a3IPsecureParamCtl 1.3.6.1.4.1.43.2.12.3.1.2

This object controls a number of parameters associated with IP security. Each parameter is represented by a specific bit. If the bit is set, the parameter is turned on. If the bit is not set, the parameter is turned off. The state of all the parameters is represented by a sum of all the bits, the value of each bit being multiplied by 2 raised to the power of the position of the bit in the integer. With bit 0 being the least significant bit, the table below defines the mapping of security parameters to bits. bit # Parameter 0 Extended 1 BasicFirst 2 LabelAdd 3 LabelStrip If bit 0 is set, the Extended parameter is turned on. This allows datagrams with extended security options to be received and/or transmitted from this port. If bit 1 is set, the BasicFirst parameter is turned on. This indicates that the basic security option is always transmitted as the first option in the datagram, even if the packet has to be rearranged. If this bit is not set, the datagram options are sent as is. If bit 2 is set, the LabelAdd parameter is turned on. This ensures that all datagrams leaving this port have a label attached to them. If an outgoing datagram does not have a label, the default label, computed for the datagram on receipt, is attached to it before transmission. If this parameter is turned off, then datagrams without labels are allowed to be transmitted, and the default label is not attached to the datagram. If bit 3 is set, the LabelStrip parameter is turned on. In this case, any basic security option present in the datagram is stripped before transmission through this port. The stripping is done after all the security processing has been done. If this parameter is turned off, the label is transmitted as is.