-- ==================================================================== -- Copyright (c) 2011 by Qtech Networks Co.,Ltd. All rights reserved. -- -- Description: The MIB is designed to get IPSec tunnels' statistic information. -- Reference: rujie Enterprise MIB -- ===================================================================== QTECH-IPSEC-MIB DEFINITIONS ::= BEGIN IMPORTS DisplayString,TEXTUAL-CONVENTION, TimeStamp FROM SNMPv2-TC IpAddress, Integer32, Counter32, Counter64, OBJECT-TYPE, MODULE-IDENTITY, Gauge32, NOTIFICATION-TYPE, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF qtechMgmt FROM QTECH-SMI; qtechIPSecMonitor MODULE-IDENTITY LAST-UPDATED "201102170000Z" ORGANIZATION "Qtech Networks Co.,Ltd." CONTACT-INFO "Tel: 4008-111-000 E-mail: service@qtech.com.cn" DESCRIPTION "The MIB is designed to get statistic information of IPSec tunnels. With this MIB, we can get information of a certain tunnel or all tunnels." REVISION "201102170000Z" DESCRIPTION "Initial version of this MIB module." ::= { qtechMgmt 94 } QtechDiffHellmanGrp ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The Diffie Hellman Group used in the IKE and IPSec negotiations. invalidAlg(2147483647) is defined as invalid value." SYNTAX INTEGER { none(0), modp768(1), modp1024(2), invalidMode(2147483647) } QtechEncapMode ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The encapsulation mode used by an IPSec Phase-2 Tunnel." SYNTAX INTEGER { tunnel(1), transport(2), invalidMode(2147483647) } QtechEncryptAlgo ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The encryption algorithm used in the IKE and IPSec negotiations. invalidAlg(2147483647) is defined as invalid value." SYNTAX INTEGER { none(0), desCbc(2), threedesCbc(3), aesCbc(12), sm1Cbc(128), invalidAlg(2147483647) } QtechAuthAlgo ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The authentication algorithm used in the IKE negotiations. invalidAlg(2147483647) is defined as invalid value." SYNTAX INTEGER { none(0), md5(1), sha(2), invalidAlg(2147483647) } QtechSaProtocol ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The protocol of security association." SYNTAX INTEGER { reserved(0), isakmp(1), ah(2), esp(3) } QtechTunnelProtocol ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The protocol of security association." SYNTAX INTEGER { none(0), icmp(1), igmp(2), ip(4), tcp(6), udp(17), esp(50), ah(51) } QtechTrafficType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The type of the data flow." SYNTAX INTEGER { ipv4Addr(1), ipv4AddrSubnet(2), ipv6Addr(3), ipv6AddrSubnet(4), ipv4AddrRange(5), ipv6AddrRange(6) } QtechIPSecNegoType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The type of key used by an IPSec Phase-2 Tunnel. invalidType(2147483647) is defined as invalid value." SYNTAX INTEGER { ike(1), manual(2), invalidType(2147483647) } QtechIPSecTunnelState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The state of IPSec tunnel." SYNTAX INTEGER { establishing(1), active(2), expiring(3) } -- ======================================================================== -- Node definitions -- ======================================================================== --Begin the node of qtechIPSecObjects. qtechIPSecObjects OBJECT IDENTIFIER ::= { qtechIPSecMonitor 1 } -- =============================================== -- Begin the table of qtechIPSecTunnelTable. -- =============================================== qtechIPSecTunnelTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechIPSecTunnelEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IPSec Phase-2 Tunnel Table. There is one entry in this table for each active IPSec Phase-2 Tunnel." ::= { qtechIPSecObjects 1 } qtechIPSecTunnelEntry OBJECT-TYPE SYNTAX QtechIPSecTunnelEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about qtechIPSecTunnelTable." INDEX { qtechIPSecTunRemoteAddr } ::= { qtechIPSecTunnelTable 1 } QtechIPSecTunnelEntry ::= SEQUENCE { qtechIPSecTunIfIndex Integer32, qtechIPSecTunIndex Integer32, qtechIPSecTunIKETunnelIndex Integer32, qtechIPSecTunLocalAddr IpAddress, qtechIPSecTunRemoteAddr IpAddress, qtechIPSecTunLocalHostname DisplayString, qtechIPSecTunRemoteHostname DisplayString, qtechIPSecTunKeyType QtechIPSecNegoType, qtechIPSecTunEncapMode QtechEncapMode, qtechIPSecTunInitiator INTEGER, qtechIPSecTunLifeSize Integer32, qtechIPSecTunLifeTime Integer32, qtechIPSecTunRemainTime Integer32, qtechIPSecTunActiveTime Integer32, qtechIPSecTunCreateTime TimeStamp, qtechIPSecTunRemainSize Integer32, qtechIPSecTunTotalRefreshes Counter32, qtechIPSecTunCurrentSaInstances Gauge32, qtechIPSecTunInSaEncryptAlgo QtechEncryptAlgo, qtechIPSecTunInSaAhAuthAlgo QtechAuthAlgo, qtechIPSecTunInSaEspAuthAlgo QtechAuthAlgo, qtechIPSecTunDiffHellmanGrp QtechDiffHellmanGrp, qtechIPSecTunOutSaEncryptAlgo QtechEncryptAlgo, qtechIPSecTunOutSaAhAuthAlgo QtechAuthAlgo, qtechIPSecTunOutSaEspAuthAlgo QtechAuthAlgo, qtechIPSecTunMapName DisplayString, qtechIPSecTunSeqNum Integer32, qtechIPSecTunStatus QtechIPSecTunnelState } qtechIPSecTunIfIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The interface index( the ifIndex of ifTable )." ::= { qtechIPSecTunnelEntry 1 } qtechIPSecTunIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of IPSec Phase-2 Tunnel Table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647." ::= { qtechIPSecTunnelEntry 2 } qtechIPSecTunIKETunnelIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The index of the associated IPSec Phase-1 IKE Tunnel (IKETunIndex in the IKETunnelTable). 2147483647 is defined as invalid value. " ::= { qtechIPSecTunnelEntry 3 } qtechIPSecTunLocalAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the local peer for the IPSec Phase-2 Tunnel. 0.0.0.0 is defined as invalid value." ::= { qtechIPSecTunnelEntry 4 } qtechIPSecTunRemoteAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the remote peer for the IPSec Phase-2 Tunnel. 0.0.0.0 is defined as invalid value." ::= { qtechIPSecTunnelEntry 5 } qtechIPSecTunLocalHostname OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Hostname of the local peer for the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 6 } qtechIPSecTunRemoteHostname OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Hostname of the remote peer for the IPSec Phase-2 Tunnel. " ::= { qtechIPSecTunnelEntry 7 } qtechIPSecTunKeyType OBJECT-TYPE SYNTAX QtechIPSecNegoType MAX-ACCESS read-only STATUS current DESCRIPTION "The key negotiate mode used by the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 8 } qtechIPSecTunEncapMode OBJECT-TYPE SYNTAX QtechEncapMode MAX-ACCESS read-only STATUS current DESCRIPTION "The encapsulation mode used by the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 9 } qtechIPSecTunInitiator OBJECT-TYPE SYNTAX INTEGER { local(1), remote(2), none(2147483647) } MAX-ACCESS read-only STATUS current DESCRIPTION "The initiator of this IPSec tunnel. Value none is used for manual IPsec tunnel, for there is no initiator or responder in this method." ::= { qtechIPSecTunnelEntry 10 } qtechIPSecTunLifeSize OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The negotiated LifeSize of the IPSec Phase-2 Tunnel in kilobytes. 2147483647 is defined as invalid value." ::= { qtechIPSecTunnelEntry 11 } qtechIPSecTunLifeTime OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The negotiated LifeTime of the IPSec Phase-2 Tunnel in seconds. 2147483647 is defined as invalid value." ::= { qtechIPSecTunnelEntry 12 } qtechIPSecTunRemainTime OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The remain time of SA in seconds. 2147483647 is defined as invalid value." ::= { qtechIPSecTunnelEntry 13 } qtechIPSecTunActiveTime OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The duration the IPSec Phase-2 Tunnel has been active in hundredths of seconds. 2147483647 is defined as invalid value." ::= { qtechIPSecTunnelEntry 14 } qtechIPSecTunCreateTime OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The Time Stamp when the IPSec Phase-2 Tunnel created." ::= { qtechIPSecTunnelEntry 15 } qtechIPSecTunRemainSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The remain LifeSize of SA in kilobytes. 2147483647 is defined as invalid value." ::= { qtechIPSecTunnelEntry 16 } qtechIPSecTunTotalRefreshes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of security association refreshing performed." ::= { qtechIPSecTunnelEntry 17 } qtechIPSecTunCurrentSaInstances OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of security associations which are currently active or expiring." ::= { qtechIPSecTunnelEntry 18 } qtechIPSecTunInSaEncryptAlgo OBJECT-TYPE SYNTAX QtechEncryptAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The encryption algorithm used by the inbound security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 19 } qtechIPSecTunInSaAhAuthAlgo OBJECT-TYPE SYNTAX QtechAuthAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The authentication algorithm used by the inbound authentication header (AH) security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 20 } qtechIPSecTunInSaEspAuthAlgo OBJECT-TYPE SYNTAX QtechAuthAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The authentication algorithm used by the inbound encapsulation security protocol(ESP) security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 21 } qtechIPSecTunDiffHellmanGrp OBJECT-TYPE SYNTAX QtechDiffHellmanGrp MAX-ACCESS read-only STATUS current DESCRIPTION "The Diffie Hellman Group used by the security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 22 } qtechIPSecTunOutSaEncryptAlgo OBJECT-TYPE SYNTAX QtechEncryptAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The encryption algorithm used by the outbound security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 23 } qtechIPSecTunOutSaAhAuthAlgo OBJECT-TYPE SYNTAX QtechAuthAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The authentication algorithm used by the outbound authentication header (AH) security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 24 } qtechIPSecTunOutSaEspAuthAlgo OBJECT-TYPE SYNTAX QtechAuthAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The authentication algorithm used by the outbound encapsulation security protocol(ESP) security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelEntry 25 } qtechIPSecTunMapName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Map name used by this IPSec tunnel." ::= { qtechIPSecTunnelEntry 26 } qtechIPSecTunSeqNum OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The sequence number of policy used by this IPSec tunnel." ::= { qtechIPSecTunnelEntry 27 } qtechIPSecTunStatus OBJECT-TYPE SYNTAX QtechIPSecTunnelState MAX-ACCESS read-write STATUS current DESCRIPTION "The status of the IPSec Tunnel." ::= { qtechIPSecTunnelEntry 28 } -- =============================================== -- Begin the table of qtechIPSecTunnelStatTable. -- =============================================== qtechIPSecTunnelStatTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechIPSecTunnelStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IPSec Phase-2 Tunnel Statistics Table. " ::= { qtechIPSecObjects 2 } qtechIPSecTunnelStatEntry OBJECT-TYPE SYNTAX QtechIPSecTunnelStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about qtechIPSecTunnelStatTable." INDEX { qtechIPSecTunRemoteAddr } ::= { qtechIPSecTunnelStatTable 1 } QtechIPSecTunnelStatEntry ::= SEQUENCE { qtechIPSecTunInOctets Counter64, qtechIPSecTunInDecompOctets Counter64, qtechIPSecTunInPkts Counter64, qtechIPSecTunInSpeed Counter64, qtechIPSecTunInDropPkts Counter64, qtechIPSecTunOutOctets Counter64, qtechIPSecTunOutUncompOctets Counter64, qtechIPSecTunOutPkts Counter64, qtechIPSecTunOutSpeed Counter64, qtechIPSecTunOutDropPkts Counter64 } qtechIPSecTunInOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of octets received by this IPSec Phase-2 Tunnel. This value is accumulated BEFORE determining whether or not the packet should be decompressed." ::= { qtechIPSecTunnelStatEntry 1 } qtechIPSecTunInDecompOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of decompressed octets received by this IPSec Phase-2 Tunnel. This value is accumulated AFTER the packet is decompressed." ::= { qtechIPSecTunnelStatEntry 2 } qtechIPSecTunInPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets received by this IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelStatEntry 3 } qtechIPSecTunInSpeed OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The Speed(bps) of packets received by this IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelStatEntry 4 } qtechIPSecTunInDropPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets dropped during receiving process by this IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelStatEntry 5 } qtechIPSecTunOutOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of octets sent by this IPSec Phase-2 Tunnel. This value is accumulated AFTER determining whether or not the packet should be compressed." ::= { qtechIPSecTunnelStatEntry 6 } qtechIPSecTunOutUncompOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of uncompressed octets sent by this IPSec Phase-2 Tunnel.This value is accumulated BEFORE the packet is compressed." ::= { qtechIPSecTunnelStatEntry 7 } qtechIPSecTunOutPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets sent by this IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelStatEntry 8 } qtechIPSecTunOutSpeed OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The Speed(bps) of packets sent by this IPSec Phase-2 Tunnel. " ::= { qtechIPSecTunnelStatEntry 9 } qtechIPSecTunOutDropPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets dropped during sending process by this IPSec Phase-2 Tunnel." ::= { qtechIPSecTunnelStatEntry 10 } -- =============================================== -- Begin the table of qtechIPSecSaTable. -- =============================================== qtechIPSecSaTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechIPSecSaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IPSec Phase-2 Security Protection Index Table. This table contains an entry for each active and expiring security association." ::= { qtechIPSecObjects 3 } qtechIPSecSaEntry OBJECT-TYPE SYNTAX QtechIPSecSaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about qtechIPSecSaTable." INDEX { qtechIPSecTunRemoteAddr } ::= { qtechIPSecSaTable 1 } QtechIPSecSaEntry ::= SEQUENCE { qtechIPSecSaIndex Integer32, qtechIPSecSaDirection INTEGER, qtechIPSecSaValue Unsigned32, qtechIPSecSaProtocol QtechSaProtocol, qtechIPSecSaEncryptAlgo QtechEncryptAlgo, qtechIPSecSaAuthAlgo QtechAuthAlgo, qtechIPSecSaStatus QtechIPSecTunnelState } qtechIPSecSaIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of the Sa associated with the Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each Sa associated with an IPSec Phase-2 Tunnel. The value of this object will wrap at 2,147,483,647." ::= { qtechIPSecSaEntry 1 } qtechIPSecSaDirection OBJECT-TYPE SYNTAX INTEGER { in(1), out(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The direction of the SA." ::= { qtechIPSecSaEntry 2 } qtechIPSecSaValue OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of the SPI." ::= { qtechIPSecSaEntry 3 } qtechIPSecSaProtocol OBJECT-TYPE SYNTAX QtechSaProtocol MAX-ACCESS read-only STATUS current DESCRIPTION "The security protocol of the SA." ::= { qtechIPSecSaEntry 4 } qtechIPSecSaEncryptAlgo OBJECT-TYPE SYNTAX QtechEncryptAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The encryption algorithm used by the security association of the IPSec Phase-2 Tunnel." ::= { qtechIPSecSaEntry 5 } qtechIPSecSaAuthAlgo OBJECT-TYPE SYNTAX QtechAuthAlgo MAX-ACCESS read-only STATUS current DESCRIPTION "The authentication algorithm used by the SA." ::= { qtechIPSecSaEntry 6 } qtechIPSecSaStatus OBJECT-TYPE SYNTAX QtechIPSecTunnelState MAX-ACCESS read-only STATUS current DESCRIPTION "The status of the SA." ::= { qtechIPSecSaEntry 7 } -- =============================================== -- Begin the table of qtechIPSecTrafficTable. -- =============================================== qtechIPSecTrafficTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechIPSecTrafficEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IPSec Phase-2 Tunnel Traffic Table. " ::= { qtechIPSecObjects 4 } qtechIPSecTrafficEntry OBJECT-TYPE SYNTAX QtechIPSecTrafficEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about qtechIPSecTrafficTable." INDEX { qtechIPSecTunRemoteAddr } ::= { qtechIPSecTrafficTable 1 } QtechIPSecTrafficEntry ::= SEQUENCE { qtechIPSecTrafficLocalType QtechTrafficType, qtechIPSecTrafficLocalAddr1 IpAddress, qtechIPSecTrafficLocalAddr2 IpAddress, qtechIPSecTrafficLocalProtocol QtechTunnelProtocol, qtechIPSecTrafficLocalPort Integer32, qtechIPSecTrafficLocalHostname DisplayString, qtechIPSecTrafficRemoteType QtechTrafficType, qtechIPSecTrafficRemoteAddr1 IpAddress, qtechIPSecTrafficRemoteAddr2 IpAddress, qtechIPSecTrafficRemoteProtocol QtechTunnelProtocol, qtechIPSecTrafficRemotePort Integer32, qtechIPSecTrafficRemoteHostname DisplayString } qtechIPSecTrafficLocalType OBJECT-TYPE SYNTAX QtechTrafficType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of local peer. Possible values are: a single IP address, or an IP address range, or an IP subnet." ::= { qtechIPSecTrafficEntry 1 } qtechIPSecTrafficLocalAddr1 OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The first specification of local peer's IP address. If the local peer type is single IP address, then this is the value of the IP address. If the local peer type is IP subnet, then this is the value of the subnet. If the local peer type is IP address range, then this is the value of beginning IP address of the range." ::= { qtechIPSecTrafficEntry 2 } qtechIPSecTrafficLocalAddr2 OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The second specification of local peer's IP address. If the local peer type is single IP address, then this is the value of the IP address. If the local peer type is IP subnet, then this is the value of the subnet mask. If the local peer type is IP address range, then this is the value of ending IP address of the range." ::= { qtechIPSecTrafficEntry 3 } qtechIPSecTrafficLocalProtocol OBJECT-TYPE SYNTAX QtechTunnelProtocol MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol number of the local peer's traffic." ::= { qtechIPSecTrafficEntry 4 } qtechIPSecTrafficLocalPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The port number of the local peer's traffic." ::= { qtechIPSecTrafficEntry 5 } qtechIPSecTrafficLocalHostname OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Hostname of local peer's IP address." ::= { qtechIPSecTrafficEntry 6 } qtechIPSecTrafficRemoteType OBJECT-TYPE SYNTAX QtechTrafficType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of remote peer. Possible values are: a single IP address, or an IP address range, or an IP subnet." ::= { qtechIPSecTrafficEntry 7 } qtechIPSecTrafficRemoteAddr1 OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The first specification of remote peer's IP address. If the remote peer type is single IP address, then this is the value of the IP address. If the remote peer type is IP subnet, then this is the value of the subnet. If the remote peer type is IP address range, then this is the value of beginning IP address of the range." ::= { qtechIPSecTrafficEntry 8 } qtechIPSecTrafficRemoteAddr2 OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Single IP address, then this is the value of the IP address. If the remote peer type is IP subnet, then this is the value of the subnet mask. If the remote peer type is IP address range, then this is the value of ending IP address of the range." ::= { qtechIPSecTrafficEntry 9 } qtechIPSecTrafficRemoteProtocol OBJECT-TYPE SYNTAX QtechTunnelProtocol MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol number of the remote peer's traffic." ::= { qtechIPSecTrafficEntry 10 } qtechIPSecTrafficRemotePort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The port number of the remote peer's traffic." ::= { qtechIPSecTrafficEntry 11 } qtechIPSecTrafficRemoteHostname OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Hostname of remote peer's IP address." ::= { qtechIPSecTrafficEntry 12 } -- =============================================== -- Begin the qtechIPSecGlobalStats. -- =============================================== qtechIPSecGlobalStats OBJECT IDENTIFIER ::= { qtechIPSecObjects 5 } qtechIPSecGlobalActiveTunnels OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of currently active IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 1 } qtechIPSecGlobalActiveSas OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of currently active or expiring IPSec Phase-2 SA." ::= { qtechIPSecGlobalStats 2 } qtechIPSecGlobalInOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of octets received by all current and previous IPSec Phase-2 Tunnels. This value is accumulated BEFORE determining whether or not the packet should be decompressed." ::= { qtechIPSecGlobalStats 3 } qtechIPSecGlobalInPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets received by all current and previous IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 4 } qtechIPSecGlobalInSpeed OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total speed(bps) of packets received by all current and previous IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 5 } qtechIPSecGlobalInDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets dropped during receiving process by all current and previous IPSec Phase-2 Tunnels. " ::= { qtechIPSecGlobalStats 6 } qtechIPSecGlobalOutOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of octets sent by all current and previous IPSec Phase-2 Tunnels. This value is accumulated AFTER determining whether or not the packet should be compressed." ::= { qtechIPSecGlobalStats 7 } qtechIPSecGlobalOutPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets sent by all current and previous IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 8 } qtechIPSecGlobalOutSpeed OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total speed(bps) of packets sent by all current and previous IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 9 } qtechIPSecGlobalOutDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of packets dropped during sending process by all current and previous IPSec Phase-2 Tunnels." ::= { qtechIPSecGlobalStats 10 } -- =============================================== -- Begin the qtechIPSecTrapObject. -- =============================================== qtechIPSecTrapObject OBJECT IDENTIFIER ::= { qtechIPSecObjects 6 } qtechIPSecMapName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The IPSec map name with a trap." ::= { qtechIPSecTrapObject 1 } qtechIPSecSeqNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The IPSec map sequence number with a trap." ::= { qtechIPSecTrapObject 2 } qtechIPSecSpiValue OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The SPI value associated with a trap." ::= { qtechIPSecTrapObject 3 } -- =============================================== -- definition of traps. -- =============================================== qtechIPSecTrap OBJECT IDENTIFIER ::= { qtechIPSecObjects 7 } qtechIPSecNotifications OBJECT IDENTIFIER ::= { qtechIPSecTrap 1 } qtechIPSecTunnelStart NOTIFICATION-TYPE OBJECTS { qtechIPSecTunLocalAddr, qtechIPSecTunRemoteAddr, qtechIPSecTunLocalHostname, qtechIPSecTunRemoteHostname, qtechIPSecTunLifeTime, qtechIPSecTunLifeSize } STATUS current DESCRIPTION "This notification is generated when an IPSec Phase-2 Tunnel is created." ::= { qtechIPSecNotifications 1 } qtechIPSecTunnelStop NOTIFICATION-TYPE OBJECTS { qtechIPSecTunLocalAddr, qtechIPSecTunRemoteAddr, qtechIPSecTunLocalHostname, qtechIPSecTunRemoteHostname, qtechIPSecTunActiveTime } STATUS current DESCRIPTION "This notification is generated when an IPSec Phase-2 Tunnel is deleted." ::= { qtechIPSecNotifications 2 } -- =============================================== -- Conformance Information -- =============================================== qtechIPSecConformance OBJECT IDENTIFIER ::= { qtechIPSecMonitor 2 } qtechIPSecCompliances OBJECT IDENTIFIER ::= { qtechIPSecConformance 1 } qtechIPSecGroups OBJECT IDENTIFIER ::= { qtechIPSecConformance 2 } -- =============================================== -- Compliance Statements -- =============================================== qtechIPSecCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION " " MODULE -- this module MANDATORY-GROUPS { qtechIPSecTunnelTableGroup, qtechIPSecTunnelStatGroup, qtechIPSecSaGroup, qtechIPSecTrafficTableGroup, qtechIPSecGlobalStatsGroup, qtechIPSecTrapObjectGroup, qtechIPSecTrapGroup } ::= { qtechIPSecCompliances 1 } qtechIPSecTunnelTableGroup OBJECT-GROUP OBJECTS { qtechIPSecTunIKETunnelIndex, qtechIPSecTunLocalAddr, qtechIPSecTunRemoteAddr, qtechIPSecTunLocalHostname, qtechIPSecTunRemoteHostname, qtechIPSecTunKeyType, qtechIPSecTunEncapMode, qtechIPSecTunInitiator, qtechIPSecTunLifeSize, qtechIPSecTunLifeTime, qtechIPSecTunRemainTime, qtechIPSecTunActiveTime, qtechIPSecTunRemainSize, qtechIPSecTunTotalRefreshes, qtechIPSecTunCurrentSaInstances, qtechIPSecTunInSaEncryptAlgo, qtechIPSecTunInSaAhAuthAlgo, qtechIPSecTunInSaEspAuthAlgo, qtechIPSecTunDiffHellmanGrp, qtechIPSecTunOutSaEncryptAlgo, qtechIPSecTunOutSaAhAuthAlgo, qtechIPSecTunOutSaEspAuthAlgo, --qtechIPSecTunPolicyName, --qtechIPSecTunPolicyNum, qtechIPSecTunStatus } STATUS current DESCRIPTION "The group contains the IPSec tunnel's property information." ::= { qtechIPSecGroups 1 } qtechIPSecTunnelStatGroup OBJECT-GROUP OBJECTS { qtechIPSecTunInOctets, qtechIPSecTunInDecompOctets, qtechIPSecTunInPkts, qtechIPSecTunInSpeed, qtechIPSecTunInDropPkts, qtechIPSecTunOutOctets, qtechIPSecTunOutUncompOctets, qtechIPSecTunOutPkts, qtechIPSecTunOutSpeed, qtechIPSecTunOutDropPkts } STATUS current DESCRIPTION "The group contains the IPSec tunnel's statistic information." ::= { qtechIPSecGroups 2 } qtechIPSecSaGroup OBJECT-GROUP OBJECTS { qtechIPSecSaDirection, qtechIPSecSaValue, qtechIPSecSaProtocol, qtechIPSecSaEncryptAlgo, qtechIPSecSaAuthAlgo, qtechIPSecSaStatus } STATUS current DESCRIPTION "The group contains the SA's property information." ::= { qtechIPSecGroups 3 } qtechIPSecTrafficTableGroup OBJECT-GROUP OBJECTS { qtechIPSecTrafficLocalType, qtechIPSecTrafficLocalAddr1, qtechIPSecTrafficLocalAddr2, qtechIPSecTrafficLocalProtocol, qtechIPSecTrafficLocalPort, qtechIPSecTrafficLocalHostname, qtechIPSecTrafficRemoteType, qtechIPSecTrafficRemoteAddr1, qtechIPSecTrafficRemoteAddr2, qtechIPSecTrafficRemoteProtocol, qtechIPSecTrafficRemotePort, qtechIPSecTrafficRemoteHostname } STATUS current DESCRIPTION "The group contains the property information of the data flow protected by IPSec tunnel." ::= { qtechIPSecGroups 4 } qtechIPSecGlobalStatsGroup OBJECT-GROUP OBJECTS { qtechIPSecGlobalActiveTunnels, qtechIPSecGlobalActiveSas, qtechIPSecGlobalInOctets, qtechIPSecGlobalInPkts, qtechIPSecGlobalInDrops, qtechIPSecGlobalInSpeed, qtechIPSecGlobalOutOctets, qtechIPSecGlobalOutPkts, qtechIPSecGlobalOutDrops, qtechIPSecGlobalOutSpeed } STATUS current DESCRIPTION "The group contains all of the IPSec tunnel's statistic information." ::= { qtechIPSecGroups 5 } qtechIPSecTrapObjectGroup OBJECT-GROUP OBJECTS { qtechIPSecMapName, qtechIPSecSeqNum, qtechIPSecSpiValue } STATUS current DESCRIPTION "The group contains all of trap objects of IPSec tunnels." ::= { qtechIPSecGroups 6 } qtechIPSecTrapGroup NOTIFICATION-GROUP NOTIFICATIONS { qtechIPSecTunnelStart, qtechIPSecTunnelStop } STATUS current DESCRIPTION "The group contains all of trap of IPSec tunnels." ::= { qtechIPSecGroups 7 } END