ipsec.IPSecSecurityAssociation (NSP Network Functions Manager

ipsec
IPSecSecurityAssociation

This class represents the IP Sec Tunnel Security Association that is being defined by the operator when using Manual Keying.

Inheritance Hierarchy
- ManagedObject
  - ipsec.AbstractIPSecSecurityAssociation
    - ipsec. IPSecSecurityAssociation

Parent Hierarchy
- service.ServiceManager
  - vprn.Vprn
    - vprn.Site
      - vprn.IPsecInterface
        
        ipsec.IPSecTunnel
        
        ipsec.IPSecSecurityAssociation [svc-mgr:[service-${*id}]:[${siteId}][-switch-$%{ethernetSwitchCardPointer}]:[ipsec-interface-${*id}]:[ipsecTunnel-${tunnelName}]:[sa-${id}][index-${index}][direction-${direction}]]

Children Hierarchy
- ipsec.IPSecSecurityAssociation

Relationships
- many ipsec.IPSecSecurityAssociations may be associated with ipsec.IPSecTransform (implied relationship)
- many ipsec.IPSecSecurityAssociations may be direct children of one ipsec.IPSecTunnel (child-parent relationship)

IPSecSecurityAssociation

Relative Name=[[sa-${id}][index-${index}][direction-${direction}]]

Displayed Name=IPsec Security Association

Properties
creationOrigin	type=svt.L2RouteOriginType access=read-create default=manual
keyTypeOption	type=ipsec.KeyType default=ascii Displayed(tab/group)=Key Type (/Key)
localTransformPointer	type=Pointer access=read-only default=
spi	The value of Spi specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of Direction is 'inbound'. type=int access=read-create minimum=256 maximum=16383 Mandatory on create Displayed(tab/group)=SPI (/Key)
storageType	Specifies how the row is stored. Entries with StorageType of 'read-only' are dynamic SAs and are created by the IPsec sub-system and cannot be modified or destroyed. All the entries created by the user are manual SAs and will have the StorageType as 'nonVolatile'. type=aapolicy.AAStorageType access=read-only Displayed(tab/group)=Storage Type (Algorithms)
transformId	Identifies the transform entry that will be used by this SA entry. This identifier should be specified for all the entries created by the user which are manual SAs. If the value of Type is 'dynamic', then the value of TransformId is irrelevant and will be zero. type=int access=read-only
transformPointer	Pointer to the Transform ID object being used by this SA. type=Pointer access=read-create default= Mandatory on create Displayed(tab/group)=Transform (/Key)
tunnelName	The name of the tunnel on which this SA object resides. type=string access=read-only
type	Specifies whether this SA entry is created manually by the user or dynamically by the IPsec sub-system. type=ipsec.SecurityAssociationType access=read-only Displayed(tab/group)=Type

Properties

creationOrigin

type=svt.L2RouteOriginType
access=read-create
default=manual

keyTypeOption

type=ipsec.KeyType
default=ascii
Displayed(tab/group)=Key Type (/Key)

localTransformPointer

type=Pointer
access=read-only
default=

spi

The value of Spi specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of Direction is 'inbound'.

type=int
access=read-create
minimum=256
maximum=16383
Mandatory on create
Displayed(tab/group)=SPI (/Key)

storageType

Specifies how the row is stored. Entries with StorageType of 'read-only' are dynamic SAs and are created by the IPsec sub-system and cannot be modified or destroyed. All the entries created by the user are manual SAs and will have the StorageType as 'nonVolatile'.

type=aapolicy.AAStorageType
access=read-only
Displayed(tab/group)=Storage Type (Algorithms)

transformId

Identifies the transform entry that will be used by this SA entry. This identifier should be specified for all the entries created by the user which are manual SAs. If the value of Type is 'dynamic', then the value of TransformId is irrelevant and will be zero.

type=int
access=read-only

transformPointer

Pointer to the Transform ID object being used by this SA.

type=Pointer
access=read-create
default=
Mandatory on create
Displayed(tab/group)=Transform (/Key)

tunnelName

The name of the tunnel on which this SA object resides.

type=string
access=read-only

type

Specifies whether this SA entry is created manually by the user or dynamically by the IPsec sub-system.

type=ipsec.SecurityAssociationType
access=read-only
Displayed(tab/group)=Type

Properties inherited from ipsec.AbstractIPSecSecurityAssociation
authAlgorithm, authenticationKey, direction, encapsulationValue, encrAlgorithm, encryptionKey, establishedTime, id, idPointer, index, negotiatedLifeTime, siteId, siteServiceId, snmpPortId, svcComponentId

Properties inherited from ipsec.AbstractIPSecSecurityAssociation

authAlgorithm, authenticationKey, direction, encapsulationValue, encrAlgorithm, encryptionKey, establishedTime, id, idPointer, index, negotiatedLifeTime, siteId, siteServiceId, snmpPortId, svcComponentId

Properties inherited from ManagedObject
actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Properties inherited from ManagedObject

actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Supported Network Elements
7750 SR	Supported from 10.0.R1 until 13.0.R13 Excluded chassis types: 7750-SR1, 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s Supported from 13.0.R13 until 14.0.R1 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s Supported from 14.0.R1 until 14.0.R4 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s Supported from 14.0.R4 until 20.10.R1 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s Supported from 20.10.R1 until 21.2.R1 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s Supported from 21.2.R1 until 21.7.R1 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-7s, 7750 SR-14s Supported from 21.7.R1 Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8
7705 SAR Gen 2
7450 ESS	Supported from 11.0.R1 Excluded chassis types: 7450-ESS1 Required Capabilities: MixedMode
7705 SAR Hm
7705 SAR	Supported from 6.1.R1 Excluded chassis types: 7705-SARM ASAP, 7705-SARM, 7705-SARM ASAP FL, 7705-SARM FL, 7705 SAR-A T1/E1, 7705 SAR-A, 7705-SARF
7705 SAR H	Supported from 6.1.R1

Supported Network Elements

7750 SR

Supported from 10.0.R1 until 13.0.R13

Excluded chassis types: 7750-SR1, 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s

Supported from 13.0.R13 until 14.0.R1

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s

Supported from 14.0.R1 until 14.0.R4

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s

Supported from 14.0.R4 until 20.10.R1

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750-SR1 Fixed CFM, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s, 7750 SR-2s

Supported from 20.10.R1 until 21.2.R1

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-14s, 7750 SR-7s, 7750 SR-1s

Supported from 21.2.R1 until 21.7.R1

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8, 7750 SR-7s, 7750 SR-14s

Supported from 21.7.R1

Excluded chassis types: 7750-SRc4, 7750-SRa4, 7750-SRa8

7705 SAR Gen 2

7450 ESS

Supported from 11.0.R1

Excluded chassis types: 7450-ESS1
Required Capabilities: MixedMode

7705 SAR Hm

7705 SAR

Supported from 6.1.R1

Excluded chassis types: 7705-SARM ASAP, 7705-SARM, 7705-SARM ASAP FL, 7705-SARM FL, 7705 SAR-A T1/E1, 7705 SAR-A, 7705-SARF

7705 SAR H

Supported from 6.1.R1

ipsec IPSecSecurityAssociation

ipsec
IPSecSecurityAssociation