RC-IKE-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32
        FROM SNMPv2-SMI
    DisplayString, TruthValue, RowStatus
        FROM SNMPv2-TC
    InterfaceIndex, InterfaceIndexOrZero
        FROM IF-MIB
    rcIke, EnableValue
        FROM RAPID-CITY
    InetAddressType, InetAddress
        FROM INET-ADDRESS-MIB;

rcIkeMib  MODULE-IDENTITY
       LAST-UPDATED     "201710200000Z"
       ORGANIZATION "Avaya"
       CONTACT-INFO "Prem Palarapu
             Postal:  Avaya
                      600 Technology Park
                      Billerica, MA 01821
              email:  prempa@avaya.com
                      " 
       DESCRIPTION      "Enterprise MIB for the IKE mibs."

       REVISION "201710200000Z" -- 20 October 2017
       DESCRIPTION "Version 16:    Changed rcIkePolicyLocalIfIndex data type."

       REVISION "201709120000Z" -- 12 September 2017
       DESCRIPTION "Version 15:    Added digitalCertificate(5) to rcIkeActiveSAAuthenticationMethod.
				   Corrected description for rcIkePolicyAuthenticationMethod and
				   rcIkeActiveSAAuthenticationMethod to reflect implementation."
	   
       REVISION "201702150000Z" -- 15 Feb 2017
       DESCRIPTION "Version 14:    Corrected MIB compiler errors."
	   
       REVISION "201611180000Z" -- 18 November 2016
       DESCRIPTION "Version 13: Modified default value to keylen-256 for 
                                rcIkeV2ProfileEncryptKeyLen.
				Modified sha256(5) for rcIkeV2SAHashAlgorithm.
				Modified desCbc(1) to desCbc(2), tripleDesCbc(2)
				to tripleDesCbc(3), aesCbc(3) to aesCbc(12) for
				rcIkeV2SAEncryptionAlgorithm.
				Modified modp2048(3) to modp2048(14) for
				rcIkeV2SADHGroup.
				Modified sha256(3) to sha256(12), aes-xcbc(4) to
				aes-xcbc(5) for rcIkeV2SAIntegrityAlgorithm.
				Requested by Anjana Krishnankutty (shchang)"


       REVISION "201610060000Z" -- 6 October 2016
       DESCRIPTION "Version 12: Added rcIkePolicyPeerName.
	   			Requested by Hariprasad Rajendran
	   			(prempa)"
	   
       REVISION "201609200000Z" -- 20 September 2016
       DESCRIPTION "Version 11: Changed the MAX-ACCESS of rcIkeActiveSAId
	   			from read-only to not-accessible
	   			(prempa)"
	   
       REVISION "201609200000Z" -- 20 September 2016
       DESCRIPTION "Version 10: Added rcIkeV2ProfileTable, rcIkePolicyProfileVersion
	   			and rcIkeV2SATable.
	   			Requested by Anjana Krishnankutty (prempa)"
	   
       REVISION "201608100000Z" -- 10 August 2016
       DESCRIPTION "Version 9:  Changed the order of crl and ocsp in 
	   			rcIkePolicyRevocationCheckMethod
	   			Based on how it was added in submit 29882 (prempa)"
	   
       REVISION "201608050000Z" -- 5 August 2016
       DESCRIPTION "Version 8:  Added rcIkeActiveSATable
	   			Requested by Priyotosh Mondal (prempa)"
	   
       REVISION "201607290000Z" -- 29 July 2016
       DESCRIPTION "Version 7:  Added rcIkePolicyRevocationCheckMethod
	   			Requested by Shreesh Patil (prempa)"
	   
       REVISION "201606270000Z" -- 27 June 2016
       DESCRIPTION "Version 6:  Added digitalCertificate (5) to rcIkePolicyAuthenticationMethod
	   			Requested by Anjana Krishnankutty (prempa)"
	   
       REVISION "201605060000Z" -- 06 May 2016
       DESCRIPTION "Version 5:  Added aesCbc256(8) to rcIkeSAEncryptionAlgorithm.
	                        Added aesCbc256(8) rcIkeProfileEncryptionAlgorithm"
	   
       REVISION "201201090000Z" -- 09 Jan 2012
       DESCRIPTION "Version 4: Fxied the MIB module rcIkeMib"
	   
       REVISION "201106290000Z" -- 29 June 2011
       DESCRIPTION "Version 3:    Modified the syntax for 
	                          rcIkePolicyLocalAddr (from OCTET STRING to InetAddress),
	                          rcIkePolicyLocalAddrType (from INTEGER to InetAddressType), 
				  rcIkePolicyRemoteAddr (from OCTET STRING to InetAddress), 
				  rcIkePolicyRemoteAddrType (from INTEGER to InetAddressType),
				  rcIkeSALocalAddr (from OCTET STRING to InetAddress), 
				  rcIkeSALocalAddrType(from INTEGER to InetAddressType),
				  rcIkeSARemoteAddr (from OCTET STRING to InetAddress), 
				  rcIkeSARemoteAddrType (from INTEGER to InetAddressType).
				  Added rcIkePolicyLocalAddrType and 
				  rcIkePolicyRemoteAddrType as part of 
				  index to the rcIkePolicyTable.
				  Added rcIkeSALocalAddrType and 
				  rcIkeSARemoteAddrType as part of index
				  to the rcIkeSATable"

       REVISION "201105270000Z" -- 27 May 2011
       DESCRIPTION "Version 2:    Removed rcIkeSARemainingLifetimeSeconds"

       REVISION "201105260000Z" -- 26 May 2011
       DESCRIPTION "Version 1:    Generate File, Add rcIkeProfileTable, 
	                          rcIkePolicyTable and rcIkeSATable under rcIke."
       ::= { rcIke 0 }
--
-- IKE  Profile Table
--
rcIkeProfileTable	OBJECT-TYPE
	SYNTAX		SEQUENCE OF RcIkeProfileEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This table contains a list of profiles 
			consisting of algorithms and other 
			configuration that can be used during an 
			IKE Phase 1 connection."
	::= { rcIke 1 }

rcIkeProfileEntry	 OBJECT-TYPE
	SYNTAX		RcIkeProfileEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"An entry containing configuration information 
			for authentication algorithms, encryption 
			algorithms, Diffie-Helman group, exchange-mode 
			and lifetime-seconds to be used for a Phase 1 
			negotiation."
	INDEX		{ rcIkeProfileName }
	::= { rcIkeProfileTable 1 }

RcIkeProfileEntry ::= 
	SEQUENCE
	{
		rcIkeProfileName		DisplayString,
		rcIkeProfileHashAlgorithm	INTEGER,
		rcIkeProfileEncryptionAlgorithm	INTEGER,
		rcIkeProfileEncryptKeyLen       INTEGER,
		rcIkeProfileDHGroup		INTEGER,
		rcIkeProfileExchangeMode	INTEGER,
		rcIkeProfileLifetimeSeconds	Unsigned32,
		rcIkeProfileRowStatus		RowStatus
	}

rcIkeProfileName	OBJECT-TYPE
	SYNTAX		DisplayString (SIZE (1..32))
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object contains the name of this Profile."
	::= { rcIkeProfileEntry 1 }

rcIkeProfileHashAlgorithm	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				md5(1),
				sha(2),
				sha256(4),
				any(255)
			}
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the hash algorithms 
			that can be used during IKE Phase 1 SA 
			negotiation."
	DEFVAL		{ sha256 }
	::= { rcIkeProfileEntry 2 }

rcIkeProfileEncryptionAlgorithm	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				desCbc(1),
				tripleDesCbc(5),
				aesCbc(7),
				aesCbc256(8),
				any(255)
			}
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the encryption 
			algorithms that can be used during IKE 
			Phase 1 SA negotiation."
	DEFVAL		{ aesCbc }
	::= { rcIkeProfileEntry 3 }

rcIkeProfileEncryptKeyLen	OBJECT-TYPE
	SYNTAX		INTEGER (128|192|256)
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the key length 
			that should be be used during IKE 
			Phase 1 SA negotiation."
	DEFVAL		{ 128 }
	::= { rcIkeProfileEntry 4 }

rcIkeProfileDHGroup	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				modp768(1),
				modp1024(2),
				modp2048(14),
				any(255)
			}
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the Diffie-Hellman 
			groups that can be used during IKE Phase 1 
			SA negotiation."
	DEFVAL		{ modp1024 }
	::= { rcIkeProfileEntry 5 }

rcIkeProfileExchangeMode	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				main(1),
				aggressive(2)
			}
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the IKE Phase 1 
			negotiation mode. Only main mode is 
			supported for this release."
	DEFVAL		{ main }
	::= { rcIkeProfileEntry 6 }

rcIkeProfileLifetimeSeconds	OBJECT-TYPE
	SYNTAX		Unsigned32 (0..4294967295)
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the amount of time to 
			propose an IKE Phase 1 SA remain valid during 
			IKE Phase 1 negotiation. A value of 0 means no 
			expiration."
	DEFVAL		{ 86400 }
	::= { rcIkeProfileEntry 7 }

rcIkeProfileRowStatus	OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object is used to create or delete 
			entries in this table."
	::= { rcIkeProfileEntry 8 }

--
-- IKE  Policy Table
--

rcIkePolicyTable	OBJECT-TYPE
	SYNTAX		SEQUENCE OF RcIkePolicyEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This table contains a list of IKE Phase 1 
			policy entries."
	::= { rcIke 2 }

rcIkePolicyEntry	 OBJECT-TYPE
	SYNTAX		RcIkePolicyEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"."
    INDEX       { rcIkePolicyLocalIfIndex, 
                  rcIkePolicyLocalAddrType,
                  rcIkePolicyLocalAddr,
                  rcIkePolicyRemoteAddrType,
                  rcIkePolicyRemoteAddr
			}
	::= { rcIkePolicyTable 1 }

RcIkePolicyEntry ::= 
	SEQUENCE
	{
		rcIkePolicyLocalIfIndex		InterfaceIndexOrZero,
		rcIkePolicyLocalAddrType	InetAddressType,
		rcIkePolicyLocalAddr		InetAddress,
		rcIkePolicyRemoteAddrType	InetAddressType,
		rcIkePolicyRemoteAddr		InetAddress,
		rcIkePolicyName			DisplayString,
		rcIkePolicyProfileName		DisplayString,
		rcIkePolicyAuthenticationMethod	INTEGER,
		rcIkePolicyPSKValue		DisplayString,
		rcIkePolicyDPDTimeout		Unsigned32,
		rcIkePolicyP2PFS		EnableValue,
		rcIkePolicyP2PfsUseIkeGroup	EnableValue,
		rcIkePolicyP2PfsDHGroup		INTEGER,
		rcIkePolicyAdminState		EnableValue,
		rcIkePolicyOperStatus		INTEGER,
		rcIkePolicyRowStatus		RowStatus,
                rcIkePolicyRevocationCheckMethod INTEGER,
		rcIkePolicyProfileVersion       INTEGER,
                rcIkePolicyPeerName             DisplayString
	}

rcIkePolicyLocalIfIndex	OBJECT-TYPE
	SYNTAX		InterfaceIndexOrZero
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the Interface Index 
			of the local address. 
			Only port and vlan if-index are supported
			for this release.
            When the value zero is specified on a SET, rcIkePolicyLocalIfIndex
            will be obtained from an existing interface linked to rcIkePolicyLocalAddr,
            if available."
	::= { rcIkePolicyEntry 1 }

rcIkePolicyLocalAddrType	OBJECT-TYPE
	SYNTAX		InetAddressType
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the type of address 
			field in the rcIkePolicyLocalAddr.
			Only IPv6 address types are supported for 
			this release."
	::= { rcIkePolicyEntry 2 }

rcIkePolicyLocalAddr	OBJECT-TYPE
	SYNTAX		InetAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the string 
			representation of the local peer ID. 
			The type of value configured for this 
			object is specified by the 
			rcIkePolicyLocalAddrType."
	::= { rcIkePolicyEntry 3 }

rcIkePolicyRemoteAddrType	OBJECT-TYPE
	SYNTAX		InetAddressType
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the type of address 
			field in the rcIkePolicyRemoteAddr.
			Only IPv6 address types are supported for 
			this release."
	::= { rcIkePolicyEntry 4 }

rcIkePolicyRemoteAddr	OBJECT-TYPE
	SYNTAX		InetAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the string 
			representation of the remote peer ID. 
			The type of value configured for this 
			object is specified by the 
			rcIkePolicyRemoteAddrType."
	::= { rcIkePolicyEntry 5 }

rcIkePolicyName		OBJECT-TYPE
	SYNTAX		DisplayString (SIZE(1..32))
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the name given to the policy.
			 The name should be assigned during creation of 
			 the policy. Changing the name after the policy
			 is created is not allowed."
	::= { rcIkePolicyEntry 6 }

rcIkePolicyProfileName	OBJECT-TYPE
	SYNTAX		DisplayString (SIZE (1..32))
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the name of the profile 
			(rcIkeProfileName) that should be used for 
			this policy."
	::= { rcIkePolicyEntry 7 }

rcIkePolicyAuthenticationMethod	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				preSharedKey(1),
				dssSignatures(2),
				rsaSignatures(3),
				encryptionWithRsa(4),
				digitalCertificate(5)
			}
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the proposed 
			authentication method for the phase 1 
			security association."
	DEFVAL		{ preSharedKey }
	::= { rcIkePolicyEntry 8 }

rcIkePolicyPSKValue	OBJECT-TYPE
	SYNTAX		DisplayString (SIZE (0..32))
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the value of the 
			Pre-Shared Key if the authentication method 
			is set to PSK."
	::= { rcIkePolicyEntry 9 }

rcIkePolicyDPDTimeout	OBJECT-TYPE
	SYNTAX		Unsigned32 (0..4294967295)
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies the Dead Peer 
			Detection timeout in seconds."
	DEFVAL          { 300 }
	::= { rcIkePolicyEntry 10 }

rcIkePolicyP2PFS     OBJECT-TYPE
        SYNTAX		EnableValue
        MAX-ACCESS	read-create
        STATUS		current
        DESCRIPTION	"This object specifies whether or not perfect
			forward secrecy is used when refreshing keys. 
			Enable indicates that PFS SHOULD be used."
	DEFVAL		{ disable }
        ::= { rcIkePolicyEntry 11 }

rcIkePolicyP2PfsUseIkeGroup  OBJECT-TYPE
        SYNTAX		EnableValue
        MAX-ACCESS	read-create
        STATUS		current
        DESCRIPTION	"This object specifies whether or not to use
			the same GroupId (Diffie-Hellman Group) for 
			phase 2 as was used in phase 1. If P2PFS is 
			disabled, this entry SHOULD be ignored."
	DEFVAL		{ enable }
        ::= { rcIkePolicyEntry 12 }

rcIkePolicyP2PfsDHGroup	OBJECT-TYPE
        SYNTAX		INTEGER
			{
				modp768(1),
				modp1024(2),
				modp2048(14),
				any(255)
			}
        MAX-ACCESS	read-create
        STATUS		current
        DESCRIPTION	"This object specifies the Diffie-Hellman group
			to use for phase 2 when the object 
			rcIkePolicyP2PFS is enabled and the object 
			rcIkePolicyP2PfsUseIkeGroup is disabled."
	DEFVAL		{ modp1024 }
        ::= { rcIkePolicyEntry  13 }

rcIkePolicyAdminState	OBJECT-TYPE
	SYNTAX		EnableValue
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object specifies whether the policy 
			is administratively enabled or disabled."
	DEFVAL		{ disable }
	::= { rcIkePolicyEntry 14 }

rcIkePolicyOperStatus	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				up(1),
				down(2)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies whether the policy 
			is operationally up or down."
	::= { rcIkePolicyEntry 15 }

rcIkePolicyRowStatus	OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS	read-create
	STATUS		current
	DESCRIPTION	"This object is used to create or delete 
			entries in this table."
	::= { rcIkePolicyEntry 16 }


rcIkePolicyRevocationCheckMethod OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                crl(1),
                                ocsp(2),
                                none(3)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the proposed
                        revocation-check method for digital-certificate
                        type authentication-method."
        DEFVAL          { crl }
        ::= { rcIkePolicyEntry 17 }

rcIkePolicyProfileVersion      OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                           v1(1),
                           v2(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object maps to the version
                         of ike profile selected. Default value of
                         this object is version 1 (v1)"
        DEFVAL          {v1}
        ::= { rcIkePolicyEntry 18 }

rcIkePolicyPeerName     OBJECT-TYPE
        SYNTAX          DisplayString (SIZE (0..64))
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the value of the
                        Peer name if the authentication method
                        is set to digital certificate."
        ::= { rcIkePolicyEntry 19 }

--
-- IKE Phase I SA Table
--

rcIkeSATable	OBJECT-TYPE
	SYNTAX		SEQUENCE OF RcIkeSAEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This table contains a list of IKE Phase 1 
			Security Association entries."
	::= { rcIke 3 }

rcIkeSAEntry	OBJECT-TYPE
	SYNTAX		RcIkeSAEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"."
	INDEX		{ rcIkeSALocalIfIndex,
	                  rcIkeSALocalAddrType,
			  rcIkeSALocalAddr,
			  rcIkeSARemoteAddrType,
			  rcIkeSARemoteAddr }
	::= { rcIkeSATable 1 }

RcIkeSAEntry ::= 
	SEQUENCE
	{
		rcIkeSALocalIfIndex		InterfaceIndex,
		rcIkeSALocalAddrType		InetAddressType,
		rcIkeSALocalAddr		InetAddress,
		rcIkeSARemoteAddrType		InetAddressType,
		rcIkeSARemoteAddr		InetAddress,
		rcIkeSAName			DisplayString,
		rcIkeSAAuthenticationMethod	INTEGER,
		rcIkeSADPDTimeout		Unsigned32,
		rcIkeSAHashAlgorithm		INTEGER,
		rcIkeSAEncryptionAlgorithm	INTEGER,
		rcIkeSAEncryptKeyLen		INTEGER,
		rcIkeSADHGroup			INTEGER,
		rcIkeSAExchangeMode		INTEGER,
		rcIkeSALifetimeSeconds		Unsigned32,
		rcIkeSAStatus			INTEGER
	}

rcIkeSALocalIfIndex	OBJECT-TYPE
	SYNTAX		InterfaceIndex
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the interface index 
			of the local address.
			Only port and vlan if-index are supported
			for this release."
	::= { rcIkeSAEntry 1 }

rcIkeSALocalAddrType	OBJECT-TYPE
	SYNTAX		InetAddressType
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the type of address 
			field in the rcIkeSALocalAddr.
			Only IPv6 address types are supported for 
			this release."
	::= { rcIkeSAEntry 2 }

rcIkeSALocalAddr	OBJECT-TYPE
	SYNTAX		InetAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the string representation 
			of the local peer ID. The type of value 
			configured for this object is specified by the 
			rcIkeSALocalAddrType."
	::= { rcIkeSAEntry 3 }

rcIkeSARemoteAddrType	OBJECT-TYPE
	SYNTAX		InetAddressType
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the type of address 
			field in the rcIkeSARemoteAddr.
			Only IPv6 address types are supported for 
			this release."
	::= { rcIkeSAEntry 4 }

rcIkeSARemoteAddr	OBJECT-TYPE
	SYNTAX		InetAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION	"This object specifies the string representation 
			of the remote peer ID. The type of value 
			configured for this object is specified by the 
			rcIkeSARemoteAddrType."
	::= { rcIkeSAEntry 5 }

rcIkeSAName		OBJECT-TYPE
	SYNTAX		DisplayString (SIZE(1..32))
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the name for the SA."
	::= { rcIkeSAEntry 6 }

rcIkeSAAuthenticationMethod	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				preSharedKey(1),
				dssSignatures(2),
				rsaSignatures(3),
				encryptionWithRsa(4)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the proposed 
			authentication method for the phase 1 
			security association.
			Only the Pre-Shared Key authentication 
			method is supported in this release."
	DEFVAL	{ preSharedKey }
	::= { rcIkeSAEntry 7 }

rcIkeSADPDTimeout	OBJECT-TYPE
	SYNTAX		Unsigned32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the Dead Peer 
			Detection timeout in seconds."
	::= { rcIkeSAEntry 8 }

rcIkeSAHashAlgorithm	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				md5(1),
				sha(2),
				sha256(4)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the hash algorithm 
			negotiated for this IKE Phase 1 SA."
	::= { rcIkeSAEntry 9 }

rcIkeSAEncryptionAlgorithm	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				desCbc(1),
				tripleDesCbc(5),
				aesCbc(7),
				aesCbc256(8)   
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the encryption 
			algorithm negotiated for this IKE Phase 1 SA."
	::= { rcIkeSAEntry 10 }

rcIkeSAEncryptKeyLen	OBJECT-TYPE
	SYNTAX		INTEGER (128|192|256)
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the encryption 
			key length negotiated for this IKE Phase 1 SA."
	::= { rcIkeSAEntry 11 }

rcIkeSADHGroup	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				modp768(1),
				modp1024(2),
				modp2048(14)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the Diffie-Hellman 
			group negotiated for this IKE Phase 1 SA."
	::= { rcIkeSAEntry 12 }

rcIkeSAExchangeMode	OBJECT-TYPE
	SYNTAX		INTEGER
			{
				main(1),
				aggressive(2)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the IKE Phase 1 SA mode."
	::= { rcIkeSAEntry 13 }

rcIkeSALifetimeSeconds	OBJECT-TYPE
	SYNTAX		Unsigned32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the amount of time to 
			propose an IKE Phase 1 SA remain valid during 
			IKE Phase 1 negotiation. A value of 0 means 
			no expiration."
	::= { rcIkeSAEntry 14 }

rcIkeSAStatus		OBJECT-TYPE
	SYNTAX		INTEGER
			{
				inactive(1),
				active(2)
			}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION	"This object specifies the amount of time to 
			propose an IKE Phase 1 SA remain valid during 
			IKE Phase 1 negotiation. A value of 0 means no 
			expiration."
	::= { rcIkeSAEntry 15 }


-- IKE ACTIVE SA TABLE

rcIkeActiveSATable    OBJECT-TYPE
        SYNTAX          SEQUENCE OF RcIkeActiveSAEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This table contains a list of IKE Phase 1
                        Security Association entries. This table
			obsoletes rcIkeSATable"
        ::= { rcIke 4 }

rcIkeActiveSAEntry    OBJECT-TYPE
        SYNTAX          RcIkeActiveSAEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "."
        INDEX           { rcIkeActiveSAId,
                          rcIkeActiveSALocalIfIndex,
                          rcIkeActiveSALocalAddrType,
                          rcIkeActiveSALocalAddr,
                          rcIkeActiveSARemoteAddrType,
                          rcIkeActiveSARemoteAddr
                          }
        ::= { rcIkeActiveSATable 1 }

RcIkeActiveSAEntry ::=
        SEQUENCE
        {
                rcIkeActiveSAId                       Integer32,
                rcIkeActiveSALocalIfIndex             InterfaceIndex,
                rcIkeActiveSALocalAddrType            InetAddressType,
                rcIkeActiveSALocalAddr                InetAddress,
                rcIkeActiveSARemoteAddrType           InetAddressType,
                rcIkeActiveSARemoteAddr               InetAddress,
                rcIkeActiveSAName                     DisplayString,
                rcIkeActiveSAAuthenticationMethod     INTEGER,
                rcIkeActiveSADPDTimeout               Unsigned32,
                rcIkeActiveSAHashAlgorithm            INTEGER,
                rcIkeActiveSAEncryptionAlgorithm      INTEGER,
                rcIkeActiveSAEncryptKeyLen            INTEGER,
                rcIkeActiveSADHGroup                  INTEGER,
                rcIkeActiveSAExchangeMode             INTEGER,
                rcIkeActiveSALifetimeSeconds          Unsigned32,
                rcIkeActiveSAStatus                   INTEGER,
                rcIkeActiveSAInitiator                INTEGER
        }

rcIkeActiveSAId             OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the unique ID of a SA"
        ::= { rcIkeActiveSAEntry 1 }

rcIkeActiveSALocalIfIndex     OBJECT-TYPE
        SYNTAX          InterfaceIndex
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the interface index
                        of the local address.
                        Only port and vlan if-index are supported
                        for this release."
        ::= { rcIkeActiveSAEntry 2 }

rcIkeActiveSALocalAddrType    OBJECT-TYPE
        SYNTAX          InetAddressType
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the type of address
                        field in the rcIkeActiveSALocalAddr.
                        Only IPv6 address types are supported for
                        this release."
        ::= { rcIkeActiveSAEntry 3 }

rcIkeActiveSALocalAddr        OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the string representation
                        of the local peer ID. The type of value
                        configured for this object is specified by the
                        rcIkeActiveSALocalAddrType."
        ::= { rcIkeActiveSAEntry 4 }

rcIkeActiveSARemoteAddrType   OBJECT-TYPE
        SYNTAX          InetAddressType
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the type of address
                        field in the rcIkeActiveSARemoteAddr.
                        Only IPv6 address types are supported for
                        this release."
        ::= { rcIkeActiveSAEntry 5 }

rcIkeActiveSARemoteAddr       OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the string representation
                        of the remote peer ID. The type of value
                        configured for this object is specified by the
                        rcIkeActiveSARemoteAddrType."
        ::= { rcIkeActiveSAEntry 6 }

rcIkeActiveSAName             OBJECT-TYPE
        SYNTAX          DisplayString (SIZE(1..32))
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the name for the SA."
        ::= { rcIkeActiveSAEntry 7 }

rcIkeActiveSAAuthenticationMethod     OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                preSharedKey(1),
                                dssSignatures(2),
                                rsaSignatures(3),
                                encryptionWithRsa(4),
                                digitalCertificate(5)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the proposed
                        authentication method for the phase 1
                        security association."
        DEFVAL  { preSharedKey }
        ::= { rcIkeActiveSAEntry 8 }

rcIkeActiveSADPDTimeout       OBJECT-TYPE
        SYNTAX          Unsigned32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the Dead Peer
                        Detection timeout in seconds."
        ::= { rcIkeActiveSAEntry 9 }

rcIkeActiveSAHashAlgorithm    OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                md5(1),
                                sha(2),
                                sha256(4)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the hash algorithm
                        negotiated for this IKE Phase 1 SA."
        ::= { rcIkeActiveSAEntry 10 }

rcIkeActiveSAEncryptionAlgorithm      OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                desCbc(1),
                                tripleDesCbc(5),
                                aesCbc(7)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the encryption
                        algorithm negotiated for this IKE Phase 1 SA."
        ::= { rcIkeActiveSAEntry 11 }

rcIkeActiveSAEncryptKeyLen    OBJECT-TYPE
        SYNTAX          INTEGER (128|192|256)
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the encryption
                        key length negotiated for this IKE Phase 1 SA."
        ::= { rcIkeActiveSAEntry 12 }

rcIkeActiveSADHGroup  OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                modp768(1),
                                modp1024(2),
                                modp2048(14)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the Diffie-Hellman
                        group negotiated for this IKE Phase 1 SA."
        ::= { rcIkeActiveSAEntry 13 }

rcIkeActiveSAExchangeMode     OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                main(1),
                                aggressive(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the IKE Phase 1 SA mode."
        ::= { rcIkeActiveSAEntry 14 }

rcIkeActiveSALifetimeSeconds  OBJECT-TYPE
        SYNTAX          Unsigned32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the amount of time to
                        propose an IKE Phase 1 SA remain valid during
                        IKE Phase 1 negotiation. A value of 0 means
                        no expiration."
        ::= { rcIkeActiveSAEntry 15 }

rcIkeActiveSAStatus           OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                inactive(1),
                                active(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the amount of time to
                        propose an IKE Phase 1 SA remain valid during
                        IKE Phase 1 negotiation. A value of 0 means no
                        expiration."
        ::= { rcIkeActiveSAEntry 16 }

rcIkeActiveSAInitiator        OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                  initiator(1),
                                  responder(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the whether the SA was
                        created by an Initiator or a Responder"
        ::= { rcIkeActiveSAEntry 17 }

-- IKEv2 Profile Table

 rcIkeV2ProfileTable       OBJECT-TYPE
        SYNTAX          SEQUENCE OF RcIkeV2ProfileEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This table contains a list of Ike v2 profiles
                         consisting of algorithms and other
                         configuration that can be used during an
                         IKE connection."
        ::= { rcIke 5 }

rcIkeV2ProfileEntry        OBJECT-TYPE
        SYNTAX          RcIkeV2ProfileEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "An entry containing configuration information
                        for authentication algorithms, encryption
                        algorithms, Diffie-Helman group, exchange-mode
                        and lifetime-seconds to be used for 
                        negotiation."
        INDEX           { rcIkeV2ProfileName }
        ::= { rcIkeV2ProfileTable 1 }

    RcIkeV2ProfileEntry ::= SEQUENCE
               {
                rcIkeV2ProfileName                DisplayString,
                rcIkeV2ProfileHashAlgorithm       BITS,
                rcIkeV2ProfileEncryptionAlgorithm BITS,
                rcIkeV2ProfileEncryptKeyLen       BITS,
                rcIkeV2ProfileDHGroup             BITS,
                rcIkeV2ProfileExchangeMode        INTEGER,
                rcIkeV2ProfileLifetimeSeconds     Unsigned32,
                rcIkeV2ProfileIntegrityAlgorithm  BITS,
                rcIkeV2ProfileRowStatus           RowStatus
        }
rcIkeV2ProfileName        OBJECT-TYPE
        SYNTAX          DisplayString (SIZE (1..32))
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object contains the name of this Profile."
        ::= { rcIkeV2ProfileEntry 1 }
                                
rcIkeV2ProfileHashAlgorithm       OBJECT-TYPE
        SYNTAX          BITS
                        {
                            md5(0),
                            sha(1),
                            sha256(2)                            
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the hash algorithms
                        that can be used during IKE SA
                        negotiation.
                        It is represented in form of bits as follows-
                           bit 0 - md5
                           bit 1 - sha
                           bit 2 - sha256"
        DEFVAL          { {sha256} }
        ::= { rcIkeV2ProfileEntry 2 }

rcIkeV2ProfileEncryptionAlgorithm OBJECT-TYPE
        SYNTAX          BITS
                        {
                           desCbc(0),
                           tripleDesCbc(1),
                           aesCbc(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the encryption
                        algorithms that can be used during IKE
                        SA negotiation. 
                        It is represented in form of bits as follows-
                            bit 0 - desCbc
                            bit 1 - tripleDesCbc
                            bit 2 - aesCbc"
        DEFVAL          { {aesCbc} }
        ::= { rcIkeV2ProfileEntry 3 }

rcIkeV2ProfileEncryptKeyLen       OBJECT-TYPE
        SYNTAX          BITS {
                                keylen-128(0),
                                keylen-192(1),
                                keylen-256(2)
                             }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the key length
                        that should be be used during IKE
                        SA negotiation.
                        It is represented in form of bits as follows-
                        bit 0 - keylen-128
                        bit 1 - keylen-192
                        bit 2 - keylen-256"
        DEFVAL          { {keylen-256} }
        ::= { rcIkeV2ProfileEntry 4 }

rcIkeV2ProfileDHGroup     OBJECT-TYPE
        SYNTAX          BITS
                        {
                                modp768(0),
                                modp1024(1),
                                modp2048(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the Diffie-Hellman
                        groups that can be used during IKE 
                        SA negotiation.
                        It is represented in form of bits as follows -
                            bit 0 - modp768
                            bit 1 - modp1024
                            bit 2 - modp2048"
        DEFVAL          { {modp1024} }
        ::= { rcIkeV2ProfileEntry 5 }

rcIkeV2ProfileExchangeMode        OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                main(1),
                                aggressive(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the IKE
                        negotiation mode. Only main mode is
                        supported for this release."
        DEFVAL          { main }
        ::= { rcIkeV2ProfileEntry 6 }

rcIkeV2ProfileLifetimeSeconds     OBJECT-TYPE
        SYNTAX          Unsigned32 (0..4294967295)
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the amount of time to
                        propose an IKE SA remain valid during
                        IKE negotiation. A value of 0 means no
                        expiration."
        DEFVAL          { 86400 }
        ::= { rcIkeV2ProfileEntry 7 }
                                

rcIkeV2ProfileIntegrityAlgorithm  OBJECT-TYPE
        SYNTAX      BITS
                      {
                                md5     (0),
                                sha1    (1),
                                sha256  (2),
                                aes-xcbc(3)
                      }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object specifies the integrity algorithms
                        that can be used during IKE SA
                        negotiation.
                        It is represented in form of bits as follows -
                           bit 0 - md5
                           bit 1 - sha1
                           bit 2 - sha256  
                           bit 3 - aes-xcbc"
    DEFVAL         { {sha256} }
         ::= { rcIkeV2ProfileEntry 8 }

rcIkeV2ProfileRowStatus   OBJECT-TYPE
        SYNTAX          RowStatus
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "This object is used to create or delete
                        entries in this table."
        ::= { rcIkeV2ProfileEntry 9 }

-- IKEv2 SA TABLE

rcIkeV2SATable    OBJECT-TYPE
        SYNTAX          SEQUENCE OF RcIkeV2SAEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This table contains a list of IKE V2
                        Security Association entries."
        ::= { rcIke 6 }

rcIkeV2SAEntry    OBJECT-TYPE
        SYNTAX          RcIkeV2SAEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "."
        INDEX           { rcIkeV2SAId,
                          rcIkeV2SALocalIfIndex,
                          rcIkeV2SALocalAddrType,
                          rcIkeV2SALocalAddr,
                          rcIkeV2SARemoteAddrType,
                          rcIkeV2SARemoteAddr
                          }
        ::= { rcIkeV2SATable 1 }

RcIkeV2SAEntry ::=
        SEQUENCE
        {
                rcIkeV2SAId                       Integer32,
                rcIkeV2SALocalIfIndex             InterfaceIndex,
                rcIkeV2SALocalAddrType            InetAddressType,
                rcIkeV2SALocalAddr                InetAddress,
                rcIkeV2SARemoteAddrType           InetAddressType,
                rcIkeV2SARemoteAddr               InetAddress,
                rcIkeV2SAName                     DisplayString,
                rcIkeV2SAAuthenticationMethod     INTEGER,
                rcIkeV2SADPDTimeout               Unsigned32,
                rcIkeV2SAHashAlgorithm            INTEGER,
                rcIkeV2SAEncryptionAlgorithm      INTEGER,
                rcIkeV2SAEncryptKeyLen            INTEGER,
                rcIkeV2SADHGroup                  INTEGER,
                rcIkeV2SAExchangeMode             INTEGER,
                rcIkeV2SALifetimeSeconds          Unsigned32,
                rcIkeV2SAStatus                   INTEGER,
                rcIkeV2SAInitiator                INTEGER,
                rcIkeV2SAIntegrityAlgorithm       INTEGER
        }

rcIkeV2SAId             OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      not-accessible  
        STATUS          current
        DESCRIPTION     "This object specifies the unique ID of a SA"
        ::= { rcIkeV2SAEntry 1 }


rcIkeV2SALocalIfIndex     OBJECT-TYPE
        SYNTAX          InterfaceIndex
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the interface index
                        of the local address.
                        Only port and vlan if-index are supported
                        for this release."
        ::= { rcIkeV2SAEntry 2 }

rcIkeV2SALocalAddrType    OBJECT-TYPE
        SYNTAX          InetAddressType
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the type of address
                        field in the rcIkeActiveSALocalAddr.
                        Only IPv6 address types are supported for
                        this release."
        ::= { rcIkeV2SAEntry 3 }

rcIkeV2SALocalAddr        OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the string representation
                        of the local peer ID. The type of value
                        configured for this object is specified by the
                        rcIkeV2SALocalAddrType."
        ::= { rcIkeV2SAEntry 4 }

rcIkeV2SARemoteAddrType   OBJECT-TYPE
        SYNTAX          InetAddressType
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the type of address
                        field in the rcIkeV2SARemoteAddr.
                        Only IPv6 address types are supported for
                        this release."
        ::= { rcIkeV2SAEntry 5 }

rcIkeV2SARemoteAddr       OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION     "This object specifies the string representation
                        of the remote peer ID. The type of value
                        configured for this object is specified by the
                        rcIkeV2SARemoteAddrType."
        ::= { rcIkeV2SAEntry 6 }

rcIkeV2SAName             OBJECT-TYPE
        SYNTAX          DisplayString (SIZE(1..32))
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the name for the SA."
        ::= { rcIkeV2SAEntry 7 }

rcIkeV2SAAuthenticationMethod     OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                preSharedKey(1),
                                dssSignatures(2),
                                rsaSignatures(3),
                                encryptionWithRsa(4)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the proposed
                        authentication method for the phase 1
                        security association.
                        Only the Pre-Shared Key authentication
                        method is supported in this release."
        DEFVAL  { preSharedKey }
        ::= { rcIkeV2SAEntry 8 }
                                
rcIkeV2SADPDTimeout       OBJECT-TYPE
        SYNTAX          Unsigned32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the Dead Peer
                        Detection timeout in seconds."
        ::= { rcIkeV2SAEntry 9 }

rcIkeV2SAHashAlgorithm    OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                md5(1),
                                sha(2),
                                sha256(5)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the hash algorithm
                        negotiated for this IKEv2  SA."
        ::= { rcIkeV2SAEntry 10 }

rcIkeV2SAEncryptionAlgorithm      OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                desCbc(2),
                                tripleDesCbc(3),
                                aesCbc(12)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the encryption
                        algorithm negotiated for this IKEv2 SA."
        ::= { rcIkeV2SAEntry 11 }

rcIkeV2SAEncryptKeyLen    OBJECT-TYPE
        SYNTAX          INTEGER (128|192|256)
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the encryption
                        key length negotiated for this IKE V2 SA."
        ::= { rcIkeV2SAEntry 12 }

rcIkeV2SADHGroup  OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                modp768(1),
                                modp1024(2),
                                modp2048(14)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the Diffie-Hellman
                        group negotiated for this IKE V2 SA."
        ::= { rcIkeV2SAEntry 13 }

rcIkeV2SAExchangeMode     OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                main(1),
                                aggressive(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the IKE V2 SA mode."
        ::= { rcIkeV2SAEntry 14 }

rcIkeV2SALifetimeSeconds  OBJECT-TYPE
        SYNTAX          Unsigned32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the amount of time to
                        propose an IKE V2  SA remain valid during
                        IKE  negotiation. A value of 0 means
                        no expiration."
        ::= { rcIkeV2SAEntry 15 }
                                
rcIkeV2SAStatus           OBJECT-TYPE
        SYNTAX          INTEGER
                        {
                                inactive(1),
                                active(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the amount of time to
                        propose an IKE V2 SA remain valid during
                        IKE V2  negotiation. A value of 0 means no
                        expiration."
        ::= { rcIkeV2SAEntry 16 }

rcIkeV2SAInitiator        OBJECT-TYPE
        SYNTAX          INTEGER {
                                  initiator(1),
                                  responder(2)
                                }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the whether the SA was
                        created by an Initiator or a Responder"
        ::= { rcIkeV2SAEntry 17 }

                                
rcIkeV2SAIntegrityAlgorithm     OBJECT-TYPE
       SYNTAX          INTEGER
                       {
                          md5(1),
                          sha1(2),
                          sha256(12),
                          aes-xcbc(5)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "This object specifies the integrity algorithms
                        that can be used during IKEv2 SA
                        negotiation."
        ::= { rcIkeV2SAEntry 18 }

END
