1 key.None TRANSLATABLE= true
DescriptionstringMaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. Each proposal may use a different lifetime based upon the strength of the encryption algorithm.None TRANSLATABLE= true
DescriptionstringMaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created.None TRANSLATABLE= true
UnitsstringSecondsNone TRANSLATABLE= true
DescriptionstringPRFAlgorithm specifies the pseudo-random function IKE should use. Currently, no such functions are defined.None TRANSLATABLE= true
DescriptionstringThe VendorID property is used to identify vendor-defined key exchange GroupIDs.None TRANSLATABLE= true
ModelCorrespondencestringCIM_IKEProposal.GroupIdNone None

Inherited Properties

NameData TypeClass Origin