IPSECV1-MIB DEFINITIONS ::= BEGIN ------------------------------------------------------------------ -- IBM IPSec MIB ------------------------------------------------------------------ -- -- This module defines a portion of the Management -- Information Base (MIB) for managing IP Security -- Protocol. -- -- Level 1: Initial Version (Mar 25, 1998) -- -- CONTACT-INFO -- Cliff Wang -- Postal: IBM Corporation -- 800 Park, Highway 54 -- Research Triangle Park, NC 27709-9990 -- Email: cliff_wang@us.ibm.com ------------------------------------------------------------------ IMPORTS TimeTicks, Counter, Gauge, enterprises FROM RFC1155-SMI TRAP-TYPE FROM RFC-1215 OBJECT-TYPE FROM RFC-1212 DisplayString FROM RFC1213-MIB; -- ---------------------------------------------------------------------------- -- Local Textual Conventions -- ---------------------------------------------------------------------------- IPSIpAddress ::= OCTET STRING(SIZE(4 | 16)) -- IP V4 or V6 Address -- ---------------------------------------------------------------------------- -- IPSec MIB Object Groups -- -- This MIB module contains the following groups: -- 1) IPSec Levels Group -- 2) IPSec Phase-1 Group -- 3) IPSec Phase-2 Group -- 4) IPSec History Group -- 5) IPSec TRAP Control Group -- ---------------------------------------------------------------------------- ibmIROCroutingIpSec OBJECT IDENTIFIER ::= { enterprises ibm(2) ibmProd(6) ibmIROC(119) ibmIROCrouting(4) 9 } ipSecLevels OBJECT IDENTIFIER ::= { ibmIROCroutingIpSec 1 } ipSecPhaseOne OBJECT IDENTIFIER ::= { ibmIROCroutingIpSec 2 } ipSecPhaseTwo OBJECT IDENTIFIER ::= { ibmIROCroutingIpSec 3 } ipSecHistory OBJECT IDENTIFIER ::= { ibmIROCroutingIpSec 4 } ipSecTrapCntl OBJECT IDENTIFIER ::= { ibmIROCroutingIpSec 5 } -- ---------------------------------------------------------------------------- -- IPSec Levels Group -- -- This group consists of a: -- 1) IPSec MIB Level -- ---------------------------------------------------------------------------- ipSecMibLevel OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The level of the IBM IPSec MIB." ::= { ipSecLevels 1 } -- ---------------------------------------------------------------------------- -- IPSec Phase-1 Group -- -- This group consists of a: -- 1) Internet Key Exchange Tunnel Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Internet Key Exchange Tunnel Table -- ---------------------------------------------------------------------------- ikeTunnelTable OBJECT-TYPE SYNTAX SEQUENCE OF IkeTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The objects defined in this table are used to for the management of IKE (Phase-1) Tunnel. There is one entry in this table for each Phase-1 Tunnel." ::= { ipSecPhaseOne 1} ikeTunnelEntry OBJECT-TYPE SYNTAX IkeTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains attributes associated with a Phase-1 IKE tunnel." INDEX { ikeTunnelIndex } ::= { ikeTunnelTable 1} IkeTunnelEntry ::= SEQUENCE { ikeTunnelIndex INTEGER, ikeTunnelId OCTET STRING, ikeTunnelLocalAddr IPSIpAddress, ikeTunnelLocalName DisplayString, ikeTunnelRemoteAddr IPSIpAddress, ikeTunnelRemoteName DisplayString, ikeTunnelNegoMode INTEGER, ikeTunnelLifetime INTEGER, ikeTunnelActiveTime TimeTicks, ikeTunnelSaRefreshThreshold INTEGER, ikeTunnelTotalRefreshes Counter, ikeTunnelInOctets Counter, ikeTunnelInPkts Counter, ikeTunnelInDropPkts Counter, ikeTunnelInNotifys Counter, ikeTunnelInP2Proposals Counter, ikeTunnelInP2ProposalInvalids Counter, ikeTunnelInP2ProposalRejects Counter, ikeTunnelInSaDeleteRequests Counter, ikeTunnelOutOctets Counter, ikeTunnelOutPkts Counter, ikeTunnelOutDropPkts Counter, ikeTunnelOutNotifys Counter, ikeTunnelOutP2Proposals Counter, ikeTunnelOutP2ProposalRejects Counter, ikeTunnelOutSaDeleteRequests Counter, ikeTunnelStatus INTEGER } ikeTunnelIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the Phase-1 Tunnel table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 65535." ::= { ikeTunnelEntry 1 } ikeTunnelId OBJECT-TYPE SYNTAX OCTET STRING ACCESS read-only STATUS mandatory DESCRIPTION "The internal ID of the Phase-1 Tunnel." ::= { ikeTunnelEntry 2 } ikeTunnelLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local IP Address the Phase-1 Tunnel." ::= { ikeTunnelEntry 3 } ikeTunnelLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The local name of the Phase-1 Tunnel." ::= { ikeTunnelEntry 4 } ikeTunnelRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local IP Address the Phase-1 Tunnel." ::= { ikeTunnelEntry 5 } ikeTunnelRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The remote name of the Phase-1 Tunnel." ::= { ikeTunnelEntry 6 } ikeTunnelNegoMode OBJECT-TYPE SYNTAX INTEGER { main(1), aggressive(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The negotiation mode of the Phase-1 Tunnel." ::= { ikeTunnelEntry 7 } ikeTunnelLifetime OBJECT-TYPE SYNTAX INTEGER(0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The lifetime of the Phase-1 Tunnel in seconds." ::= { ikeTunnelEntry 8 } ikeTunnelActiveTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the tunnel has been active in hundredths of seconds." ::= { ikeTunnelEntry 9 } ikeTunnelSaRefreshThreshold OBJECT-TYPE SYNTAX INTEGER(0..100) ACCESS read-only STATUS mandatory DESCRIPTION "The security association refresh threshold percentage of the Phase-1 Tunnel." ::= { ikeTunnelEntry 10 } ikeTunnelTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations refreshes completed." ::= { ikeTunnelEntry 11 } ikeTunnelInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by this Phase-1 Tunnel." ::= { ikeTunnelEntry 12 } ikeTunnelInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by this Phase-1 Tunnel." ::= { ikeTunnelEntry 13 } ikeTunnelInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this Phase-1 Tunnel during receive processing." ::= { ikeTunnelEntry 14 } ikeTunnelInNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifications received by this Phase-1 Tunnel." ::= { ikeTunnelEntry 15 } ikeTunnelInP2Proposals OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of proposals received by this Phase-1 Tunnel." ::= { ikeTunnelEntry 16 } ikeTunnelInP2ProposalInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of proposals received by this Phase-1 Tunnel which were invalid." ::= { ikeTunnelEntry 17 } ikeTunnelInP2ProposalRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of proposals received by this Phase-1 Tunnel which were rejected." ::= { ikeTunnelEntry 18 } ikeTunnelInSaDeleteRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security association deleted requests received by this Phase-1 Tunnel." ::= { ikeTunnelEntry 19 } ikeTunnelOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by this Phase-1 Tunnel." ::= { ikeTunnelEntry 20 } ikeTunnelOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by this Phase-1 Tunnel." ::= { ikeTunnelEntry 21 } ikeTunnelOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this Phase-1 Tunnel during send processing." ::= { ikeTunnelEntry 22 } ikeTunnelOutNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifications sent by this Phase-1 Tunnel." ::= { ikeTunnelEntry 23 } ikeTunnelOutP2Proposals OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of Phase-2 Proposals sent by this Phase-1 Tunnel." ::= { ikeTunnelEntry 24 } ikeTunnelOutP2ProposalRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of Phase-2 Proposals sent by this Phase-1 Tunnel which were rejected." ::= { ikeTunnelEntry 25 } ikeTunnelOutSaDeleteRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security association deleted requests sent by this Phase-1 Tunnel." ::= { ikeTunnelEntry 26 } ikeTunnelStatus OBJECT-TYPE SYNTAX INTEGER { active(1), destroy(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The status of the MIB table row. This object can be used to bring the tunnel down by setting value of this object to destroy(2). This object cannot be used to create a MIB table row." ::= { ikeTunnelEntry 27 } -- ------------------------------------------------------------------------- -- IPSec Phase-2 Group -- -- This group consists of a: -- 1) IPSec Phase-2 Global Tunnel Statistics -- 2) IPSec Phase-2 Tunnel Table -- 3) IPSec Phase-2 Tunnel Client Table -- 4) IPSec Phase-2 Security Protection Index Table -- ------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Global Group -- ---------------------------------------------------------------------------- ipSecGlobal OBJECT IDENTIFIER ::= { ipSecPhaseTwo 1 } ipSecGlobalActiveTunnels OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of currently active IPSec Phase-2 Tunnels." ::= { ipSecGlobal 1 } ipSecGlobalPreviousTunnels OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of previously active IPSec Phase-2 Tunnels." ::= { ipSecGlobal 2 } ipSecGlobalInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by all current and previous IPSec Phase-2 Tunnels. See also ipSecGlobalInOctWraps for the number of times this counter has wrapped." ::= { ipSecGlobal 3 } ipSecGlobalInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 4 } ipSecGlobalInDrops OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 5 } ipSecGlobalInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 6 } ipSecGlobalInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's which ended in failure by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 7 } ipSecGlobalInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 8 } ipSecGlobalInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's which ended in failure by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 9 } ipSecGlobalOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by all current and previous IPSec Phase-2 Tunnels. See also ipSecGlobalOutOctWraps for the number of times this counter has wrapped." ::= { ipSecGlobal 10 } ipSecGlobalOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 11 } ipSecGlobalOutDrops OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during send processing by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 12 } ipSecGlobalOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 13 } ipSecGlobalOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's which ended in failure by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 14 } ipSecGlobalOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 15 } ipSecGlobalOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's which ended in failure by all current and previous IPSec Phase-2 Tunnels." ::= { ipSecGlobal 16 } ipSecGlobalInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the total number of octets received counter (ipSecGlobalInOctets) has wrapped." ::= { ipSecGlobal 17 } ipSecGlobalOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the total number of octets sent counter (ipSecGlobalOutOctets) has wrapped." ::= { ipSecGlobal 18 } -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Tunnel Table -- ---------------------------------------------------------------------------- ipSecTunnelTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSecTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The IPSec Phase-2 Tunnel table." ::= { ipSecPhaseTwo 2 } ipSecTunnelEntry OBJECT-TYPE SYNTAX IpSecTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An IPSec Phase-2 Tunnel entry." INDEX { ipSecTunnelIndex } ::= { ipSecTunnelTable 1 } IpSecTunnelEntry ::= SEQUENCE { ipSecTunnelIndex INTEGER, ipSecTunnelId INTEGER, ipSecTunnelIkeTunnelIndex INTEGER, ipSecTunnelLocalAddr IPSIpAddress, ipSecTunnelRemoteAddr IPSIpAddress, ipSecTunnelKeyType INTEGER, ipSecTunnelEncapMode INTEGER, ipSecTunnelLifetime TimeTicks, ipSecTunnelActiveTime TimeTicks, ipSecTunnelSaRefreshThreshold INTEGER, ipSecTunnelTotalRefreshes Counter, ipSecTunnelExpiredSaInstances Counter, ipSecTunnelCurrentSaInstances Gauge, ipSecTunnelInSaEncrypt INTEGER, ipSecTunnelInSaAuthAlgo INTEGER, ipSecTunnelOutSaEncrypt INTEGER, ipSecTunnelOutSaAuthAlgo INTEGER, ipSecTunnelInOctets Counter, ipSecTunnelInDecompOctets Counter, ipSecTunnelInPkts Counter, ipSecTunnelInDropPkts Counter, ipSecTunnelInAuths Counter, ipSecTunnelInAuthFails Counter, ipSecTunnelInDecrypts Counter, ipSecTunnelInDecryptFails Counter, ipSecTunnelOutOctets Counter, ipSecTunnelOutUncompOctets Counter, ipSecTunnelOutPkts Counter, ipSecTunnelOutDropPkts Counter, ipSecTunnelOutAuths Counter, ipSecTunnelOutAuthFails Counter, ipSecTunnelOutEncrypts Counter, ipSecTunnelOutEncryptFails Counter, ipSecTunnelStatus INTEGER, ipSecTunnelInOctWraps Counter, ipSecTunnelInDecompOctWraps Counter, ipSecTunnelOutOctWraps Counter, ipSecTunnelOutUncompOctWraps Counter } ipSecTunnelIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the Phase-2 Tunnel table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 65535." ::= { ipSecTunnelEntry 1 } ipSecTunnelId OBJECT-TYPE SYNTAX INTEGER(0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The internal ID of the Phase-2 Tunnel." ::= { ipSecTunnelEntry 2 } ipSecTunnelIkeTunnelIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The index of the related IKE Phase-1 Tunnel. (ikeTunnelIndex)" ::= { ipSecTunnelEntry 3 } ipSecTunnelLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local IP address of the Phase-2 Tunnel." ::= { ipSecTunnelEntry 4 } ipSecTunnelRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote IP address of the Phase-2 Tunnel." ::= { ipSecTunnelEntry 5 } ipSecTunnelKeyType OBJECT-TYPE SYNTAX INTEGER{ ike(1), manual(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The type of key used by the Phase-2 Tunnel." ::= { ipSecTunnelEntry 6 } ipSecTunnelEncapMode OBJECT-TYPE SYNTAX INTEGER{ tunnel(1), transport(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The encapsulation mode used by the Phase-2 Tunnel." ::= { ipSecTunnelEntry 7 } ipSecTunnelLifetime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The defined lifetime of the tunnel in hundredths of seconds." ::= { ipSecTunnelEntry 8 } ipSecTunnelActiveTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the tunnel has been active in hundredths of seconds." ::= { ipSecTunnelEntry 9 } ipSecTunnelSaRefreshThreshold OBJECT-TYPE SYNTAX INTEGER(0..100) ACCESS read-only STATUS mandatory DESCRIPTION "The security association refresh threshold percentage of the tunnel." ::= { ipSecTunnelEntry 10 } ipSecTunnelTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of security association refreshes performed." ::= { ipSecTunnelEntry 11 } ipSecTunnelExpiredSaInstances OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of security association which have expired." ::= { ipSecTunnelEntry 12 } ipSecTunnelCurrentSaInstances OBJECT-TYPE SYNTAX Gauge ACCESS read-only STATUS mandatory DESCRIPTION "The number of security associations which are currently active or expiring." ::= { ipSecTunnelEntry 13 } ipSecTunnelInSaEncrypt OBJECT-TYPE SYNTAX INTEGER{ espNone(1), espDesIv64(2), espDes(3), esp3Des(4), espRc5(5), espIdea(6), espCast(7), espBlowfish(8), esp3iDes(9), espDesIv32(10), espRc4(11), espCdmf(12) } ACCESS read-only STATUS mandatory DESCRIPTION "The encryption used by the inbound security association." ::= { ipSecTunnelEntry 14 } ipSecTunnelInSaAuthAlgo OBJECT-TYPE SYNTAX INTEGER{ none(1), hmacMd5(2), hmacSha(3), desMac(4), kpdk(5) } ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound security association." ::= { ipSecTunnelEntry 15 } ipSecTunnelOutSaEncrypt OBJECT-TYPE SYNTAX INTEGER{ espNone(1), espDesIv64(2), espDes(3), esp3Des(4), espRc5(5), espIdea(6), espCast(7), espBlowfish(8), esp3iDes(9), espDesIv32(10), espRc4(11), espCdmf(12) } ACCESS read-only STATUS mandatory DESCRIPTION "The encryption used by the outbound security association." ::= { ipSecTunnelEntry 16 } ipSecTunnelOutSaAuthAlgo OBJECT-TYPE SYNTAX INTEGER{ none(1), hmacMd5(2), hmacSha(3), desMac(4), kpdk(5) } ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the outbound security association." ::= { ipSecTunnelEntry 17 } ipSecTunnelInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of octets received. This value is accumulated BEFORE determining whether or not the packet should be decompressed. See also ipSecTunnelInOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelEntry 18 } ipSecTunnelInDecompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of decompressed octets received. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ipSecTunnelInOctets. See also ipSecTunnelInDecompOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelEntry 19 } ipSecTunnelInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets received." ::= { ipSecTunnelEntry 20 } ipSecTunnelInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets dropped during received processing." ::= { ipSecTunnelEntry 21 } ipSecTunnelInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed." ::= { ipSecTunnelEntry 22 } ipSecTunnelInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of inbound authentication's which failed." ::= { ipSecTunnelEntry 23 } ipSecTunnelInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed." ::= { ipSecTunnelEntry 24 } ipSecTunnelInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of inbound decryption's which failed." ::= { ipSecTunnelEntry 25 } ipSecTunnelOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of octets sent. This value is accumulated AFTER determining whether or not the packet should be compressed. See also ipSecTunnelOutOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelEntry 26 } ipSecTunnelOutUncompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of uncompressed octets sent. This value is accumulated BEFORE the packet is compress. If compression is not being used, this value will match the value of ipSecTunnelOutOctets. See also ipSecTunnelOutUncompOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelEntry 27 } ipSecTunnelOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets sent." ::= { ipSecTunnelEntry 28 } ipSecTunnelOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets dropped during send processing." ::= { ipSecTunnelEntry 29 } ipSecTunnelOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed." ::= { ipSecTunnelEntry 30 } ipSecTunnelOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of outbound authentication's which failed." ::= { ipSecTunnelEntry 31 } ipSecTunnelOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed." ::= { ipSecTunnelEntry 32 } ipSecTunnelOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of outbound encryption's which failed." ::= { ipSecTunnelEntry 33 } ipSecTunnelStatus OBJECT-TYPE SYNTAX INTEGER { active(1), destroy(2), disabled(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The status of the MIB table row. This object can be used to: 1) allow user-data traffic flow through this tunnel by setting this the value of this object to active (1). 2 bring the tunnel down by setting the value of this object to destroy(2). 3) stop all user-data traffic flow through the tunnel by setting the value of this object to disable(3). This object cannot be used to create a MIB table row. Valid Status Changes New Status +---------+---------+---------+ Current Status | active | destroy | disable | +---------------+=========+=========+=========+ | active | Valid | Valid | Valid | +---------------+---------+---------+---------+ | destroy | Invalid | Invalid | Invalid | +---------------+---------+---------+---------+ | disable | Valid | Valid | Valid | +---------------+---------+---------+---------+ " ::= { ipSecTunnelEntry 34 } ipSecTunnelInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets received counter (ipSecTunnelInOctets) has wrapped." ::= { ipSecTunnelEntry 35 } ipSecTunnelInDecompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the decompressed octets received counter (ipSecTunnelInDecompOctets) has wrapped." ::= { ipSecTunnelEntry 36 } ipSecTunnelOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets sent counter (ipSecTunnelOutOctets) has wrapped." ::= { ipSecTunnelEntry 37 } ipSecTunnelOutUncompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the uncompressed octets sent counter (ipSecTunnelOutUncompOctets) has wrapped." ::= { ipSecTunnelEntry 38 } -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Tunnel Client Table -- ---------------------------------------------------------------------------- ipSecClientTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSecClientEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The IPSec Phase-2 Tunnel Client table." ::= { ipSecPhaseTwo 3 } ipSecClientEntry OBJECT-TYPE SYNTAX IpSecClientEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An IPSec Phase-2 Tunnel Client entry." INDEX { ipSecTunnelIndex, -- from ipSecTunnelTable ipSecClientIndex } ::= { ipSecClientTable 1 } IpSecClientEntry ::= SEQUENCE { ipSecClientIndex INTEGER, ipSecClientLocalName DisplayString, ipSecClientLocalProtocol INTEGER, ipSecClientLocalType INTEGER, ipSecClientLocalSubnetMask IPSIpAddress, ipSecClientLocalHiAddr IPSIpAddress, ipSecClientLocalLoAddr IPSIpAddress, ipSecClientLocalPort INTEGER, ipSecClientRemoteName DisplayString, ipSecClientRemoteProtocol INTEGER, ipSecClientRemoteType INTEGER, ipSecClientRemoteSubnetMask IPSIpAddress, ipSecClientRemoteHiAddr IPSIpAddress, ipSecClientRemoteLoAddr IPSIpAddress, ipSecClientRemotePort INTEGER } ipSecClientIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The number of the Client associated with the Phase-2 Tunnel table. The value of this number begins at one and is incremented with each Client associated with a Phase-2 Tunnel. For example, each Phase-2 Tunnel may have Client Indices of 1 through 65,535. The value of this object will wrap at 65535." ::= { ipSecClientEntry 1 } ipSecClientLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The local name of the Client." ::= { ipSecClientEntry 2 } ipSecClientLocalType OBJECT-TYPE SYNTAX INTEGER { ipAddrRangeEntry(1), ipSubnetMaskEntry(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The local entry type. Possible values are: 1) The local IP Address Range is being used, or 2) The local IP Subnet Mask is being used." ::= { ipSecClientEntry 3 } ipSecClientLocalProtocol OBJECT-TYPE SYNTAX INTEGER(1..255) ACCESS read-only STATUS mandatory DESCRIPTION "The local protocol number for this Client." ::= { ipSecClientEntry 4 } ipSecClientLocalSubnetMask OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local subnet mask of the Client." ::= { ipSecClientEntry 5 } ipSecClientLocalHiAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local high IP Address of the Client." ::= { ipSecClientEntry 6 } ipSecClientLocalLoAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local low IP Address of the Client." ::= { ipSecClientEntry 7 } ipSecClientLocalPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The local port of the Client." ::= { ipSecClientEntry 8 } ipSecClientRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The remote name of the Client." ::= { ipSecClientEntry 9 } ipSecClientRemoteType OBJECT-TYPE SYNTAX INTEGER { ipAddrRangeEntry(1), ipSubnetMaskEntry(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The remote entry type. Possible values are: 1) The remote IP Address Range is being used, or 2) The remote IP Subnet Mask is being used." ::= { ipSecClientEntry 10 } ipSecClientRemoteProtocol OBJECT-TYPE SYNTAX INTEGER(1..255) ACCESS read-only STATUS mandatory DESCRIPTION "The remote protocol number for this Client." ::= { ipSecClientEntry 11 } ipSecClientRemoteSubnetMask OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote subnet mask of the Client." ::= { ipSecClientEntry 12 } ipSecClientRemoteHiAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote high IP Address of the Client." ::= { ipSecClientEntry 13 } ipSecClientRemoteLoAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote low IP Address of the Client." ::= { ipSecClientEntry 14 } ipSecClientRemotePort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The remote port of the Client." ::= { ipSecClientEntry 15 } -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Security Protection Index Table -- ---------------------------------------------------------------------------- ipSecSpiTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSecSpiEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The IPSec Phase-2 Security Protection Index table." ::= { ipSecPhaseTwo 4 } ipSecSpiEntry OBJECT-TYPE SYNTAX IpSecSpiEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An IPSec Phase-2 Security Protection Index entry." INDEX { ipSecTunnelIndex, -- from ipSecTunnelTable ipSecSpiIndex } ::= { ipSecSpiTable 1 } IpSecSpiEntry ::= SEQUENCE { ipSecSpiIndex INTEGER, ipSecSpiDirection INTEGER, ipSecSpiValue INTEGER, ipSecSpiProtocol INTEGER, ipSecSpiStatus INTEGER } ipSecSpiIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The number of the SPI associated with the Phase-2 Tunnel table. The value of this number begins at one and is incremented with each SPI associated with a Phase-2 Tunnel. For example, each Phase-2 Tunnel may have Client Indices of 1 through 65,535. The value of this object will wrap at 65535." ::= { ipSecSpiEntry 1 } ipSecSpiDirection OBJECT-TYPE SYNTAX INTEGER{ in(1), out(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The direction of the SPI." ::= { ipSecSpiEntry 2 } ipSecSpiValue OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The value of the SPI." ::= { ipSecSpiEntry 3 } ipSecSpiProtocol OBJECT-TYPE SYNTAX INTEGER{ ah(1), esp(2), ipcomp(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The protocol of the SPI." ::= { ipSecSpiEntry 4 } ipSecSpiStatus OBJECT-TYPE SYNTAX INTEGER{ active(1), expiring(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The status of the SPI." ::= { ipSecSpiEntry 5 } -- ------------------------------------------------------------------------- -- IPSec History Group -- -- This group consists of a: -- 1) IPSec Phase-2 Tunnel History Table -- 2) IPSec Phase-2 Failure Table -- ------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Tunnel History Table -- ---------------------------------------------------------------------------- ipSecTunnelHistTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSecTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The IPSec Phase-2 Tunnel History table." ::= { ipSecHistory 2 } ipSecTunnelHistEntry OBJECT-TYPE SYNTAX IpSecTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An IPSec Phase-2 Tunnel History entry." INDEX { ipSecTunnelHistIndex } ::= { ipSecTunnelHistTable 1 } IpSecTunnelHistEntry ::= SEQUENCE { ipSecTunnelHistIndex INTEGER, ipSecTunnelHistId INTEGER, ipSecTunnelHistLocalAddr IPSIpAddress, ipSecTunnelHistRemoteAddr IPSIpAddress, ipSecTunnelHistActiveTime TimeTicks, ipSecTunnelHistTotalRefreshes Counter, ipSecTunnelHistTotalSas Counter, ipSecTunnelHistInOctets Counter, ipSecTunnelHistInDecompOctets Counter, ipSecTunnelHistInPkts Counter, ipSecTunnelHistInDropPkts Counter, ipSecTunnelHistInAuths Counter, ipSecTunnelHistInAuthFails Counter, ipSecTunnelHistInDecrypts Counter, ipSecTunnelHistInDecryptFails Counter, ipSecTunnelHistOutOctets Counter, ipSecTunnelHistOutUncompOctets Counter, ipSecTunnelHistOutPkts Counter, ipSecTunnelHistOutDropPkts Counter, ipSecTunnelHistOutAuths Counter, ipSecTunnelHistOutAuthFails Counter, ipSecTunnelHistOutEncrypts Counter, ipSecTunnelHistOutEncryptFails Counter, ipSecTunnelHistInOctWraps Counter, ipSecTunnelHistInDecompOctWraps Counter, ipSecTunnelHistOutOctWraps Counter, ipSecTunnelHistOutUncompOctWraps Counter } ipSecTunnelHistIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the IPSec Phase-2 Tunnel History table. The value of the index is a number which begins at one and is incremented with each tunnel that ends. The value of this object will wrap at 65535." ::= { ipSecTunnelHistEntry 1 } ipSecTunnelHistId OBJECT-TYPE SYNTAX INTEGER(0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The internal ID of the Phase-2 Tunnel." ::= { ipSecTunnelHistEntry 2 } ipSecTunnelHistLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local IP address of the Phase-2 Tunnel." ::= { ipSecTunnelHistEntry 3 } ipSecTunnelHistRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote IP address of the Phase-2 Tunnel." ::= { ipSecTunnelHistEntry 4 } ipSecTunnelHistActiveTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the tunnel was active in hundredths of seconds. " ::= { ipSecTunnelHistEntry 5 } ipSecTunnelHistTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of security association refreshes performed." ::= { ipSecTunnelHistEntry 6 } ipSecTunnelHistTotalSas OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of security associations which were active or or had expired during the life of the tunnel." ::= { ipSecTunnelHistEntry 7 } ipSecTunnelHistInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of octets received. This value is accumulated BEFORE determining whether or not the packet should be decompressed. See also ipSecTunnelHistInOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelHistEntry 8 } ipSecTunnelHistInDecompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of decompressed octets received. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ipSecTunnelHistInOctets. See also ipSecTunnelHistInDecompOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelHistEntry 9 } ipSecTunnelHistInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets received." ::= { ipSecTunnelHistEntry 10 } ipSecTunnelHistInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets dropped during received processing." ::= { ipSecTunnelHistEntry 11 } ipSecTunnelHistInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed." ::= { ipSecTunnelHistEntry 12 } ipSecTunnelHistInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of inbound authentication's which failed." ::= { ipSecTunnelHistEntry 13 } ipSecTunnelHistInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed." ::= { ipSecTunnelHistEntry 14 } ipSecTunnelHistInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of inbound decryption's which failed." ::= { ipSecTunnelHistEntry 15 } ipSecTunnelHistOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of octets sent. This value is accumulated AFTER determining whether or not the packet should be compressed. See also ipSecTunnelHistOutOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelHistEntry 16 } ipSecTunnelHistOutUncompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of uncompressed octets sent. This value is accumulated BEFORE the packet is compress. If compression is not being used, this value will match the value of ipSecTunnelHistOutOctets. See also ipSecTunnelHistOutUncompOctWraps for the number of times this counter has wrapped." ::= { ipSecTunnelHistEntry 17 } ipSecTunnelHistOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets sent." ::= { ipSecTunnelHistEntry 18 } ipSecTunnelHistOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packets dropped during send processing." ::= { ipSecTunnelHistEntry 19 } ipSecTunnelHistOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed." ::= { ipSecTunnelHistEntry 20 } ipSecTunnelHistOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of outbound authentication's which failed." ::= { ipSecTunnelHistEntry 21 } ipSecTunnelHistOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed." ::= { ipSecTunnelHistEntry 22 } ipSecTunnelHistOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of outbound encryption's which failed." ::= { ipSecTunnelHistEntry 23 } ipSecTunnelHistInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets received counter (ipSecTunnelHistInOctets) has wrapped." ::= { ipSecTunnelHistEntry 24 } ipSecTunnelHistInDecompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the decompressed octets received counter (ipSecTunnelHistInDecompOctets) has wrapped." ::= { ipSecTunnelHistEntry 25 } ipSecTunnelHistOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number times the octets sent counter (ipSecTunnelHistOutOctets) has wrapped." ::= { ipSecTunnelHistEntry 26 } ipSecTunnelHistOutUncompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number times the uncompressed octets sent counter (ipSecTunnelHistOutUncompOctets) has wrapped." ::= { ipSecTunnelHistEntry 27 } -- ---------------------------------------------------------------------------- -- The IPSec Phase-2 Failure Table -- ---------------------------------------------------------------------------- ipSecFailTable OBJECT-TYPE SYNTAX SEQUENCE OF IpSecFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The IPSec Phase-2 Failure table." ::= { ipSecHistory 3 } ipSecFailEntry OBJECT-TYPE SYNTAX IpSecFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An IPSec Phase-2 Failure entry." INDEX { ipSecFailIndex } ::= { ipSecFailTable 1 } IpSecFailEntry ::= SEQUENCE { ipSecFailIndex INTEGER, ipSecFailReason INTEGER, ipSecFailTime TimeTicks, ipSecFailTunnelIndex INTEGER, ipSecFailTunnelId INTEGER, ipSecFailSaSpi INTEGER, ipSecFailPktSrcAddr IPSIpAddress, ipSecFailPktDstAddr IPSIpAddress } ipSecFailIndex OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the IPSec Phase-2 Failure table. The value of the index is a number which begins at one and is incremented with each failure that occurs. The value of this object will wrap at 65535." ::= { ipSecFailEntry 1 } ipSecFailReason OBJECT-TYPE SYNTAX INTEGER{ other(1), sendAuthentication(2), recvAuthentication(3), decryption(4), encryption(5), compression(6), decompression(7) } ACCESS read-only STATUS mandatory DESCRIPTION "The reason for the failure." ::= { ipSecFailEntry 2 } ipSecFailTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time of the failure in hundredths of seconds." ::= { ipSecFailEntry 3 } ipSecFailTunnelIndex OBJECT-TYPE SYNTAX INTEGER(0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The Phase-2 Tunnel index (ipSecTunnelIndex)." ::= { ipSecFailEntry 4 } ipSecFailTunnelId OBJECT-TYPE SYNTAX INTEGER(0..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The internal ID of the Phase-2 Tunnel." ::= { ipSecFailEntry 5 } ipSecFailSaSpi OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The security association SPI value." ::= { ipSecFailEntry 6 } ipSecFailPktSrcAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The packet's source IP address." ::= { ipSecFailEntry 7 } ipSecFailPktDstAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The packet's destination IP address." ::= { ipSecFailEntry 8 } -- ---------------------------------------------------------------------------- -- The IPSec TRAP Control Group -- -- This group of objects controls the sending of IPSec TRAPs. -- ---------------------------------------------------------------------------- ipSecTrapCntlIkeTunnelStart OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec IKE Phase-1 Tunnel Start TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 1 } ipSecTrapCntlIkeTunnelStop OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec IKE Phase-1 Tunnel Stop TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 2 } ipSecTrapCntlP2TunnelStart OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec Phase-2 Tunnel Start TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 3 } ipSecTrapCntlP2TunnelStop OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec Phase-2 Tunnel Stop TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 4 } ipSecTrapCntlAuthFail OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec Authentication Failure TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 5 } ipSecTrapCntlDecryptFail OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the IPSec Decryption Failure TRAP " DEFVAL { enabled } ::= { ipSecTrapCntl 6 } -- ---------------------------------------------------------------------------- -- The IPSec TRAP Group -- ---------------------------------------------------------------------------- ikeTunnelStart TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ikeTunnelIndex, ikeTunnelId } DESCRIPTION "This TRAP is generated when an IPsec IKE Phase-1 Tunnel is created." ::= 1 ikeTunnelStop TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ikeTunnelIndex, ikeTunnelId, ikeTunnelActiveTime } DESCRIPTION "This TRAP is generated when an IPsec IKE Phase-1 Tunnel is stopped." ::= 2 ipSecTunnelStart TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ipSecTunnelIndex, ipSecTunnelId } DESCRIPTION "This TRAP is generated when an IPsec Phase-2 Tunnel is created." ::= 3 ipSecTunnelStop TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ipSecTunnelIndex, ipSecTunnelId, ipSecTunnelActiveTime } DESCRIPTION "This TRAP is generated when an IPsec Phase-2 Tunnel is stopped." ::= 4 ipSecAuthFail TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ipSecTunnelIndex, ipSecTunnelId, ipSecFailTime, ipSecFailPktSrcAddr, ipSecFailPktDstAddr } DESCRIPTION "This TRAP is generated when a IPsec Phase-2 authenication failure is detected." ::= 5 ipSecDecryptFail TRAP-TYPE ENTERPRISE ibmIROCroutingIpSec VARIABLES { ipSecTunnelIndex, ipSecTunnelId, ipSecFailTime, ipSecFailPktSrcAddr, ipSecFailPktDstAddr } DESCRIPTION "This TRAP is generated when a IPsec Phase-2 decryption failure is detected." ::= 6 END