ENTERASYS-IPSEC-NOTIFICATION-MIB DEFINITIONS ::= BEGIN -- enterasys-ipsec-notification-mib.txt -- This module provides authoritative definitions for Enterasys -- Networks' ipSecurity notifications. -- -- This module will be extended, as needed. -- Enterasys Networks reserves the right to make changes in this -- specification and other information contained in this document -- without prior notice. The reader should consult Enterasys Networks -- to determine whether any such changes have been made. -- -- In no event shall Enterasys Networks be liable for any incidental, -- indirect, special, or consequential damages whatsoever (including -- but not limited to lost profits) arising out of or related to this -- document or the information contained in it, even if Enterasys -- Networks has been advised of, known, or should have known, the -- possibility of such damages. -- -- Enterasys Networks grants vendors, end-users, and other interested -- parties a non-exclusive license to use this Specification in -- connection with the management of Enterasys Networks products. -- Copyright February, 2011 Enterasys Networks, Inc. IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32 FROM SNMPv2-SMI TEXTUAL-CONVENTION, DisplayString, TruthValue, DateAndTime FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB InterfaceIndex, ifIndex FROM IF-MIB etsysModules FROM ENTERASYS-MIB-NAMES; etsysIpSecNotificationMIB MODULE-IDENTITY LAST-UPDATED "201102280800Z" -- Mon Feb 28 08:00 GMT 2011 ORGANIZATION "Enterasys Networks, Inc" CONTACT-INFO "Postal: Enterasys Networks 50 Minuteman Rd. Andover, MA 01810-1008 USA Phone: +1 978 684 1000 E-mail: support@enterasys.com WWW: http://www.enterasys.com" DESCRIPTION "This MIB module defines a portion of the SNMP MIB under the Enterasys Networks enterprise OID pertaining to ipSecurity notifications. This MIB was designed to be used for monitoring router events that have occurred in the system related to ipSecurity." REVISION "201102280800Z" -- Mon Feb 28 08:00 GMT 2011 DESCRIPTION "The initial version of this MIB module" ::= { etsysModules 81 } -- ------------------------------------------------------------- -- branches in the ENTERASYS-IPSEC-NOTIFICATION MIB -- ------------------------------------------------------------- etsysIpSecNotificationObjects OBJECT IDENTIFIER ::= { etsysIpSecNotificationMIB 1 } etsysIpSecConfigBranch OBJECT IDENTIFIER ::= { etsysIpSecNotificationObjects 0 } etsysIpSecInformationBranch OBJECT IDENTIFIER ::= { etsysIpSecNotificationObjects 1 } etsysIpSecNotificationBranch OBJECT IDENTIFIER ::= { etsysIpSecNotificationObjects 2 } -- ------------------------------------------------------------- -- Objects in the etsysIpSecConfigBranch -- ------------------------------------------------------------- etsysIpSecDiscardedPacketEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "If this object is set to true (1) a trap will be sent when IPSec discards a packet due to not having a matching SPD cache entry." DEFVAL { false } ::= { etsysIpSecConfigBranch 1 } -- ------------------------------------------------------------- -- Objects in the etsysIpSecInformationBranch -- ------------------------------------------------------------- etsysIpSecTime OBJECT-TYPE SYNTAX DateAndTime (SIZE(8)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The local date and time that the ipSecurity module took the desired action that led to sending the notification." ::= { etsysIpSecInformationBranch 1 } etsysIpSecSPI OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Security Parameter Index (SPI) if available." ::= { etsysIpSecInformationBranch 2 } etsysIpSecProtocol OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The IPSec protocol if available." ::= { etsysIpSecInformationBranch 3 } etsysIpSecSourceAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The type of Internet Address specified with etsysIpSecSourceAddress." ::= { etsysIpSecInformationBranch 4 } etsysIpSecSourceAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Internet Address from which the incoming packet was sourced." ::= { etsysIpSecInformationBranch 5 } etsysIpSecDestinationAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The type of Internet Address specified with etsysIpSecDestinationAddress." ::= { etsysIpSecInformationBranch 6 } etsysIpSecDestinationAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Internet Address for which the incoming packet is destined." ::= { etsysIpSecInformationBranch 7 } etsysIpSecSelectorValues OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Other selector values not previously defined in this MIB." ::= { etsysIpSecInformationBranch 8 } -- ------------------------------------------------------------- -- Objects in the etsysIpSecNotificationBranch -- ------------------------------------------------------------- etsysIpSecDiscardedPacket NOTIFICATION-TYPE OBJECTS { etsysIpSecTime, etsysIpSecSPI, etsysIpSecProtocol, etsysIpSecSourceAddrType, etsysIpSecSourceAddress, etsysIpSecDestinationAddrType, etsysIpSecDestinationAddress, etsysIpSecSelectorValues } STATUS current DESCRIPTION "Discarded IPSec packet notification. When the device receives an IPSec encrypted packet that does not match any SPD cache entry and it is determined that packet should be discarded, the device will send this notification with as much information as is available." ::= { etsysIpSecNotificationBranch 1 } -- ------------------------------------------------------------- -- Conformance Information -- ------------------------------------------------------------- etsysIpSecConformance OBJECT IDENTIFIER ::= { etsysIpSecNotificationMIB 2 } etsysIpSecGroups OBJECT IDENTIFIER ::= { etsysIpSecConformance 1 } etsysIpSecCompliances OBJECT IDENTIFIER ::= { etsysIpSecConformance 2 } -- ------------------------------------------------------------- -- Units of conformance -- ------------------------------------------------------------- etsysIpSecConfigGroup OBJECT-GROUP OBJECTS { etsysIpSecDiscardedPacketEnabled } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation of IPSec event notifications." ::= { etsysIpSecGroups 1 } etsysIpSecInformationGroup OBJECT-GROUP OBJECTS { etsysIpSecTime, etsysIpSecSPI, etsysIpSecProtocol, etsysIpSecSourceAddrType, etsysIpSecSourceAddress, etsysIpSecDestinationAddrType, etsysIpSecDestinationAddress, etsysIpSecSelectorValues } STATUS current DESCRIPTION "A collection of objects providing IPSec event information." ::= { etsysIpSecGroups 2 } etsysIpSecNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { etsysIpSecDiscardedPacket } STATUS current DESCRIPTION "The IPSec event notifications." ::= { etsysIpSecGroups 3 } -- ------------------------------------------------------------- -- Compliance statements -- ------------------------------------------------------------- etsysIpSecCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for devices that support Enterasys IPSec notifications." MODULE MANDATORY-GROUPS { etsysIpSecConfigGroup, etsysIpSecInformationGroup, etsysIpSecNotificationGroup } ::= { etsysIpSecCompliances 1 } END