-- automatically generated by mosy 7.2 #162 (flowpnt), do not edit! -- Gimme a break.... sf IPsecT1-MIB DEFINITIONS ::= BEGIN IMPORTS TruthValue FROM RFC1253-MIB TRAP-TYPE FROM RFC-1215 DisplayString FROM RFC1213-MIB OBJECT-TYPE FROM RFC-1212 Counter, experimental FROM RFC1155-SMI TimeInterval, TimeStamp FROM SNMPv2-TC Gauge32, Counter64 FROM SNMPv2-SMI; -- created from ipsecMIB (9911040000Z) ipsecMIB OBJECT IDENTIFIER ::= { experimental 503 } IPSIpAddress ::= OCTET STRING IkePeerType ::= INTEGER { ipAddrPeer(1), namePeer(2) } IkeNegoMode ::= INTEGER { main(1), aggressive(2) } IkeHashAlgo ::= INTEGER { none(1), md5(2), sha(3) } IkeAuthMethod ::= INTEGER { none(1), preSharedKey(2), rsaSig(3), rsaEncrypt(4), revPublicKey(5) } DiffHellmanGrp ::= INTEGER { none(1), dhGroup1(2), dhGroup2(3) } KeyType ::= INTEGER { ike(1), manual(2) } EncapMode ::= INTEGER { tunnel(1), transport(2) } EncryptAlgo ::= INTEGER { none(1), des(2), des3(3) } AuthAlgo ::= INTEGER { none(1), hmacMd5(2), hmacSha(3) } CompAlgo ::= INTEGER { none(1), ldf(2) } EndPtType ::= INTEGER { singleIpAddr(1), ipAddrRange(2), ipSubnet(3) } TunnelStatus ::= INTEGER { active(1), destroy(2) } TrapStatus ::= INTEGER { enabled(1), disabled(2) } ipsecMIBObjects OBJECT IDENTIFIER ::= { ipsecMIB 1 } ipsecLevels OBJECT IDENTIFIER ::= { ipsecMIBObjects 1 } ipsecPhaseOne OBJECT IDENTIFIER ::= { ipsecMIBObjects 2 } ipsecPhaseTwo OBJECT IDENTIFIER ::= { ipsecMIBObjects 3 } ipsecHistory OBJECT IDENTIFIER ::= { ipsecMIBObjects 4 } ipsecFailures OBJECT IDENTIFIER ::= { ipsecMIBObjects 5 } ipsecTrapCntl OBJECT IDENTIFIER ::= { ipsecMIBObjects 6 } ipsecMibLevel OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The level of the ipsec MIB." ::= { ipsecLevels 1 } ikeGlobalStats OBJECT IDENTIFIER ::= { ipsecPhaseOne 1 } ikeGlobalActiveTunnels OBJECT-TYPE SYNTAX Gauge32 ACCESS read-only STATUS mandatory DESCRIPTION "The number of currently active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 1 } ikeGlobalPreviousTunnels OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 2 } ikeGlobalInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 3 } ikeGlobalInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 4 } ikeGlobalInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets which were dropped during receive processing by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 5 } ikeGlobalInNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys received by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 6 } ikeGlobalInP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 7 } ikeGlobalInP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges which were received and found to be invalid by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 8 } ikeGlobalInP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges which were received and rejected by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 9 } ikeGlobalInP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests received by all currently and previously active and ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 10 } ikeGlobalOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by all currently and previously active and ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 11 } ikeGlobalOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by all currently and previously active and ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 12 } ikeGlobalOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets which were dropped during send processing by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 13 } ikeGlobalOutNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys sent by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 14 } ikeGlobalOutP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges which were sent by all currently and previously active and ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 15 } ikeGlobalOutP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges which were sent and found to be invalid by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 16 } ikeGlobalOutP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges which were sent and rejected by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 17 } ikeGlobalOutP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests sent by all currently and previously active ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 18 } ikeGlobalInitTunnels OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-1 IKE Tunnels which were locally initiated." ::= { ikeGlobalStats 19 } ikeGlobalInitTunnelFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-1 IKE Tunnels which were locally initiated and failed to activate." ::= { ikeGlobalStats 20 } ikeGlobalRespTunnelFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-1 IKE Tunnels which were remotely initiated and failed to activate." ::= { ikeGlobalStats 21 } ikeGlobalSysCapFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of system capcity failures which occurred during processing of all current and previously active and ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 22 } ikeGlobalAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of authentications which ended in failure by all current and previous ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 23 } ikeGlobalDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of decryptions which ended in failure by all current and previous ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 24 } ikeGlobalHashValidFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of hash validations which ended in failure by all current and previous ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 25 } ikeGlobalNoSaFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of non-existent Security Assocication in failures which occurred during processing of all current and previous ipsec Phase-1 IKE Tunnels." ::= { ikeGlobalStats 26 } ikeTunnelTable OBJECT-TYPE SYNTAX SEQUENCE OF IkeTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-1 Internet Key Exchange Tunnel Table. There is one entry in this table for each active ipsec Phase-1 IKE Tunnel." ::= { ipsecPhaseOne 3 } ikeTunnelEntry OBJECT-TYPE SYNTAX IkeTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with an active ipsec Phase-1 IKE Tunnel." INDEX { ikeTunIndex } ::= { ikeTunnelTable 1 } IkeTunnelEntry ::= SEQUENCE { ikeTunIndex INTEGER (-2147483648..2147483647), ikeTunLocalType IkePeerType, ikeTunLocalValue DisplayString, ikeTunLocalAddr IPSIpAddress, ikeTunLocalName DisplayString, ikeTunRemoteType IkePeerType, ikeTunRemoteValue DisplayString, ikeTunRemoteAddr IPSIpAddress, ikeTunRemoteName DisplayString, ikeTunNegoMode IkeNegoMode, ikeTunDiffHellmanGrp DiffHellmanGrp, ikeTunEncryptAlgo EncryptAlgo, ikeTunHashAlgo IkeHashAlgo, ikeTunAuthMethod IkeAuthMethod, ikeTunLifeTime INTEGER (-2147483648..2147483647), ikeTunActiveTime TimeInterval, ikeTunSaRefreshThreshold INTEGER (-2147483648..2147483647), ikeTunTotalRefreshes Counter, ikeTunInOctets Counter, ikeTunInPkts Counter, ikeTunInDropPkts Counter, ikeTunInNotifys Counter, ikeTunInP2Exchgs Counter, ikeTunInP2ExchgInvalids Counter, ikeTunInP2ExchgRejects Counter, ikeTunInP2SaDelRequests Counter, ikeTunOutOctets Counter, ikeTunOutPkts Counter, ikeTunOutDropPkts Counter, ikeTunOutNotifys Counter, ikeTunOutP2Exchgs Counter, ikeTunOutP2ExchgInvalids Counter, ikeTunOutP2ExchgRejects Counter, ikeTunOutP2SaDelRequests Counter, ikeTunStatus TunnelStatus } ikeTunIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The index of the ipsec Phase-1 IKE Tunnel Table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647." ::= { ikeTunnelEntry 1 } ikeTunLocalType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of local peer identity. The local peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeTunnelEntry 2 } ikeTunLocalValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the local peer identity. If the local peer type is an IP Address, then this is the IP Address used to identify the local peer. If the local peer type is a host name, then this is the host name used to identify the local peer." ::= { ikeTunnelEntry 3 } ikeTunLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the local endpoint for the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 4 } ikeTunLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the local IP address for the ipsec Phase-1 IKE Tunnel. If the DNS name associated with the local tunnel endpoint is not known, then the value of this object will be a NULL string." ::= { ikeTunnelEntry 5 } ikeTunRemoteType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of remote peer identity. The remote peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeTunnelEntry 6 } ikeTunRemoteValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer. If the remote peer type is a host name, then this is the host name used to identify the remote peer." ::= { ikeTunnelEntry 7 } ikeTunRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the remote endpoint for the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 8 } ikeTunRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the remote IP address of ipsec Phase-1 IKE Tunnel. If the DNS name associated with the remote tunnel endpoint is not known, then the value of this object will be a NULL string." ::= { ikeTunnelEntry 9 } ikeTunNegoMode OBJECT-TYPE SYNTAX IkeNegoMode ACCESS read-only STATUS mandatory DESCRIPTION "The negotiation mode of the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 10 } ikeTunDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelEntry 11 } ikeTunEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelEntry 12 } ikeTunHashAlgo OBJECT-TYPE SYNTAX IkeHashAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The hash algorithm used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelEntry 13 } ikeTunAuthMethod OBJECT-TYPE SYNTAX IkeAuthMethod ACCESS read-only STATUS mandatory DESCRIPTION "The authentication method used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelEntry 14 } ikeTunLifeTime OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeTime of the ipsec Phase-1 IKE Tunnel in seconds." ::= { ikeTunnelEntry 15 } ikeTunActiveTime OBJECT-TYPE SYNTAX TimeInterval ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the ipsec Phase-1 IKE tunnel has been active in hundredths of seconds." ::= { ikeTunnelEntry 16 } ikeTunSaRefreshThreshold OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The security assoication refresh threshold in seconds." ::= { ikeTunnelEntry 17 } ikeTunTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations refreshes performed." ::= { ikeTunnelEntry 18 } ikeTunInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 19 } ikeTunInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 20 } ikeTunInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this ipsec Phase-1 IKE Tunnel during receive processing." ::= { ikeTunnelEntry 21 } ikeTunInNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 22 } ikeTunInP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 23 } ikeTunInP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received and found to be invalid by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 24 } ikeTunInP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received and rejected by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 25 } ikeTunInP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 26 } ikeTunOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 27 } ikeTunOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 28 } ikeTunOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this ipsec Phase-1 IKE Tunnel during send processing." ::= { ikeTunnelEntry 29 } ikeTunOutNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 30 } ikeTunOutP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 31 } ikeTunOutP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent and found to be invalid by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 32 } ikeTunOutP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent and rejected by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 33 } ikeTunOutP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelEntry 34 } ikeTunStatus OBJECT-TYPE SYNTAX TunnelStatus ACCESS read-write STATUS mandatory DESCRIPTION "The status of the MIB table row. This object can be used to bring the tunnel down by setting value of this object to destroy(2). This object cannot be used to create a MIB table row." ::= { ikeTunnelEntry 35 } ikePeerCorrTable OBJECT-TYPE SYNTAX SEQUENCE OF IkePeerCorrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-1 Internet Key Exchange Peer Association to ipsec Phase-2 Tunnel Correlation Table. There is one entry in this table for each active ipsec Phase-2 Tunnel." ::= { ipsecPhaseOne 4 } ikePeerCorrEntry OBJECT-TYPE SYNTAX IkePeerCorrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes of an an ipsec Phase-1 IKE Peer Association to ipsec Phase-2 Tunnel Correlation." INDEX { ikePeerCorrLocalType, ikePeerCorrLocalValue, ikePeerCorrRemoteType, ikePeerCorrRemoteValue, ikePeerCorrIntIndex, ikePeerCorrSeqNum } ::= { ikePeerCorrTable 1 } IkePeerCorrEntry ::= SEQUENCE { ikePeerCorrLocalType IkePeerType, ikePeerCorrLocalValue DisplayString, ikePeerCorrRemoteType IkePeerType, ikePeerCorrRemoteValue DisplayString, ikePeerCorrIntIndex INTEGER (-2147483648..2147483647), ikePeerCorrSeqNum INTEGER (-2147483648..2147483647), ikePeerCorripsecTunIndex INTEGER (-2147483648..2147483647) } ikePeerCorrLocalType OBJECT-TYPE SYNTAX IkePeerType ACCESS not-accessible STATUS mandatory DESCRIPTION "The type of local peer identity. The local peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikePeerCorrEntry 1 } ikePeerCorrLocalValue OBJECT-TYPE SYNTAX DisplayString ACCESS not-accessible STATUS mandatory DESCRIPTION "The value of the local peer identity. If the local peer type is an IP Address, then this is the IP Address used to identify the local peer. If the local peer type is a host name, then this is the host name used to identify the local peer." ::= { ikePeerCorrEntry 2 } ikePeerCorrRemoteType OBJECT-TYPE SYNTAX IkePeerType ACCESS not-accessible STATUS mandatory DESCRIPTION "The type of remote peer identity. The remote peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikePeerCorrEntry 3 } ikePeerCorrRemoteValue OBJECT-TYPE SYNTAX DisplayString ACCESS not-accessible STATUS mandatory DESCRIPTION "The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer. If the remote peer type is a host name, then this is the host name used to identify the remote peer." ::= { ikePeerCorrEntry 4 } ikePeerCorrIntIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The internal index of the local-remote peer association. This internal index is used to uniquely identify multiple associations between the local and remote peer." ::= { ikePeerCorrEntry 5 } ikePeerCorrSeqNum OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The sequence number of the local-remote peer association. This sequence number is used to uniquely identify multiple instances of an unique association between the local and remote peer." ::= { ikePeerCorrEntry 6 } ikePeerCorripsecTunIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the active ipsec Phase-2 Tunnel (ipsecTunIndex in the ipsecTunnelTable) for this ipsec Phase-1 IKE Peer Association." ::= { ikePeerCorrEntry 7 } ipsecGlobalStats OBJECT IDENTIFIER ::= { ipsecPhaseTwo 1 } ipsecGlobalActiveTunnels OBJECT-TYPE SYNTAX Gauge32 ACCESS read-only STATUS mandatory DESCRIPTION "The total number of currently active ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 1 } ipsecGlobalPreviousTunnels OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of previously active ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 2 } ipsecGlobalInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by all current and previous ipsec Phase-2 Tunnels. This value is accumulated BEFORE determining whether or not the packet should be decompressed. See also ipsecGlobalInOctWraps for the number of times this counter has wrapped." ::= { ipsecGlobalStats 3 } ipsecGlobalInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the global octets received counter (ipsecGlobalInOctets) has wrapped." ::= { ipsecGlobalStats 5 } ipsecGlobalInDecompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of decompressed octets received by all current and previous ipsec Phase-2 Tunnels. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ipsecGlobalInOctets. See also ipsecGlobalInDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecGlobalStats 6 } ipsecGlobalInDecompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the global decompressed octets received counter (ipsecGlobalInDecompOctets) has wrapped." ::= { ipsecGlobalStats 8 } ipsecGlobalInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 9 } ipsecGlobalInDrops OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing by all current and previous ipsec Phase-2 Tunnels. This count does NOT include packets dropped due to Anti-Replay processing." ::= { ipsecGlobalStats 10 } ipsecGlobalInReplayDrops OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing due to Anti-Replay processing by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 11 } ipsecGlobalInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 12 } ipsecGlobalInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's which ended in failure by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 13 } ipsecGlobalInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 14 } ipsecGlobalInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's which ended in failure by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 15 } ipsecGlobalOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by all current and previous ipsec Phase-2 Tunnels. This value is accumulated AFTER determining whether or not the packet should be compressed. See also ipsecGlobalOutOctWraps for the number of times this counter has wrapped." ::= { ipsecGlobalStats 16 } ipsecGlobalOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the global octets sent counter (ipsecGlobalOutOctets) has wrapped." ::= { ipsecGlobalStats 18 } ipsecGlobalOutUncompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of uncompressed octets sent by all current and previous ipsec Phase-2 Tunnels. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ipsecGlobalOutOctets. See also ipsecGlobalOutDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecGlobalStats 19 } ipsecGlobalOutUncompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the global uncompressed octets sent counter (ipsecGlobalInUncompOctets) has wrapped." ::= { ipsecGlobalStats 21 } ipsecGlobalOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 22 } ipsecGlobalOutDrops OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during send processing by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 23 } ipsecGlobalOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 24 } ipsecGlobalOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's which ended in failure by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 25 } ipsecGlobalOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 26 } ipsecGlobalOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's which ended in failure by all current and previous ipsec Phase-2 Tunnels." ::= { ipsecGlobalStats 27 } ipsecGlobalProtocolUseFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of protocol use failures which occurred during processing of all current and previously active and ipsec Phase-2 Tunnels." ::= { ikeGlobalStats 28 } ipsecGlobalNoSaFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of non-existent Security Assocication in failures which occurred during processing of all current and previous ipsec Phase-2 Tunnels." ::= { ikeGlobalStats 29 } ipsecGlobalSysCapFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of system capcity failures which occurred during processing of all current and previously active and ipsec Phase-2 Tunnels." ::= { ikeGlobalStats 30 } ipsecTunnelTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Tunnel Table. There is one entry in this table for each active ipsec Phase-2 Tunnel." ::= { ipsecPhaseTwo 2 } ipsecTunnelEntry OBJECT-TYPE SYNTAX IpsecTunnelEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with an active ipsec Phase-2 Tunnel." INDEX { ipsecTunIndex } ::= { ipsecTunnelTable 1 } IpsecTunnelEntry ::= SEQUENCE { ipsecTunIndex INTEGER (-2147483648..2147483647), ipsecTunIkeTunnelIndex INTEGER (-2147483648..2147483647), ipsecTunIkeTunnelAlive TruthValue, ipsecTunLocalAddr IPSIpAddress, ipsecTunRemoteAddr IPSIpAddress, ipsecTunKeyType KeyType, ipsecTunEncapMode EncapMode, ipsecTunLifeSize INTEGER (-2147483648..2147483647), ipsecTunLifeTime INTEGER (-2147483648..2147483647), ipsecTunActiveTime TimeInterval, ipsecTunSaLifeSizeThreshold INTEGER (-2147483648..2147483647), ipsecTunSaLifeTimeThreshold INTEGER (-2147483648..2147483647), ipsecTunTotalRefreshes Counter, ipsecTunExpiredSaInstances Counter, ipsecTunCurrentSaInstances Gauge32, ipsecTunInSaDiffHellmanGrp DiffHellmanGrp, ipsecTunInSaEncryptAlgo EncryptAlgo, ipsecTunInSaAhAuthAlgo AuthAlgo, ipsecTunInSaEspAuthAlgo AuthAlgo, ipsecTunInSaDecompAlgo CompAlgo, ipsecTunOutSaDiffHellmanGrp DiffHellmanGrp, ipsecTunOutSaEncryptAlgo EncryptAlgo, ipsecTunOutSaAhAuthAlgo AuthAlgo, ipsecTunOutSaEspAuthAlgo AuthAlgo, ipsecTunOutSaCompAlgo CompAlgo, ipsecTunInOctets Counter, ipsecTunInOctWraps Counter, ipsecTunInDecompOctets Counter, ipsecTunInDecompOctWraps Counter, ipsecTunInPkts Counter, ipsecTunInDropPkts Counter, ipsecTunInReplayDropPkts Counter, ipsecTunInAuths Counter, ipsecTunInAuthFails Counter, ipsecTunInDecrypts Counter, ipsecTunInDecryptFails Counter, ipsecTunOutOctets Counter, ipsecTunOutOctWraps Counter, ipsecTunOutUncompOctets Counter, ipsecTunOutUncompOctWraps Counter, ipsecTunOutPkts Counter, ipsecTunOutDropPkts Counter, ipsecTunOutAuths Counter, ipsecTunOutAuthFails Counter, ipsecTunOutEncrypts Counter, ipsecTunOutEncryptFails Counter, ipsecTunStatus TunnelStatus } ipsecTunIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The index of the ipsec Phase-2 Tunnel Table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647." ::= { ipsecTunnelEntry 1 } ipsecTunIkeTunnelIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the associated ipsec Phase-1 IKE Tunnel. (ikeTunIndex in the ikeTunnelTable)" ::= { ipsecTunnelEntry 2 } ipsecTunIkeTunnelAlive OBJECT-TYPE SYNTAX TruthValue ACCESS read-only STATUS mandatory DESCRIPTION "An indicator which specifies whether or not the ipsec Phase-1 IKE Tunnel currently exists." ::= { ipsecTunnelEntry 3 } ipsecTunLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the local endpoint for the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 4 } ipsecTunRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the remote endpoint for the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 5 } ipsecTunKeyType OBJECT-TYPE SYNTAX KeyType ACCESS read-only STATUS mandatory DESCRIPTION "The type of key used by the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 6 } ipsecTunEncapMode OBJECT-TYPE SYNTAX EncapMode ACCESS read-only STATUS mandatory DESCRIPTION "The encapsulation mode used by the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 7 } ipsecTunLifeSize OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeSize of the ipsec Phase-2 Tunnel in kilobytes." ::= { ipsecTunnelEntry 8 } ipsecTunLifeTime OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeTime of the ipsec Phase-2 Tunnel in seconds." ::= { ipsecTunnelEntry 9 } ipsecTunActiveTime OBJECT-TYPE SYNTAX TimeInterval ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the ipsec Phase-2 Tunnel has been active in hundredths of seconds." ::= { ipsecTunnelEntry 10 } ipsecTunSaLifeSizeThreshold OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The security association LifeSize refresh threshold in kilobytes." ::= { ipsecTunnelEntry 11 } ipsecTunSaLifeTimeThreshold OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The security association LifeTime refresh threshold in seconds." ::= { ipsecTunnelEntry 12 } ipsecTunTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security association refreshes performed." ::= { ipsecTunnelEntry 13 } ipsecTunExpiredSaInstances OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations which have expired." ::= { ipsecTunnelEntry 14 } ipsecTunCurrentSaInstances OBJECT-TYPE SYNTAX Gauge32 ACCESS read-only STATUS mandatory DESCRIPTION "The number of security associations which are currently active or expiring." ::= { ipsecTunnelEntry 15 } ipsecTunInSaDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 16 } ipsecTunInSaEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 17 } ipsecTunInSaAhAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound authentication header (AH) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 18 } ipsecTunInSaEspAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 19 } ipsecTunInSaDecompAlgo OBJECT-TYPE SYNTAX CompAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The decompression algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 20 } ipsecTunOutSaDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used by the outbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 21 } ipsecTunOutSaEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used by the outbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 22 } ipsecTunOutSaAhAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the outbound authentication header (AH) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 23 } ipsecTunOutSaEspAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 24 } ipsecTunOutSaCompAlgo OBJECT-TYPE SYNTAX CompAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The compression algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 25 } ipsecTunInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by this ipsec Phase-2 Tunnel. This value is accumulated BEFORE determining whether or not the packet should be decompressed. See also ipsecTunInOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelEntry 26 } ipsecTunInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets received counter (ipsecTunInOctets) has wrapped." ::= { ipsecTunnelEntry 28 } ipsecTunInDecompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of decompressed octets received by this ipsec Phase-2 Tunnel. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ipsecTunInOctets. See also ipsecTunInDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelEntry 29 } ipsecTunInDecompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the decompressed octets received counter (ipsecTunInDecompOctets) has wrapped." ::= { ipsecTunnelEntry 31 } ipsecTunInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 32 } ipsecTunInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing by this ipsec Phase-2 Tunnel. This count does NOT include packets dropped due to Anti-Replay processing." ::= { ipsecTunnelEntry 33 } ipsecTunInReplayDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing due to Anti-Replay processing by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 34 } ipsecTunInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 35 } ipsecTunInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's which ended in failure by this ipsec Phase-2 Tunnel ." ::= { ipsecTunnelEntry 36 } ipsecTunInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 37 } ipsecTunInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 38 } ipsecTunOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by this ipsec Phase-2 Tunnel. This value is accumulated AFTER determining whether or not the packet should be compressed. See also ipsecTunOutOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelEntry 39 } ipsecTunOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets sent counter (ipsecTunOutOctets) has wrapped." ::= { ipsecTunnelEntry 41 } ipsecTunOutUncompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of uncompressed octets sent by this ipsec Phase-2 Tunnel. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ipsecTunOutOctets. See also ipsecTunOutDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelEntry 42 } ipsecTunOutUncompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the uncompressed octets sent counter (ipsecTunInUncompOctets) has wrapped." ::= { ipsecTunnelEntry 44 } ipsecTunOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 45 } ipsecTunOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during send processing by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 46 } ipsecTunOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 47 } ipsecTunOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 48 } ipsecTunOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 49 } ipsecTunOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelEntry 50 } ipsecTunStatus OBJECT-TYPE SYNTAX TunnelStatus ACCESS read-write STATUS mandatory DESCRIPTION "The status of the MIB table row. This object can be used to bring the tunnel down by setting value of this object to destroy(2). This object cannot be used to create a MIB table row." ::= { ipsecTunnelEntry 51 } ipsecEndPtTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecEndPtEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Tunnel Endpoint Table. This table contains an entry for each active endpoint associated with an ipsec Phase-2 Tunnel." ::= { ipsecPhaseTwo 3 } ipsecEndPtEntry OBJECT-TYPE SYNTAX IpsecEndPtEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An ipsec Phase-2 Tunnel Endpoint entry." INDEX { ipsecTunIndex, ipsecEndPtIndex } ::= { ipsecEndPtTable 1 } IpsecEndPtEntry ::= SEQUENCE { ipsecEndPtIndex INTEGER (-2147483648..2147483647), ipsecEndPtLocalName DisplayString, ipsecEndPtLocalType EndPtType, ipsecEndPtLocalAddr1 IPSIpAddress, ipsecEndPtLocalAddr2 IPSIpAddress, ipsecEndPtLocalProtocol INTEGER (-2147483648..2147483647), ipsecEndPtLocalPort INTEGER (-2147483648..2147483647), ipsecEndPtRemoteName DisplayString, ipsecEndPtRemoteType EndPtType, ipsecEndPtRemoteAddr1 IPSIpAddress, ipsecEndPtRemoteAddr2 IPSIpAddress, ipsecEndPtRemoteProtocol INTEGER (-2147483648..2147483647), ipsecEndPtRemotePort INTEGER (-2147483648..2147483647) } ipsecEndPtIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The number of the Endpoint associated with the ipsec Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each Endpoint associated with an ipsec Phase-2 Tunnel. The value of this object will wrap at 2,147,483,647." ::= { ipsecEndPtEntry 1 } ipsecEndPtLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the local Endpoint." ::= { ipsecEndPtEntry 2 } ipsecEndPtLocalType OBJECT-TYPE SYNTAX EndPtType ACCESS read-only STATUS mandatory DESCRIPTION "The type of identity for the local Endpoint. Possible values are: 1) a single IP address, or 2) an IP address range, or 3) an IP subnet." ::= { ipsecEndPtEntry 3 } ipsecEndPtLocalAddr1 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local Endpoint's first IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet. If the local Endpoint type is IP address range, then this is the value of beginning IP address of the range." ::= { ipsecEndPtEntry 4 } ipsecEndPtLocalAddr2 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local Endpoint's second IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet mask. If the local Endpoint type is IP address range, then this is the value of ending IP address of the range." ::= { ipsecEndPtEntry 5 } ipsecEndPtLocalProtocol OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The protocol number of the local Endpoint's traffic." ::= { ipsecEndPtEntry 6 } ipsecEndPtLocalPort OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The port number of the local Endpoint's traffic." ::= { ipsecEndPtEntry 7 } ipsecEndPtRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the remote Endpoint." ::= { ipsecEndPtEntry 8 } ipsecEndPtRemoteType OBJECT-TYPE SYNTAX EndPtType ACCESS read-only STATUS mandatory DESCRIPTION "The type of identity for the remote Endpoint. Possible values are: 1) a single IP address, or 2) an IP address range, or 3) an IP subnet." ::= { ipsecEndPtEntry 9 } ipsecEndPtRemoteAddr1 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote Endpoint's first IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet. If the remote Endpoint type is IP address range, then this is the value of beginning IP address of the range." ::= { ipsecEndPtEntry 10 } ipsecEndPtRemoteAddr2 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote Endpoint's second IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet mask. If the remote Endpoint type is IP address range, then this is the value of ending IP address of the range." ::= { ipsecEndPtEntry 11 } ipsecEndPtRemoteProtocol OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The protocol number of the remote Endpoint's traffic." ::= { ipsecEndPtEntry 12 } ipsecEndPtRemotePort OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The port number of the remote Endpoint's traffic." ::= { ipsecEndPtEntry 13 } ipsecSpiTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecSpiEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Security Protection Index Table. This table contains an entry for each active and expiring security association." ::= { ipsecPhaseTwo 4 } ipsecSpiEntry OBJECT-TYPE SYNTAX IpsecSpiEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with active and expiring ipsec Phase-2 security associations." INDEX { ipsecTunIndex, ipsecSpiIndex } ::= { ipsecSpiTable 1 } IpsecSpiEntry ::= SEQUENCE { ipsecSpiIndex INTEGER (-2147483648..2147483647), ipsecSpiDirection INTEGER, ipsecSpiValue INTEGER (-2147483648..2147483647), ipsecSpiProtocol INTEGER, ipsecSpiStatus INTEGER } ipsecSpiIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The number of the SPI associated with the Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each SPI associated with an ipsec Phase-2 Tunnel. The value of this object will wrap at 2,147,483,647." ::= { ipsecSpiEntry 1 } ipsecSpiDirection OBJECT-TYPE SYNTAX INTEGER { in(1), out(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The direction of the SPI." ::= { ipsecSpiEntry 2 } ipsecSpiValue OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The value of the SPI." ::= { ipsecSpiEntry 3 } ipsecSpiProtocol OBJECT-TYPE SYNTAX INTEGER { ah(1), esp(2), ipcomp(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The protocol of the SPI." ::= { ipsecSpiEntry 4 } ipsecSpiStatus OBJECT-TYPE SYNTAX INTEGER { active(1), expiring(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The status of the SPI." ::= { ipsecSpiEntry 5 } ipsecHistGlobal OBJECT IDENTIFIER ::= { ipsecHistory 1 } ipsecHistPhaseOne OBJECT IDENTIFIER ::= { ipsecHistory 2 } ipsecHistPhaseTwo OBJECT IDENTIFIER ::= { ipsecHistory 3 } ipsecHistGlobalCntl OBJECT IDENTIFIER ::= { ipsecHistGlobal 1 } ipsecHistTableSize OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-write STATUS mandatory DESCRIPTION "The window size of the ipsec Phase-1 and Phase-2 History Tables. The ipsec Phase-1 and Phase-2 History Tables are implemented as a sliding window in which only the last n entries are maintained. This object is used specify the number of entries which will be maintained in the ipsec Phase-1 and Phase-2 History Tables. When modified by an SNMP SET request, the device will set the value of this object as close as possible to the requested value based on the implementation and available resources." ::= { ipsecHistGlobalCntl 1 } ikeTunnelHistTable OBJECT-TYPE SYNTAX SEQUENCE OF IkeTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-1 Internet Key Exchange Tunnel History Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ipsecHistTableSize object." ::= { ipsecHistPhaseOne 1 } ikeTunnelHistEntry OBJECT-TYPE SYNTAX IkeTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with a previously active ipsec Phase-1 IKE Tunnel." INDEX { ikeTunHistIndex } ::= { ikeTunnelHistTable 1 } IkeTunnelHistEntry ::= SEQUENCE { ikeTunHistIndex INTEGER (-2147483648..2147483647), ikeTunHistTermReason INTEGER, ikeTunHistActiveIndex INTEGER (-2147483648..2147483647), ikeTunHistPeerLocalType IkePeerType, ikeTunHistPeerLocalValue DisplayString, ikeTunHistPeerIntIndex INTEGER (-2147483648..2147483647), ikeTunHistPeerRemoteType IkePeerType, ikeTunHistPeerRemoteValue DisplayString, ikeTunHistLocalAddr IPSIpAddress, ikeTunHistLocalName DisplayString, ikeTunHistRemoteAddr IPSIpAddress, ikeTunHistRemoteName DisplayString, ikeTunHistNegoMode IkeNegoMode, ikeTunHistDiffHellmanGrp DiffHellmanGrp, ikeTunHistEncryptAlgo EncryptAlgo, ikeTunHistHashAlgo IkeHashAlgo, ikeTunHistAuthMethod IkeAuthMethod, ikeTunHistLifeTime INTEGER (-2147483648..2147483647), ikeTunHistStartTime TimeStamp, ikeTunHistActiveTime TimeInterval, ikeTunHistTotalRefreshes Counter, ikeTunHistTotalSas Counter, ikeTunHistInOctets Counter, ikeTunHistInPkts Counter, ikeTunHistInDropPkts Counter, ikeTunHistInNotifys Counter, ikeTunHistInP2Exchgs Counter, ikeTunHistInP2ExchgInvalids Counter, ikeTunHistInP2ExchgRejects Counter, ikeTunHistInP2SaDelRequests Counter, ikeTunHistOutOctets Counter, ikeTunHistOutPkts Counter, ikeTunHistOutDropPkts Counter, ikeTunHistOutNotifys Counter, ikeTunHistOutP2Exchgs Counter, ikeTunHistOutP2ExchgInvalids Counter, ikeTunHistOutP2ExchgRejects Counter, ikeTunHistOutP2SaDelRequests Counter } ikeTunHistIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The index of the ipsec Phase-1 IKE Tunnel History Table. The value of the index is a number which begins at one and is incremented with each tunnel that ends. The value of this object will wrap at 2,147,483,647." ::= { ikeTunnelHistEntry 1 } ikeTunHistTermReason OBJECT-TYPE SYNTAX INTEGER { other(1), normal(2), operRequest(3), peerDelRequest(4), peerLost(5), seqNumRollOver(6), localFailure(7) } ACCESS read-only STATUS mandatory DESCRIPTION "The reason the ipsec Phase-1 IKE Tunnel was terminated. Possible reasons include: 1 = other 2 = normal termination 3 = operator request 4 = peer delete request was received 5 = contact with peer was lost 6 = sequence number rolled over 7 = local failure occurred." ::= { ikeTunnelHistEntry 2 } ikeTunHistActiveIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the previously active ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 3 } ikeTunHistPeerLocalType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of local peer identity. The local peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeTunnelHistEntry 4 } ikeTunHistPeerLocalValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the local peer identity. If the local peer type is an IP Address, then this is the IP Address used to identify the local peer. If the local peer type is a host name, then this is the host name used to identify the local peer." ::= { ikeTunnelHistEntry 5 } ikeTunHistPeerIntIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The internal index of the local-remote peer association. This internal index is used to uniquely identify multiple associations between the local and remote peer." ::= { ikeTunnelHistEntry 6 } ikeTunHistPeerRemoteType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of remote peer identity. The remote peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeTunnelHistEntry 7 } ikeTunHistPeerRemoteValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer. If the remote peer type is a host name, then this is the host name used to identify the remote peer." ::= { ikeTunnelHistEntry 8 } ikeTunHistLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the local endpoint for the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 9 } ikeTunHistLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the local IP address for the ipsec Phase-1 IKE Tunnel. If the DNS name associated with the local tunnel endpoint is not known, then the value of this object will be a NULL string." ::= { ikeTunnelHistEntry 10 } ikeTunHistRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the remote endpoint for the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 11 } ikeTunHistRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the remote IP address of ipsec Phase-1 IKE Tunnel. If the DNS name associated with the remote tunnel endpoint is not known, then the value of this object will be a NULL string." ::= { ikeTunnelHistEntry 12 } ikeTunHistNegoMode OBJECT-TYPE SYNTAX IkeNegoMode ACCESS read-only STATUS mandatory DESCRIPTION "The negotiation mode of the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 13 } ikeTunHistDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelHistEntry 14 } ikeTunHistEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelHistEntry 15 } ikeTunHistHashAlgo OBJECT-TYPE SYNTAX IkeHashAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The hash algorithm used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelHistEntry 16 } ikeTunHistAuthMethod OBJECT-TYPE SYNTAX IkeAuthMethod ACCESS read-only STATUS mandatory DESCRIPTION "The authentication method used in ipsec Phase-1 IKE negotiations." ::= { ikeTunnelHistEntry 17 } ikeTunHistLifeTime OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeTime of the ipsec Phase-1 IKE Tunnel in seconds." ::= { ikeTunnelHistEntry 18 } ikeTunHistStartTime OBJECT-TYPE SYNTAX TimeStamp ACCESS read-only STATUS mandatory DESCRIPTION "The time when the ipsec Phase-1 IKE tunnel was started in hundredths of seconds." ::= { ikeTunnelHistEntry 19 } ikeTunHistActiveTime OBJECT-TYPE SYNTAX TimeInterval ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the ipsec Phase-1 IKE tunnel was been active in hundredths of seconds." ::= { ikeTunnelHistEntry 20 } ikeTunHistTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations refreshes performed." ::= { ikeTunnelHistEntry 21 } ikeTunHistTotalSas OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations used during the life of the ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 22 } ikeTunHistInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 23 } ikeTunHistInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 24 } ikeTunHistInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this ipsec Phase-1 IKE Tunnel during receive processing." ::= { ikeTunnelHistEntry 25 } ikeTunHistInNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 26 } ikeTunHistInP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 27 } ikeTunHistInP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received and found to be invalid by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 28 } ikeTunHistInP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges received and rejected by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 29 } ikeTunHistInP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests received by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 30 } ikeTunHistOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 31 } ikeTunHistOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 32 } ikeTunHistOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped by this ipsec Phase-1 IKE Tunnel during send processing." ::= { ikeTunnelHistEntry 33 } ikeTunHistOutNotifys OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of notifys sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 34 } ikeTunHistOutP2Exchgs OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 35 } ikeTunHistOutP2ExchgInvalids OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent and found to be invalid by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 36 } ikeTunHistOutP2ExchgRejects OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 exchanges sent and rejected by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 37 } ikeTunHistOutP2SaDelRequests OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of ipsec Phase-2 security association delete requests sent by this ipsec Phase-1 IKE Tunnel." ::= { ikeTunnelHistEntry 38 } ipsecTunnelHistTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Tunnel History Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ipsecHistTableSize object." ::= { ipsecHistPhaseTwo 1 } ipsecTunnelHistEntry OBJECT-TYPE SYNTAX IpsecTunnelHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with a previously active ipsec Phase-2 Tunnel." INDEX { ipsecTunHistIndex } ::= { ipsecTunnelHistTable 1 } IpsecTunnelHistEntry ::= SEQUENCE { ipsecTunHistIndex INTEGER (-2147483648..2147483647), ipsecTunHistTermReason INTEGER, ipsecTunHistActiveIndex INTEGER (-2147483648..2147483647), ipsecTunHistIkeTunnelIndex INTEGER (-2147483648..2147483647), ipsecTunHistLocalAddr IPSIpAddress, ipsecTunHistRemoteAddr IPSIpAddress, ipsecTunHistKeyType KeyType, ipsecTunHistEncapMode EncapMode, ipsecTunHistLifeSize INTEGER (-2147483648..2147483647), ipsecTunHistLifeTime INTEGER (-2147483648..2147483647), ipsecTunHistStartTime TimeStamp, ipsecTunHistActiveTime TimeInterval, ipsecTunHistTotalRefreshes Counter, ipsecTunHistTotalSas Counter, ipsecTunHistInSaDiffHellmanGrp DiffHellmanGrp, ipsecTunHistInSaEncryptAlgo EncryptAlgo, ipsecTunHistInSaAhAuthAlgo AuthAlgo, ipsecTunHistInSaEspAuthAlgo AuthAlgo, ipsecTunHistInSaDecompAlgo CompAlgo, ipsecTunHistOutSaDiffHellmanGrp DiffHellmanGrp, ipsecTunHistOutSaEncryptAlgo EncryptAlgo, ipsecTunHistOutSaAhAuthAlgo AuthAlgo, ipsecTunHistOutSaEspAuthAlgo AuthAlgo, ipsecTunHistOutSaCompAlgo CompAlgo, ipsecTunHistInOctets Counter, ipsecTunHistInOctWraps Counter, ipsecTunHistInDecompOctets Counter, ipsecTunHistInDecompOctWraps Counter, ipsecTunHistInPkts Counter, ipsecTunHistInReplayDropPkts Counter, ipsecTunHistInDropPkts Counter, ipsecTunHistInAuths Counter, ipsecTunHistInAuthFails Counter, ipsecTunHistInDecrypts Counter, ipsecTunHistInDecryptFails Counter, ipsecTunHistOutOctets Counter, ipsecTunHistOutOctWraps Counter, ipsecTunHistOutUncompOctets Counter, ipsecTunHistOutUncompOctWraps Counter, ipsecTunHistOutPkts Counter, ipsecTunHistOutDropPkts Counter, ipsecTunHistOutAuths Counter, ipsecTunHistOutAuthFails Counter, ipsecTunHistOutEncrypts Counter, ipsecTunHistOutEncryptFails Counter } ipsecTunHistIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The index of the ipsec Phase-2 Tunnel History Table. The value of the index is a number which begins at one and is incremented with each tunnel that ends. The value of this object will wrap at 2,147,483,647." ::= { ipsecTunnelHistEntry 1 } ipsecTunHistTermReason OBJECT-TYPE SYNTAX INTEGER { other(1), normal(2), operRequest(3), peerDelRequest(4), peerLost(5), seqNumRollOver(6) } ACCESS read-only STATUS mandatory DESCRIPTION "The reason the ipsec Phase-2 Tunnel was terminated. Possible reasons include: 1 = other 2 = normal termination 3 = operator request 4 = peer delete request was received 5 = contact with peer was lost 6 = local failure occurred 7 = sequence number rolled over." ::= { ipsecTunnelHistEntry 2 } ipsecTunHistActiveIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the previously active ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 3 } ipsecTunHistIkeTunnelIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the associated ipsec Phase-1 Tunnel (ikeTunIndex in the ikeTunnelTable)." ::= { ipsecTunnelHistEntry 4 } ipsecTunHistLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the local endpoint for the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 5 } ipsecTunHistRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the remote endpoint for the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 6 } ipsecTunHistKeyType OBJECT-TYPE SYNTAX KeyType ACCESS read-only STATUS mandatory DESCRIPTION "The type of key used by the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 7 } ipsecTunHistEncapMode OBJECT-TYPE SYNTAX EncapMode ACCESS read-only STATUS mandatory DESCRIPTION "The encapsulation mode used by the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 8 } ipsecTunHistLifeSize OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeSize of the ipsec Phase-2 Tunnel in kilobytes." ::= { ipsecTunnelHistEntry 9 } ipsecTunHistLifeTime OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The negotiated LifeTime of the ipsec Phase-2 Tunnel in seconds." ::= { ipsecTunnelHistEntry 10 } ipsecTunHistStartTime OBJECT-TYPE SYNTAX TimeStamp ACCESS read-only STATUS mandatory DESCRIPTION "The time when the ipsec Phase-2 Tunnel was started in hundredths of seconds." ::= { ipsecTunnelHistEntry 11 } ipsecTunHistActiveTime OBJECT-TYPE SYNTAX TimeInterval ACCESS read-only STATUS mandatory DESCRIPTION "The length of time the ipsec Phase-2 Tunnel has been active in hundredths of seconds." ::= { ipsecTunnelHistEntry 12 } ipsecTunHistTotalRefreshes OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security association refreshes performed." ::= { ipsecTunnelHistEntry 13 } ipsecTunHistTotalSas OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of security associations used during the life of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 14 } ipsecTunHistInSaDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 15 } ipsecTunHistInSaEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 16 } ipsecTunHistInSaAhAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound authentication header (AH) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 17 } ipsecTunHistInSaEspAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 18 } ipsecTunHistInSaDecompAlgo OBJECT-TYPE SYNTAX CompAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The decompression algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 19 } ipsecTunHistOutSaDiffHellmanGrp OBJECT-TYPE SYNTAX DiffHellmanGrp ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group used by the outbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 20 } ipsecTunHistOutSaEncryptAlgo OBJECT-TYPE SYNTAX EncryptAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The encryption algorithm used by the outbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 21 } ipsecTunHistOutSaAhAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the outbound authentication header (AH) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 22 } ipsecTunHistOutSaEspAuthAlgo OBJECT-TYPE SYNTAX AuthAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 23 } ipsecTunHistOutSaCompAlgo OBJECT-TYPE SYNTAX CompAlgo ACCESS read-only STATUS mandatory DESCRIPTION "The compression algorithm used by the inbound security association of the ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 24 } ipsecTunHistInOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets received by this ipsec Phase-2 Tunnel. This value is accumulated BEFORE determining whether or not the packet should be decompressed. See also ipsecTunInOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelHistEntry 25 } ipsecTunHistInOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets received counter (ipsecTunInOctets) has wrapped." ::= { ipsecTunnelHistEntry 27 } ipsecTunHistInDecompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of decompressed octets received by this ipsec Phase-2 Tunnel. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ipsecTunInOctets. See also ipsecTunInDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelHistEntry 28 } ipsecTunHistInDecompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the decompressed octets received counter (ipsecTunInDecompOctets) has wrapped." ::= { ipsecTunnelHistEntry 30 } ipsecTunHistInPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets received by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 31 } ipsecTunHistInDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing by this ipsec Phase-2 Tunnel. This count does NOT include packets dropped due to Anti-Replay processing." ::= { ipsecTunnelHistEntry 32 } ipsecTunHistInReplayDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during receive processing due to Anti-Replay processing by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 33 } ipsecTunHistInAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 34 } ipsecTunHistInAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound authentication's which ended in failure by this ipsec Phase-2 Tunnel ." ::= { ipsecTunnelHistEntry 35 } ipsecTunHistInDecrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 36 } ipsecTunHistInDecryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of inbound decryption's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 37 } ipsecTunHistOutOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of octets sent by this ipsec Phase-2 Tunnel. This value is accumulated AFTER determining whether or not the packet should be compressed. See also ipsecTunOutOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelHistEntry 38 } ipsecTunHistOutOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the octets sent counter (ipsecTunOutOctets) has wrapped." ::= { ipsecTunnelHistEntry 40 } ipsecTunHistOutUncompOctets OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of uncompressed octets sent by this ipsec Phase-2 Tunnel. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ipsecTunOutOctets. See also ipsecTunOutDecompOctWraps for the number of times this counter has wrapped." ::= { ipsecTunnelHistEntry 41 } ipsecTunHistOutUncompOctWraps OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the uncompressed octets sent counter (ipsecTunInUncompOctets) has wrapped." ::= { ipsecTunnelHistEntry 43 } ipsecTunHistOutPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets sent by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 44 } ipsecTunHistOutDropPkts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of packets dropped during send processing by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 45 } ipsecTunHistOutAuths OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 46 } ipsecTunHistOutAuthFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound authentication's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 47 } ipsecTunHistOutEncrypts OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's performed by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 48 } ipsecTunHistOutEncryptFails OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The total number of outbound encryption's which ended in failure by this ipsec Phase-2 Tunnel." ::= { ipsecTunnelHistEntry 49 } ipsecEndPtHistTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecEndPtHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Tunnel Endpoint History Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ipsecHistTableSize object." ::= { ipsecHistPhaseTwo 2 } ipsecEndPtHistEntry OBJECT-TYPE SYNTAX IpsecEndPtHistEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with a previously active ipsec Phase-2 Tunnel Endpoint." INDEX { ipsecEndPtHistIndex } ::= { ipsecEndPtHistTable 1 } IpsecEndPtHistEntry ::= SEQUENCE { ipsecEndPtHistIndex INTEGER (-2147483648..2147483647), ipsecEndPtHistTunIndex INTEGER (-2147483648..2147483647), ipsecEndPtHistActiveIndex INTEGER (-2147483648..2147483647), ipsecEndPtHistLocalName DisplayString, ipsecEndPtHistLocalType EndPtType, ipsecEndPtHistLocalAddr1 IPSIpAddress, ipsecEndPtHistLocalAddr2 IPSIpAddress, ipsecEndPtHistLocalProtocol INTEGER (-2147483648..2147483647), ipsecEndPtHistLocalPort INTEGER (-2147483648..2147483647), ipsecEndPtHistRemoteName DisplayString, ipsecEndPtHistRemoteType EndPtType, ipsecEndPtHistRemoteAddr1 IPSIpAddress, ipsecEndPtHistRemoteAddr2 IPSIpAddress, ipsecEndPtHistRemoteProtocol INTEGER (-2147483648..2147483647), ipsecEndPtHistRemotePort INTEGER (-2147483648..2147483647) } ipsecEndPtHistIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The number of the previously active Endpoint associated with a ipsec Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each Endpoint associated with an ipsec Phase-2 Tunnel. The value of this object will wrap at 2,147,483,647." ::= { ipsecEndPtHistEntry 1 } ipsecEndPtHistTunIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the previously active ipsec Phase-2 Tunnel Table." ::= { ipsecEndPtHistEntry 2 } ipsecEndPtHistActiveIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The index of the previously active Endpoint." ::= { ipsecEndPtHistEntry 3 } ipsecEndPtHistLocalName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the local Endpoint." ::= { ipsecEndPtHistEntry 4 } ipsecEndPtHistLocalType OBJECT-TYPE SYNTAX INTEGER { singleIpAddr(1), ipAddrRange(2), ipSubnet(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The type of identity for the local Endpoint. Possible values are: 1) a single IP address, or 2) an IP address range, or 3) an IP subnet." ::= { ipsecEndPtHistEntry 5 } ipsecEndPtHistLocalAddr1 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local Endpoint's first IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet. If the local Endpoint type is IP address range, then this is the value of beginning IP address of the range." ::= { ipsecEndPtHistEntry 6 } ipsecEndPtHistLocalAddr2 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The local Endpoint's second IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet mask. If the local Endpoint type is IP address range, then this is the value of ending IP address of the range." ::= { ipsecEndPtHistEntry 7 } ipsecEndPtHistLocalProtocol OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The protocol number of the local Endpoint's traffic." ::= { ipsecEndPtHistEntry 8 } ipsecEndPtHistLocalPort OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The port number of the local Endpoint's traffic." ::= { ipsecEndPtHistEntry 9 } ipsecEndPtHistRemoteName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The DNS name of the remote Endpoint." ::= { ipsecEndPtHistEntry 10 } ipsecEndPtHistRemoteType OBJECT-TYPE SYNTAX INTEGER { singleIpAddr(1), ipAddrRange(2), ipSubnet(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The type of identity for the remote Endpoint. Possible values are: 1) a single IP address, or 2) an IP address range, or 3) an IP subnet." ::= { ipsecEndPtHistEntry 11 } ipsecEndPtHistRemoteAddr1 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote Endpoint's first IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet. If the remote Endpoint type is IP address range, then this is the value of beginning IP address of the range." ::= { ipsecEndPtHistEntry 12 } ipsecEndPtHistRemoteAddr2 OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The remote Endpoint's second IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet mask. If the remote Endpoint type is IP address range, then this is the value of ending IP address of the range." ::= { ipsecEndPtHistEntry 13 } ipsecEndPtHistRemoteProtocol OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The protocol number of the remote Endpoint's traffic." ::= { ipsecEndPtHistEntry 14 } ipsecEndPtHistRemotePort OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The port number of the remote Endpoint's traffic." ::= { ipsecEndPtHistEntry 15 } ipsecFailGlobal OBJECT IDENTIFIER ::= { ipsecFailures 1 } ipsecFailPhaseOne OBJECT IDENTIFIER ::= { ipsecFailures 2 } ipsecFailPhaseTwo OBJECT IDENTIFIER ::= { ipsecFailures 3 } ipsecFailGlobalCntl OBJECT IDENTIFIER ::= { ipsecFailGlobal 1 } ipsecFailTableSize OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-write STATUS mandatory DESCRIPTION "The window size of the ipsec Phase-1 and Phase-2 Failure Tables. The ipsec Phase-1 and Phase-2 Failure Tables are implemented as a sliding window in which only the last n entries are maintained. This object is used specify the number of entries which will be maintained in the ipsec Phase-1 and Phase-2 Failure Tables. When modified by an SNMP SET request, the device will set the value of this object as close as possible to the requested value based on the implementation and available resources." ::= { ipsecFailGlobalCntl 1 } ikeFailTable OBJECT-TYPE SYNTAX SEQUENCE OF IkeFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-1 Failure Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ipsecFailTableSize object." ::= { ipsecFailPhaseOne 1 } ikeFailEntry OBJECT-TYPE SYNTAX IkeFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with an ipsec Phase-1 failure." INDEX { ikeFailIndex } ::= { ikeFailTable 1 } IkeFailEntry ::= SEQUENCE { ikeFailIndex INTEGER (-2147483648..2147483647), ikeFailReason INTEGER, ikeFailTime TimeStamp, ikeFailLocalType IkePeerType, ikeFailLocalValue DisplayString, ikeFailRemoteType IkePeerType, ikeFailRemoteValue DisplayString, ikeFailLocalAddr IPSIpAddress, ikeFailRemoteAddr IPSIpAddress } ikeFailIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-1 Failure Table index. The value of the index is a number which begins at one and is incremented with each ipsec Phase-1 failure. The value of this object will wrap at 2,147,483,647." ::= { ikeFailEntry 1 } ikeFailReason OBJECT-TYPE SYNTAX INTEGER { other(1), peerDelRequest(2), peerLost(3), localFailure(4), seqNumRollOver(5), authFailure(6), hashValidation(7), encryptFailure(8), internalError(9), sysCapExceeded(10), proposalFailure(11), peerCertUnavailable(12), peerCertNotValid(13), localCertExpired(14), crlFailure(15), peerEncodingError(16), nonExistentSa(17), operRequest(18) } ACCESS read-only STATUS mandatory DESCRIPTION "The reason for the failure. Possible reasons include: 1 = other 2 = peer delete request was received 3 = contact with peer was lost 4 = local failure occurred 5 = sequence number rolled over 6 = authentication failure 7 = hash validation failure 8 = encryption failure 9 = internal error occurred 10 = system capacity failure 11 = proposal failure 12 = peer's certificate is unavailable 13 = peer's certificate was found invalid 14 = local certificate expired 15 = certificate revoke list (crl) failure 16 = peer encoding error 17 = non-existent security association 18 = operator requested termination." ::= { ikeFailEntry 2 } ikeFailTime OBJECT-TYPE SYNTAX TimeStamp ACCESS read-only STATUS mandatory DESCRIPTION "The time of the failure in hundredths of seconds." ::= { ikeFailEntry 3 } ikeFailLocalType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of local peer identity. The local peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeFailEntry 4 } ikeFailLocalValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the local peer identity. If the local peer type is an IP Address, then this is the IP Address used to identify the local peer. If the local peer type is a host name, then this is the host name used to identify the local peer." ::= { ikeFailEntry 5 } ikeFailRemoteType OBJECT-TYPE SYNTAX IkePeerType ACCESS read-only STATUS mandatory DESCRIPTION "The type of remote peer identity. The remote peer may be indentified by: 1. an IP address, or 2. a host name." ::= { ikeFailEntry 6 } ikeFailRemoteValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer. If the remote peer type is a host name, then this is the host name used to identify the remote peer." ::= { ikeFailEntry 7 } ikeFailLocalAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the local peer." ::= { ikeFailEntry 8 } ikeFailRemoteAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address of the remote peer." ::= { ikeFailEntry 9 } ipsecFailTable OBJECT-TYPE SYNTAX SEQUENCE OF IpsecFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Failure Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ipsecFailTableSize object." ::= { ipsecFailPhaseTwo 1 } ipsecFailEntry OBJECT-TYPE SYNTAX IpsecFailEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Each entry contains the attributes associated with an ipsec Phase-1 failure." INDEX { ipsecFailIndex } ::= { ipsecFailTable 1 } IpsecFailEntry ::= SEQUENCE { ipsecFailIndex INTEGER (-2147483648..2147483647), ipsecFailReason INTEGER, ipsecFailTime TimeStamp, ipsecFailTunnelIndex INTEGER (-2147483648..2147483647), ipsecFailSaSpi INTEGER (-2147483648..2147483647), ipsecFailPktSrcAddr IPSIpAddress, ipsecFailPktDstAddr IPSIpAddress } ipsecFailIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS not-accessible STATUS mandatory DESCRIPTION "The ipsec Phase-2 Failure Table index. The value of the index is a number which begins at one and is incremented with each ipsec Phase-1 failure. The value of this object will wrap at 2,147,483,647." ::= { ipsecFailEntry 1 } ipsecFailReason OBJECT-TYPE SYNTAX INTEGER { other(1), internalError(2), peerEncodingError(3), proposalFailure(4), protocolUseFail(5), nonExistentSa(6), decryptFailure(7), encryptFailure(8), inAuthFailure(9), outAuthFailure(10), compression(11), sysCapExceeded(12), peerDelRequest(13), peerLost(14), seqNumRollOver(15), operRequest(16) } ACCESS read-only STATUS mandatory DESCRIPTION "The reason for the failure. Possible reasons include: 1 = other 2 = internal error occurred 3 = peer encoding error 4 = proposal failure 5 = protocol use failure 6 = non-existent security association 7 = decryption failure 8 = encryption failure 9 = inbound authentication failure 10 = outbound authentication failure 11 = compression failure 12 = system capacity failure 13 = peer delete request was received 14 = contact with peer was lost 15 = sequence number rolled over 16 = operator requested termination." ::= { ipsecFailEntry 2 } ipsecFailTime OBJECT-TYPE SYNTAX TimeStamp ACCESS read-only STATUS mandatory DESCRIPTION "The time of the failure in hundredths of seconds." ::= { ipsecFailEntry 3 } ipsecFailTunnelIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The Phase-2 Tunnel index (ipsecTunIndex)." ::= { ipsecFailEntry 4 } ipsecFailSaSpi OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "The security association SPI value." ::= { ipsecFailEntry 5 } ipsecFailPktSrcAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The packet's source IP address." ::= { ipsecFailEntry 6 } ipsecFailPktDstAddr OBJECT-TYPE SYNTAX IPSIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The packet's destination IP address." ::= { ipsecFailEntry 7 } ipsecTrapCntlIkeTunnelStart OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 Tunnel Start TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 1 } ipsecTrapCntlIkeTunnelStop OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 Tunnel Stop TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 2 } ipsecTrapCntlIkeSysFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 System Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 3 } ipsecTrapCntlIkeCertCrlFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 Certificate/CRL Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 4 } ipsecTrapCntlIkeProtocolFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 Protocol Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 5 } ipsecTrapCntlIkeNoSa OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec IKE Phase-1 No Security Association TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 6 } ipsecTrapCntlipsecTunnelStart OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 Tunnel Start TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 7 } ipsecTrapCntlipsecTunnelStop OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 Tunnel Stop TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 8 } ipsecTrapCntlipsecSysFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 System Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 9 } ipsecTrapCntlipsecSetUpFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 Set Up Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 10 } ipsecTrapCntlipsecEarlyTunTerm OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 Earily Tunnel Termination TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 11 } ipsecTrapCntlipsecProtocolFailure OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 Protocol Failure TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 12 } ipsecTrapCntlipsecNoSa OBJECT-TYPE SYNTAX TrapStatus ACCESS read-write STATUS mandatory DESCRIPTION "This object defines the administrative state of sending the ipsec Phase-2 No Security Association TRAP " DEFVAL { disabled } ::= { ipsecTrapCntl 13 } ipsecMIBNotifications OBJECT IDENTIFIER ::= { ipsecMIB 0 } ikeTunnelStart TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex, ikeTunIndex } DESCRIPTION "This notification is generated when an ipsec Phase-1 IKE Tunnel becomes active." ::= 1 ikeTunnelStop TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex, ikeTunIndex } DESCRIPTION "This notification is generated when an ipsec Phase-1 IKE Tunnel becomes inactive." ::= 2 ikeSysFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-1 IKE Tunnel experiences an internal or system capacity error." ::= 3 ikeCertCrlFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-1 IKE Tunnel experiences a Certificate or a Certificate Revoke List (CRL) related error." ::= 4 ikeProtocolFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-1 IKE Tunnel experiences a protocol related error." ::= 5 ikeNoSa TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-1 IKE Tunnel experiences a non-existent security association error." ::= 6 ipsecTunnelStart TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ipsecTunIndex } DESCRIPTION "This notification is generated when an ipsec Phase-2 Tunnel becomes active." ::= 7 ipsecTunnelStop TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ipsecTunIndex } DESCRIPTION "This notification is generated when an ipsec Phase-2 Tunnel becomes inactive." ::= 8 ipsecSysFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex, ipsecTunIndex, ipsecSpiIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-2 Tunnel experiences an internal or system capacity error." ::= 9 ipsecSetUpFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ikePeerLocalType, ikePeerLocalValue, ikePeerLocalAddr, ikePeerRemoteType, ikePeerRemoteValue, ikePeerRemoteAddr, ikePeerIntIndex } DESCRIPTION "This notification is generated when the setup for an ipsec Phase-2 Tunnel fails." ::= 10 ipsecEarilyTunnelTerm TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ipsecTunIndex, ipsecSpiIndex } DESCRIPTION "This notification is generated when an an ipsec Phase-2 Tunnel is terminated earily or before expected." ::= 11 ipsecProtocolFailure TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ipsecTunIndex, ipsecSpiIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-2 Tunnel experiences a protocol related error." ::= 12 ipsecNoSa TRAP-TYPE ENTERPRISE { ipsecMIBNotifications } VARIABLES { ipsecTunIndex, ipsecSpiIndex } DESCRIPTION "This notification is generated when the processing for an ipsec Phase-2 Tunnel experiences a non-existent security association error." ::= 13 ipsecMIBConformance OBJECT IDENTIFIER ::= { ipsecMIB 2 } ipsecMIBGroups OBJECT IDENTIFIER ::= { ipsecMIBConformance 1 } ipsecMIBCompliances OBJECT IDENTIFIER ::= { ipsecMIBConformance 2 } ipsecMIBCompliance OBJECT IDENTIFIER ::= { ipsecMIBCompliances 1 } ipsecLevelsGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 1 } ipsecPhaseOneGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 2 } ipsecPhaseTwoGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 3 } ipsecHistoryGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 4 } ipsecFailuresGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 5 } ipsecTrapCntlGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 6 } ipsecNotificationGroup OBJECT IDENTIFIER ::= { ipsecMIBGroups 7 } END