Class CIM_IKEProposal
extends CIM_SAProposal

IKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation.

Table of Contents
Hierarchy
Direct Known Subclasses
Class Qualifiers
Class Properties
Class Methods


Class Hierarchy

CIM_ManagedElement
   |
   +--CIM_SettingData
   |
   +--CIM_ScopedSettingData
   |
   +--CIM_SAProposal
   |
   +--CIM_IKEProposal

Direct Known Subclasses

Class Qualifiers

NameData TypeValue
DescriptionstringIKEProposal contains the parameters necessary to drive the phase 1 IKE negotiation.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal
UMLPackagePathstringCIM::IPsecPolicy
Versionstring2.8.0

Class Properties

Local Class Properties

NameData TypeDefault ValueQualifiers
NameData TypeValue
AuthenticationMethoduint16
DescriptionstringAuthenticationMethod is an enumeration that specifies the proposed authentication. The list of methods was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.AuthenticationMethod. There is one change to the list - the value 65000 has special meaning. It is a special value that indicates that this particular proposal should be repeated once for each authentication method corresponding to credentials installed on the machine. For example, if the system has a pre-shared key and an public-key certificate, a proposal list would be constructed which includes a proposal that specifies a pre-shared key and a proposal for any of the public-key certificates.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.AuthenticationMethod, RFC2409.IETF|Appendix A
ModelCorrespondencestringCIM_IKESAEndpoint.AuthenticationMethod, CIM_IKEProposal.OtherAuthenticationMethod
ValueMapstring1, 2, 3, 4, 5, 6, 7..64999, 65000, 65001..65535
ValuesstringOther, Pre-shared Key, DSS Signatures, RSA Signatures, Encryption with RSA, Revised Encryption with RSA, DMTF/IANA Reserved, Any, Vendor Reserved
CipherAlgorithmuint16
DescriptionstringCipherAlgorithm is an enumeration that specifies the proposed encryption algorithm. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.CipherAlgorithm.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.CipherAlgorithm, RFC2409.IETF|Appendix A
ModelCorrespondencestringCIM_IKESAEndpoint.CipherAlgorithm, CIM_IKEProposal.OtherCipherAlgorithm
ValueMapstring1, 2, 3, 4, 5, 6, 7, 8..65000, 65001..65535
ValuesstringOther, DES, IDEA, Blowfish, RC5, 3DES, CAST, DMTF/IANA Reserved, Vendor Reserved
GroupIduint16
DescriptionstringThe property GroupId specifies the proposed phase 1 security association key exchange group. This property is ignored for all aggressive mode exchanges (IKEAction.ExchangeMode = 4). If the GroupID number is from the vendor-specific range (32768-65535), the property VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve Group with 155 bit field element', Group 4= 'Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.GroupID, RFC2412.IETF|Appendix E
ModelCorrespondencestringCIM_IKESAEndpoint.GroupID, CIM_IKEProposal.VendorID
ValueMapstring0, 1, 2, 3, 4, 5, .., 0x8000..
ValuesstringNo Group/Non-Diffie-Hellman Exchange, DH-768 bit prime, DH-1024 bit prime, EC2N-155 bit field element, EC2N-185 bit field element, DH-1536 bit prime, Standard Group - Reserved, Vendor Reserved
HashAlgorithmuint16
DescriptionstringHashAlgorithm is an enumeration that specifies the proposed hash function. The list of algorithms was generated from Appendix A of RFC2409. Note that the enumeration is different than the RFC list and aligns with the values in IKESAEndpoint.HashAlgorithm.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.HashAlgorithm, RFC2409.IETF|Appendix A
ModelCorrespondencestringCIM_IKESAEndpoint.HashAlgorithm, CIM_IKEProposal.OtherHashAlgorithm
ValueMapstring1, 2, 3, 4, 5..65000, 65001..65535
ValuesstringOther, MD5, SHA-1, Tiger, DMTF/IANA Reserved, Vendor Reserved
MaxLifetimeKilobytesuint64
DescriptionstringMaxLifetimeKilobytes specifies the maximum kilobyte lifetime the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero (the default) indicates that there should be no maximum kilobyte lifetime. A non-zero value specifies the desired kilobyte lifetime.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.MaxLifetimeKilobytes
ModelCorrespondencestringCIM_SecurityAssociationEndpoint.LifetimeKilobytes
PUnitstringbyte * 10^3
UnitsstringKiloBytes
MaxLifetimeSecondsuint64
DescriptionstringMaxLifetimeSeconds specifies the maximum time the IKE message sender proposes for an SA to be considered valid after it has been created. A value of zero indicates that the default of 8 hours be used. A non-zero value indicates the maximum seconds lifetime.
MappingStringsstringIPSP Policy Model.IETF|IKEProposal.MaxLifetimeSeconds
ModelCorrespondencestringCIM_SecurityAssociationEndpoint.LifetimeSeconds
PUnitstringsecond
UnitsstringSeconds
OtherAuthenticationMethodstring
DescriptionstringDescription of the method when the value 1 ("Other") is specified for the property, AuthenticationMethod.
ModelCorrespondencestringCIM_IKESAEndpoint.OtherAuthenticationMethod, CIM_IKEProposal.AuthenticationMethod
OtherCipherAlgorithmstring
DescriptionstringDescription of the encryption algorithm when the value 1 ("Other") is specified for the property, CipherAlgorithm.
ModelCorrespondencestringCIM_IKESAEndpoint.OtherCipherAlgorithm, CIM_IKEProposal.CipherAlgorithm
OtherHashAlgorithmstring
DescriptionstringDescription of the hash function when the value 1 ("Other") is specified for the property, HashAlgorithm.
ModelCorrespondencestringCIM_IKESAEndpoint.OtherHashAlgorithm, CIM_IKEProposal.HashAlgorithm
VendorIDstring
DescriptionstringVendorID identifies the vendor when the value of GroupID is in the vendor-specific range, 32768 to 65535.
ModelCorrespondencestringCIM_IKESAEndpoint.VendorID, CIM_IKEProposal.GroupId

Inherited Properties

NameData TypeClass Origin
CaptionstringCIM_ManagedElement
ChangeableTypeuint16CIM_SettingData
ConfigurationNamestringCIM_SettingData
DescriptionstringCIM_ManagedElement
ElementNamestringCIM_SettingData
InstanceIDstringCIM_SettingData

Class Methods