-- automatically generated by mosy 7.2 #162 (flowpnt), do not edit! CTRON-VPN-MON-MIB DEFINITIONS ::= BEGIN IMPORTS TruthValue FROM RFC1253-MIB DisplayString FROM RFC1213-MIB OBJECT-TYPE FROM RFC-1212 Counter FROM RFC1155-SMI ctDataLink FROM CTRON-MIB-NAMES IsakmpCookie FROM ISAKMP-DOI-IND-MON-MIB IpsecIpv6Address FROM IPSEC-SA-MON-MIB ifIndex FROM IF-MIB RowStatus FROM SNMPv2-TC; -- created from ctronVpnMonMIB (0003220000Z) ctronVpnMonMIB OBJECT IDENTIFIER ::= { experimental 505 } ctronVpnGlobals OBJECT IDENTIFIER ::= { ctronVpnMonMIB 1 } ctronVpnTables OBJECT IDENTIFIER ::= { ctronVpnMonMIB 2 } ctronVpnStats OBJECT IDENTIFIER ::= { ctronVpnMonMIB 3 } ctronVpnConformance OBJECT IDENTIFIER ::= { ctronVpnMonMIB 4 } ctronVpnMibVersion OBJECT-TYPE SYNTAX Gauge ACCESS read-only STATUS mandatory DESCRIPTION "Holds the version of the VPN Monitoring MIB supported. The initial version is version 1." ::= { ctronVpnGlobals 1 } ctronVpnInterfaceTable OBJECT-TYPE SYNTAX SEQUENCE OF CtronVpnInterfaceEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Provides IKE/IPSEC specific values for SA's" ::= { ctronVpnTables 1 } ctronVpnInterfaceEntry OBJECT-TYPE SYNTAX CtronVpnInterfaceEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Entry represents a set of IPSEC values for an interface." INDEX { ifIndex, ctronVpnInterfaceIdx } ::= { ctronVpnInterfaceTable 1 } CtronVpnInterfaceEntry ::= SEQUENCE { ctronVpnInterfaceIdx Gauge, ctronVpnInterfaceTunIndex INTEGER (-2147483648..2147483647), ctronVpnInterfaceSuiteID Gauge, ctronVpnInterfaceLocalIpAddress IpsecIpv6Address, ctronVpnInterfaceRemoteIpAddress IpsecIpv6Address, ctronVpnInterfaceInitiatorCookie IsakmpCookie, ctronVpnInterfaceResponderCookie IsakmpCookie } ctronVpnInterfaceIdx OBJECT-TYPE SYNTAX Gauge ACCESS not-accessible STATUS mandatory DESCRIPTION "Along with ifIndex, this value uniquely identifies the entry, allowing multiple entries per interface." ::= { ctronVpnInterfaceEntry 1 } ctronVpnInterfaceTunIndex OBJECT-TYPE SYNTAX INTEGER (-2147483648..2147483647) ACCESS read-only STATUS mandatory DESCRIPTION "This provides the IPsecTunIndex into the IPsecTunnelTable of the IPSEC Flow Monitoring MIB." ::= { ctronVpnInterfaceEntry 2 } ctronVpnInterfaceSuiteID OBJECT-TYPE SYNTAX Gauge ACCESS read-only STATUS mandatory DESCRIPTION "The unique arbitary number assigned to the suite of IPSEC SA's that this IPSEC SA belongs to, which were created by the sameIKE phase 1 SA quick mode negotiation. This provides the suiteIndex into both the suiteTable and the phase2SaTable of the IKE Monitoring MIB, which in turn provides indirect info into the IPSEC Monitoring MIB tables." ::= { ctronVpnInterfaceEntry 3 } ctronVpnInterfaceLocalIpAddress OBJECT-TYPE SYNTAX IpsecIpv6Address ACCESS read-only STATUS mandatory DESCRIPTION "The local address for the ISAKMP phase 1 SA. Full description as saLocalIpAddress in ISAKMP DOI-Independant MIB. This provides the saLocalIpAddress part of the indices into both the saTable of the ISAKMP DOI-Independent Mon MIB and the ikeSaTable of the IKE Monitoring MIB." ::= { ctronVpnInterfaceEntry 4 } ctronVpnInterfaceRemoteIpAddress OBJECT-TYPE SYNTAX IpsecIpv6Address ACCESS read-only STATUS mandatory DESCRIPTION "The remote address for the ISAKMP phase 1 SA. Full description as saRemoteIpAddress in ISAKMP DOI-Independant MIB. This provides the saRemoteIpAddress part of the indices into both the saTable of the ISAKMP DOI- Independent Mon MIB and the ikeSaTable of the IKE Monitoring MIB." ::= { ctronVpnInterfaceEntry 5 } ctronVpnInterfaceInitiatorCookie OBJECT-TYPE SYNTAX IsakmpCookie ACCESS read-only STATUS mandatory DESCRIPTION "The value of the cookie used by the initiator for the ISAKMP phase 1 SA. Full description as saInitiatorCookie in ISAKMP DOI-Independant MIB. This provides the saInitiatorCookie part of the indices into both the saTable of the ISAKMP DOI- Independent Mon MIB and the ikeSaTable of the IKE Monitoring MIB." ::= { ctronVpnInterfaceEntry 6 } ctronVpnInterfaceResponderCookie OBJECT-TYPE SYNTAX IsakmpCookie ACCESS read-only STATUS mandatory DESCRIPTION "The value of the cookie used by the responder for the ISAKMP phase 1 SA. Full description as saResponderCookie in ISAKMP DOI-Independant MIB. This provides the saResponderCookie part of the indices into both the saTable of the ISAKMP DOI- Independent Mon MIB and the ikeSaTable of the IKE Monitoring MIB." ::= { ctronVpnInterfaceEntry 7 } ctronVpnStatsAaaUserAuthTimeout OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of user authentication timeouts occuring within AAA. This would indicate that the AAA subsystem is overloaded or not operating or that the network is overloaded." ::= { ctronVpnStats 1 } ctronVpnStatsAaaAddrFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times a client connection has failed due to a lack of available IP addresses to be allocated to the connection. Large increases in this value would indicate that the VPN device is close to or beyond it's capacity, or the address allocation in AAA requires reconfiguration." ::= { ctronVpnStats 2 } ctronVpnStatsIkePhase1Fail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of device authentications that failed during IKE Phase 1. This could indicate incorrect configuration or a lack of resources." ::= { ctronVpnStats 3 } ctronVpnStatsIkeUserAuthFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of user authentication that failed during IKE Phase 1.5. This could indicate incorrect configuration or a lack of resources." ::= { ctronVpnStats 4 } ctronVpnStatsIkeKeyPropFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of incompatible key exchange proposals received by IKE. This indicates that the IKE systems involved are not configured in a compatible way and either one or both need reconfiguration." ::= { ctronVpnStats 5 } ctronVpnStatsIkeProtPropFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of incompatible data protection proposals received by IKE. This indicates that the IKE systems involved are not configured in a compatible way and either one or both need reconfiguration." ::= { ctronVpnStats 6 } ctronVpnStatsIkeBadIpRequest OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of unacceptable IP accesses requested of IKE. This would indicate incorrect configuration of the client." ::= { ctronVpnStats 7 } ctronVpnStatsIkeProtocolError OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of protocol errors detected by IKE. This could indicate errors in the devices or faults on the networks causing corruption." ::= { ctronVpnStats 8 } ctronVpnStatsIkeOptionNotSupported OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times an unsupported option request was received by IKE. This would indicate that the IKE systems involved are incompatible." ::= { ctronVpnStats 9 } ctronVpnStatsIkeUserAuthTimeout OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of user authentication timeouts detected by IKE. Increases in this value would indicate that a subsystem in the VPN is either overloaded or not operating, or that network traffic is very heavy, causing unacceptable delays." ::= { ctronVpnStats 10 } ctronVpnStatsIkeClientAccessFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of cases where client access was not enabled. This would indicate that the client should not be attempting to connect, or that there is a misconfiguration." ::= { ctronVpnStats 11 } ctronVpnStatsIkeBadMsg OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of IKE messages received that were indecipherable. This would indicate software or network errors causing packet corruption." ::= { ctronVpnStats 12 } ctronVpnStatsIkeBadPkt OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of unexpected IKE packets received. This would indicate software errors or incompatible systems." ::= { ctronVpnStats 13 } ctronVpnStatsIkeRespTimeout OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of timeouts detected by IKE waiting for a response. Increases in this value would indicate that a subsystem in the VPN is either overloaded or not operating, or that network traffic is very heavy, causing unacceptable delays." ::= { ctronVpnStats 14 } ctronVpnStatsIpsecRouteFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of failures to add a route to a client. This could be due to lack of resources or due to configuration errors." ::= { ctronVpnStats 15 } ctronVpnStatsIpsecNoSession OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of 'no encryption sessions available' errors. This is due to lack of resources and indicates that the VPN device may be overloaded." ::= { ctronVpnStats 16 } ctronVpnStatsDhcpNotReachable OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times DHCP server was not reachable. This indicates that the DHCP system is overloaded or not operating, or that the network is overloaded." ::= { ctronVpnStats 17 } ctronVpnStatsDhcpAddrFail OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of time an address could not be retrieved from DHCP. This will indicate that the resources on the DHCP server have been used up." ::= { ctronVpnStats 18 } ctronVpnStatsDhcpBadResp OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of DHCP responses that were undecipherable. This would indicate software or network errors causing packet corruption." ::= { ctronVpnStats 19 } ctronVpnStatsRadiusTunnelRejected OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of tunnel authentications rejected by RADIUS. This would indicate a configuration error either of the client or of the server, or of both." ::= { ctronVpnStats 20 } ctronVpnStatsRadiusUserRejected OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times RADIUS rejected a user. This could indicate misconfiguration of the client or of the RADIUS server, or that the user is entering an incorrect name, password or other authentication response." ::= { ctronVpnStats 21 } ctronVpnStatsRadiusNotReachable OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times the RADIUS server could not be contacted. This would indicate that the RADIUS server is not operating, or there is a network misconfiguration or fault." ::= { ctronVpnStats 22 } ctronVpnStatsRadiusAuthTimeout OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of times a timeout occured waiting for authentication from RADIUS. This would indicate that the RADIUS server is overloaded or not operating, or the network is overloaded." ::= { ctronVpnStats 23 } ctronVpnStatsResourceError OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of general resource failures due to lack of memory on the network device, or other similar problems. This would indicate that the capacity of the VPN device has been reached or surpassed." ::= { ctronVpnStats 24 } ctronVpnCompliances OBJECT IDENTIFIER ::= { ctronVpnConformance 1 } ctronVpnGroups OBJECT IDENTIFIER ::= { ctronVpnConformance 2 } ctronVpnCompliance OBJECT IDENTIFIER ::= { ctronVpnCompliances 1 } ctronVpnVersionGroup OBJECT IDENTIFIER ::= { ctronVpnGroups 1 } ctronVpnIPSECFlowGroup OBJECT IDENTIFIER ::= { ctronVpnGroups 2 } ctronVpnISAKMPGroup OBJECT IDENTIFIER ::= { ctronVpnGroups 3 } ctronVpnStatsGroup OBJECT IDENTIFIER ::= { ctronVpnGroups 4 } END