| Name | Data Type | Default Value | Qualifiers |
| Name | Data Type | Value |
| AuthenticationMethod | uint16 | |
| Description | string | AuthenticationMethod is an enumeration that specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. There is one change to the list - the value 65000 has special meaning. It is a special value that indicates that this particular proposal should be repeated once for each authentication method corresponding to credentials installed on the machine. For example, if the system has a pre-shared key and an public-key certificate, a proposal list would be constructed which includes a proposal that specifies a pre-shared key and a proposal for any of the public-key certificates. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.AuthenticationMethod, RFC2409.IETF|Appendix A |
| ModelCorrespondence | string | CIM_IKESAEndpoint.AuthenticationMethod, CIM_IKEProposal.OtherAuthenticationMethod |
| ValueMap | string | 1, 2, 3, 4, 5, 6, 7..64999, 65000, 65001..65535 |
| Values | string | Other, Pre-shared Key, DSS Signatures, RSA Signatures, Encryption with RSA, Revised Encryption with RSA, DMTF/IANA Reserved, Any, Vendor Reserved |
| CipherAlgorithm | uint16 | |
| Description | string | CipherAlgorithm is an enumeration that specifies the proposed encryption algorithm. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.CipherAlgorithm. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.CipherAlgorithm, RFC2409.IETF|Appendix A |
| ModelCorrespondence | string | CIM_IKESAEndpoint.CipherAlgorithm, CIM_IKEProposal.OtherCipherAlgorithm |
| ValueMap | string | 1, 2, 3, 4, 5, 6, 7, 8..65000, 65001..65535 |
| Values | string | Other, DES, IDEA, Blowfish, RC5, 3DES, CAST, DMTF/IANA Reserved, Vendor Reserved |
| GroupId | uint16 | |
| Description | string | The property GroupId specifies the proposed phase 1 security association key exchange group. This property is ignored for all aggressive mode exchanges (IKEAction.ExchangeMode = 4). If the GroupID number is from the vendor-specific range (32768-65535), the property VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.GroupID, RFC2412.IETF|Appendix E |
| ModelCorrespondence | string | CIM_IKESAEndpoint.GroupID, CIM_IKEProposal.VendorID |
| ValueMap | string | 0, 1, 2, 3, 4, 5, .., 0x8000.. |
| Values | string | No Group/Non-Diffie-Hellman Exchange, DH-768 bit prime, DH-1024 bit prime, EC2N-155 bit field element, EC2N-185 bit field element, DH-1536 bit prime, Standard Group - Reserved, Vendor Reserved |
| HashAlgorithm | uint16 | |
| Description | string | HashAlgorithm is an enumeration that specifies the proposed hash function. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.HashAlgorithm. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.HashAlgorithm, RFC2409.IETF|Appendix A |
| ModelCorrespondence | string | CIM_IKESAEndpoint.HashAlgorithm, CIM_IKEProposal.OtherHashAlgorithm |
| ValueMap | string | 1, 2, 3, 4, 5..65000, 65001..65535 |
| Values | string | Other, MD5, SHA-1, Tiger, DMTF/IANA Reserved, Vendor Reserved |
| MaxLifetimeKilobytes | uint64 | |
| Description | string | MaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.MaxLifetimeKilobytes |
| ModelCorrespondence | string | CIM_SecurityAssociationEndpoint.LifetimeKilobytes |
| PUnit | string | byte * 10^3 |
| Units | string | KiloBytes |
| MaxLifetimeSeconds | uint64 | |
| Description | string | MaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the maximum seconds lifetime. |
| MappingStrings | string | IPSP Policy Model.IETF|IKEProposal.MaxLifetimeSeconds |
| ModelCorrespondence | string | CIM_SecurityAssociationEndpoint.LifetimeSeconds |
| PUnit | string | second |
| Units | string | Seconds |
| OtherAuthenticationMethod | string | |
| Description | string | Description of the method when the value 1 ("Other") is specified for the property, AuthenticationMethod. |
| ModelCorrespondence | string | CIM_IKESAEndpoint.OtherAuthenticationMethod, CIM_IKEProposal.AuthenticationMethod |
| OtherCipherAlgorithm | string | |
| Description | string | Description of the encryption algorithm when the value 1 ("Other") is specified for the property, CipherAlgorithm. |
| ModelCorrespondence | string | CIM_IKESAEndpoint.OtherCipherAlgorithm, CIM_IKEProposal.CipherAlgorithm |
| OtherHashAlgorithm | string | |
| Description | string | Description of the hash function when the value 1 ("Other") is specified for the property, HashAlgorithm. |
| ModelCorrespondence | string | CIM_IKESAEndpoint.OtherHashAlgorithm, CIM_IKEProposal.HashAlgorithm |
| VendorID | string | |
| Description | string | VendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535. |
| ModelCorrespondence | string | CIM_IKESAEndpoint.VendorID, CIM_IKEProposal.GroupId |