TIMETRA-IPSEC-STATIC-SA-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF MODULE-IDENTITY, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI RowStatus, TEXTUAL-CONVENTION, TimeStamp FROM SNMPv2-TC timetraSRMIBModules, tmnxSRConfs, tmnxSRObjs FROM TIMETRA-GLOBAL-MIB TNamedItem, TNamedItemOrEmpty FROM TIMETRA-TC-MIB ; timetraIPsecStaticSAMIBModule MODULE-IDENTITY LAST-UPDATED "200912140000Z" ORGANIZATION "Nokia" CONTACT-INFO "Nokia SROS Support Web: http://www.nokia.com" DESCRIPTION "This document is the SNMP MIB module to manage and provision the Nokia SROS device with IPsec Static SA tunneling, encryption and other related features. Copyright 2008-2018 Nokia. All rights reserved. Reproduction of this document is authorized on the condition that the foregoing copyright notice is included. This SNMP MIB module (Specification) embodies Nokia's proprietary intellectual property. Nokia retains all title and ownership in the Specification, including any revisions. Nokia grants all interested parties a non-exclusive license to use and distribute an unmodified copy of this Specification in connection with management of Nokia products, and without fee, provided this copyright notice and license appear on all copies. This Specification is supplied 'as is', and Nokia makes no warranty, either express or implied, as to the use, operation, condition, or performance of the Specification." REVISION "200912140000Z" DESCRIPTION "Rev 8.0 14 Dec 2009 00:00 8.0 release of the TIMETRA-IPSEC-STATIC-SA-MIB." ::= { timetraSRMIBModules 73 } TmnxAuthAlgorithm ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "TmnxAuthAlgorithm data type is an enumerated integer that describes the values used to identify the hashing algorithm. Value Descriptions: null - Choosing this value configures the high-speed null algorithm, which does nothing. This is same as not having authentication turned on, same as turning the protocol off. md5 - Choosing this value configures the use of hmac-md5 algorithm for authentication. sha1 - Choosing this value configures the use of hmac-sha1 algorithm for authentication." SYNTAX INTEGER { null (1), md5 (2), sha1 (3) } TmnxIPsecDirection2 ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "TmnxIPsecDirection data type is an enumerated integer that describes the values used to identify the direction of an IPsec tunnel." SYNTAX INTEGER { inbound (1), outbound (2), bidirectional (3) } TmnxIPsecProtocol ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "TmnxIPsecProtocol data type is an enumerated integer that describes the values used to identify the used IPsec protocol." SYNTAX INTEGER { ah (1), esp (2) } tmnxIPsecStaticSAObjects OBJECT IDENTIFIER ::= { tmnxSRObjs 73 } tmnxIPsecStaticSATableLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of tmnxIPsecStaticSATableLastChange indicates the sysUpTime at the time of the last modification to tmnxIPsecStaticSATable by adding, deleting an entry or change to a writable object in the table. If no changes were made to the table since the last re-initialization of the local network management subsystem, then this object contains a zero value." ::= { tmnxIPsecStaticSAObjects 1 } tmnxIPsecStaticSATable OBJECT-TYPE SYNTAX SEQUENCE OF TmnxIPsecStaticSAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table to store the IPsec static SA entries." ::= { tmnxIPsecStaticSAObjects 2 } tmnxIPsecStaticSAEntry OBJECT-TYPE SYNTAX TmnxIPsecStaticSAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about a single IPsec static SA entry." INDEX { IMPLIED tmnxIPsecStaticSAName } ::= { tmnxIPsecStaticSATable 1 } TmnxIPsecStaticSAEntry ::= SEQUENCE { tmnxIPsecStaticSAName TNamedItem, tmnxIPsecStaticSARowStatus RowStatus, tmnxIPsecStaticSALastChanged TimeStamp, tmnxIPsecStaticSADirection TmnxIPsecDirection2, tmnxIPsecStaticSAProtocol TmnxIPsecProtocol, tmnxIPsecStaticSAAuthAlgorithm TmnxAuthAlgorithm, tmnxIPsecStaticSAAuthKey OCTET STRING, tmnxIPsecStaticSASpi Unsigned32, tmnxIPsecStaticSADescription TNamedItemOrEmpty } tmnxIPsecStaticSAName OBJECT-TYPE SYNTAX TNamedItem MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of tmnxIPsecStaticSAName specifies the name of this static SA and is part of the index for the table tmnxIPsecStaticSATable, and thus a required object." ::= { tmnxIPsecStaticSAEntry 1 } tmnxIPsecStaticSARowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The tmnxIPsecStaticSARowStatus object is used to create and delete rows in the tmnxIPsecStaticSATable. When creating an entry in tmnxIPsecStaticSATable, the value of tmnxIPsecStaticSARowStatus must be 'createAndGo'." ::= { tmnxIPsecStaticSAEntry 2 } tmnxIPsecStaticSALastChanged OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of tmnxIPsecStaticSALastChanged indicates the sysUpTime at the time of the last modification of this entry. If no changes were made to the entry since the last re-initialization of the local network management subsystem, then this object contains a zero value." ::= { tmnxIPsecStaticSAEntry 3 } tmnxIPsecStaticSADirection OBJECT-TYPE SYNTAX TmnxIPsecDirection2 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSADirection specifies the direction to which this static SA entry can be applied. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { bidirectional } ::= { tmnxIPsecStaticSAEntry 4 } tmnxIPsecStaticSAProtocol OBJECT-TYPE SYNTAX TmnxIPsecProtocol MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSAProtocol specifies the protocol used by this static SA. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { esp } ::= { tmnxIPsecStaticSAEntry 5 } tmnxIPsecStaticSAAuthAlgorithm OBJECT-TYPE SYNTAX TmnxAuthAlgorithm MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSAAuthAlgorithm specifies the authentication algorithm used with this static SA. The 'md5' algorithm requires a 16 byte key, and the 'sha1' algorithm requires a 20 byte key. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { sha1 } ::= { tmnxIPsecStaticSAEntry 6 } tmnxIPsecStaticSAAuthKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..20)) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSAAuthKey specifies the key used for the authentication algorithm defined by tmnxIPsecStaticSAAuthAlgorithm. The length of the key must match the length required by the authentication algorithm. If a key of another length is set, the request will fail with an 'inconsistentValue' error. The default value for tmnxIPsecStaticSAAuthKey is an empty string, in this case the static SA cannot be used. When read, tmnxIPsecStaticSAAuthKey always returns an octet string of length zero. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { "" } ::= { tmnxIPsecStaticSAEntry 7 } tmnxIPsecStaticSASpi OBJECT-TYPE SYNTAX Unsigned32 (0 | 256..16383) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSASpi specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of tmnxIPsecStaticSADirection is 'inbound'. The value of tmnxIPsecStaticSASpi specifies the SPI that will be used in the encoding of the outgoing packets when the value of tmnxIPsecStaticSADirection is 'outbound'. The remote node can use this SPI to lookup the instruction to verify and decrypt the packet. If 'no' SPI is selected, then this static SA cannot be used. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { 0 } ::= { tmnxIPsecStaticSAEntry 8 } tmnxIPsecStaticSADescription OBJECT-TYPE SYNTAX TNamedItemOrEmpty MAX-ACCESS read-create STATUS current DESCRIPTION "The value of tmnxIPsecStaticSADescription describes this static SA. This is an optional object when creating an entry in tmnxIPsecStaticSATable." DEFVAL { "" } ::= { tmnxIPsecStaticSAEntry 9 } tmnxIPsecStaticSAConformance OBJECT IDENTIFIER ::= { tmnxSRConfs 73 } tmnxIPsecStaticSACompliances OBJECT IDENTIFIER ::= { tmnxIPsecStaticSAConformance 1 } tmnxIPsecStaticSAV8v0Compliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for management of IPsec static SA features on Nokia 7x50 SR series systems." MODULE MANDATORY-GROUPS { tmnxIPsecStaticSAGroup } ::= { tmnxIPsecStaticSACompliances 1 } tmnxIPsecStaticSAGroups OBJECT IDENTIFIER ::= { tmnxIPsecStaticSAConformance 2 } tmnxIPsecStaticSAGroup OBJECT-GROUP OBJECTS { tmnxIPsecStaticSATableLastChange, tmnxIPsecStaticSARowStatus, tmnxIPsecStaticSALastChanged, tmnxIPsecStaticSADirection, tmnxIPsecStaticSAProtocol, tmnxIPsecStaticSAAuthAlgorithm, tmnxIPsecStaticSAAuthKey, tmnxIPsecStaticSASpi, tmnxIPsecStaticSADescription } STATUS current DESCRIPTION "The group of objects for IPsec static SA on Nokia 7xx0 SR series systems." ::= { tmnxIPsecStaticSAGroups 1 } END