WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/maipu/MAIPU-SECURITY-IPSEC-MIB

2950 lines
74 KiB
Plaintext
Raw Permalink Blame History

-- *****************************************************************
-- mpIPsec.mib: Maipu enterprise device IPsec MIB file
--
-- version 1.0.0.1, Sep 28, 2004 liuyu
--
-- Copyright (c) by Maipu Communication Inc.
-- All rights reserved.
--
-- *****************************************************************
MAIPU-SECURITY-IPSEC-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32,
IpAddress, Unsigned32 FROM SNMPv2-SMI
RowStatus FROM SNMPv2-TC
mpSecurity FROM MAIPU-SMI;
mpSecurityRouter MODULE-IDENTITY
LAST-UPDATED "200501120932Z" -- Wednesday Jan 12 09:32:35 PDT 2005
ORGANIZATION "Maipu Communication"
CONTACT-INFO
" liu Yu
Postal: Maipu Inc
Tel: (028)85148048
E-Mail: office@maipu.com "
DESCRIPTION
"The MIB module describes the IPSec protocol for Maipu Security Router. "
::= { mpSecurity 3 }
-- *****************************************************************
ipsecModule OBJECT IDENTIFIER ::= { mpSecurityRouter 1 }
ipsecConfigGroup OBJECT IDENTIFIER ::= { ipsecModule 1 }
ipsecDebugGroup OBJECT IDENTIFIER ::= { ipsecModule 2 }
ipsecMonitorGroup OBJECT IDENTIFIER ::= { ipsecModule 3 }
-- *****************************************************************
-- *****************************************************************
-- IKETunnel Table
ikeTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF IKETunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the crypto tunnels using IKE negotiation, which is configured by the operator."
::={ ipsecConfigGroup 1 }
ikeTunnelEntry OBJECT-TYPE
SYNTAX IKETunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one crypto tunnel."
INDEX { ikeTunnelName }
::= { ikeTunnelTable 1 }
IKETunnelEntry ::=
SEQUENCE {
ikeTunnelName OCTET STRING,
ikeTunnelPeerAddr IpAddress,
ikeTunnelPeerName OCTET STRING,
ikeTunnelLocalAddr IpAddress,
ikeTunnelLocalIfName OCTET STRING,
ikeTunnelPeerIdType INTEGER,
ikeTunnelPeerID OCTET STRING,
ikeTunnelLocalID OCTET STRING,
ikeTunnelShareLimit INTEGER,
ikeTunnelSecDomain OCTET STRING,
ikeTunnelPhaseOneMode INTEGER,
ikeTunnelNATActiveTime INTEGER,
ikeTunnelAuthMeans INTEGER,
ikeTunnelDPDPeriod INTEGER,
ikeTunnelDPDRetry INTEGER,
ikeTunnelDPDAction INTEGER,
ikeTunnelSecLevel INTEGER,
ikeTunnelIKEProp1 OCTET STRING,
ikeTunnelIKEProp2 OCTET STRING,
ikeTunnelIKEProp3 OCTET STRING,
ikeTunnelIKEProp4 OCTET STRING,
ikeTunnelIPsecProp1 OCTET STRING,
ikeTunnelIPsecProp2 OCTET STRING,
ikeTunnelIPsecProp3 OCTET STRING,
ikeTunnelIPsecProp4 OCTET STRING,
ikeTunnelIdleTime INTEGER,
ikeTunnelAutoUp INTEGER,
ikeTunnelType INTEGER,
ikeTunnelDHCPoIPsec INTEGER,
ikeTunnelParentName OCTET STRING,
ikeTunnelSetNMS INTEGER,
ikeTunnelAdmin INTEGER,
ikeTunnelStatus RowStatus
}
ikeTunnelName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one crypto tunnel."
::= { ikeTunnelEntry 1 }
ikeTunnelPeerAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IP address of the peer used by a crypto tunnel."
::= { ikeTunnelEntry 2 }
ikeTunnelPeerName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the hostname of the peer used by a crypto tunnel."
::= { ikeTunnelEntry 3 }
ikeTunnelLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the local IP address used by a crypto tunnel."
::= { ikeTunnelEntry 4 }
ikeTunnelLocalIfName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the local interface name used by a crypto tunnel."
::= { ikeTunnelEntry 5 }
ikeTunnelPeerIdType OBJECT-TYPE
SYNTAX INTEGER{
id_ALIAS(1),
id_GROUP(2),
id_OTHER(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the peer's id used by a crypto tunnel."
::= { ikeTunnelEntry 6 }
ikeTunnelPeerID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the peer's id used by a crypto tunnel."
::= { ikeTunnelEntry 7 }
ikeTunnelLocalID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the local id used by a crypto tunnel."
::= { ikeTunnelEntry 8 }
ikeTunnelShareLimit OBJECT-TYPE
SYNTAX INTEGER(0..100000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the maximum number of the connections sharing this crypto tunnel."
::= { ikeTunnelEntry 9 }
ikeTunnelSecDomain OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the virtual security domain used by a crypto tunnel."
::= { ikeTunnelEntry 10 }
ikeTunnelPhaseOneMode OBJECT-TYPE
SYNTAX INTEGER {
mainMode(1),
aggressiveMode(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the exchange mode used in IKE phase one negotiation."
DEFVAL { mainMode }
::= { ikeTunnelEntry 11 }
ikeTunnelNATActiveTime OBJECT-TYPE
SYNTAX INTEGER(10..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the period for keeping alive when carrying ong NAT traversal."
::= { ikeTunnelEntry 12 }
ikeTunnelAuthMeans OBJECT-TYPE
SYNTAX INTEGER {
preSharedKey(1),
rsaSignature(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the authentication mode used in IKE phase one negotiation."
DEFVAL { preSharedKey }
::= { ikeTunnelEntry 13 }
ikeTunnelDPDPeriod OBJECT-TYPE
SYNTAX INTEGER(10..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the period for sending DPD message."
::= { ikeTunnelEntry 14 }
ikeTunnelDPDRetry OBJECT-TYPE
SYNTAX INTEGER(2..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the times for trying to detect if the peer is alive using the DPD message."
::= { ikeTunnelEntry 15 }
ikeTunnelDPDAction OBJECT-TYPE
SYNTAX INTEGER {
hold(1),
clear(2),
none(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the action will be executed when finding peer is dead using the DPD message.
Note: none means no DPD."
DEFVAL { hold }
::= { ikeTunnelEntry 16 }
ikeTunnelSecLevel OBJECT-TYPE
SYNTAX INTEGER {
basic(1),
standard(2),
high(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the security level used by this tunnel in negotiation."
DEFVAL { standard }
::= { ikeTunnelEntry 17 }
ikeTunnelIKEProp1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IKE proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 18 }
ikeTunnelIKEProp2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IKE proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 19 }
ikeTunnelIKEProp3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IKE proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 20 }
ikeTunnelIKEProp4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IKE proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 21 }
ikeTunnelIPsecProp1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 22 }
ikeTunnelIPsecProp2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 23 }
ikeTunnelIPsecProp3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 24 }
ikeTunnelIPsecProp4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by the tunnel in negotiation."
::= { ikeTunnelEntry 25 }
ikeTunnelIdleTime OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the idle time of the IPsec SAs constructed by the tunnel."
::= { ikeTunnelEntry 26 }
ikeTunnelAutoUp OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines whether IPsec SAs should have beening constructed by the tunnel right now or not."
DEFVAL { disable }
::= { ikeTunnelEntry 27 }
ikeTunnelType OBJECT-TYPE
SYNTAX INTEGER {
permanent(1),
template(2),
instance(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the type of the tunnel."
::= { ikeTunnelEntry 28 }
ikeTunnelDHCPoIPsec OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines whether the tunnel can support the function DHCP over IPsec or not."
::= { ikeTunnelEntry 29 }
ikeTunnelParentName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the parent tunnel name of instance tunnel."
::= { ikeTunnelEntry 30 }
ikeTunnelSetNMS OBJECT-TYPE
SYNTAX INTEGER{
true(1),
false(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the init-server property."
::= { ikeTunnelEntry 31 }
ikeTunnelAdmin OBJECT-TYPE
SYNTAX INTEGER{
true(1),
false(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the administrative property."
::= { ikeTunnelEntry 32 }
ikeTunnelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { ikeTunnelEntry 33 }
-- *****************************************************************
-- *****************************************************************
-- Manual Tunnel Table
manTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF ManTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the manual crypto tunnels configured by the operator."
::={ ipsecConfigGroup 2 }
manTunnelEntry OBJECT-TYPE
SYNTAX ManTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one manual crypto tunnel."
INDEX { manTunnelName }
::= { manTunnelTable 1 }
ManTunnelEntry ::=
SEQUENCE {
manTunnelName OCTET STRING,
manTunnelPeerAddr IpAddress,
manTunnelInAHSPI INTEGER,
manTunnelInAHKey OCTET STRING,
manTunnelInESPSPI INTEGER,
manTunnelInESPAuthKey OCTET STRING,
manTunnelInESPCiperKey OCTET STRING,
manTunnelOutAHSPI INTEGER,
manTunnelOutAHKey OCTET STRING,
manTunnelOutESPSPI INTEGER,
manTunnelOutESPAuthKey OCTET STRING,
manTunnelOutESPCiperKey OCTET STRING,
manTunnelInCPI INTEGER,
manTunnelOutCPI INTEGER,
manTunnelIPsecProp OCTET STRING,
manTunnelLocalIfName OCTET STRING,
manTunnelStatus RowStatus
}
manTunnelName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one manual crypto tunnel."
::= { manTunnelEntry 1 }
manTunnelPeerAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IP address of the peer used by a crypto tunnel. "
::= { manTunnelEntry 2 }
manTunnelInAHSPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the SPI of the inbound SA on protocol AH.
Note: 255 means no AH."
::= { manTunnelEntry 3 }
manTunnelInAHKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the inbound SA on protocol AH. "
::= { manTunnelEntry 4 }
manTunnelInESPSPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the SPI of the inbound SA on protocol ESP.
Note: 255 means no ESP."
::= { manTunnelEntry 5 }
manTunnelInESPAuthKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the inbound SA about authentication algorithm on protocol ESP. "
::= { manTunnelEntry 6 }
manTunnelInESPCiperKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the inbound SA about encryption algorithm on protocol ESP. "
::= { manTunnelEntry 7 }
manTunnelOutAHSPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the SPI of the outbound SA on protocol AH.
Note: 255 means no AH."
::= { manTunnelEntry 8 }
manTunnelOutAHKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the outbound SA on protocol AH. "
::= { manTunnelEntry 9 }
manTunnelOutESPSPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the SPI of the outbound SA on protocol ESP.
Note: 255 means no ESP."
::= { manTunnelEntry 10 }
manTunnelOutESPAuthKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the outbound SA about authentication algorithm on protocol ESP. "
::= { manTunnelEntry 11 }
manTunnelOutESPCiperKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16..254))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the key used by the outbound SA about encryption algorithm on protocol ESP. "
::= { manTunnelEntry 12 }
manTunnelInCPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the CPI of the inbound SA on protocol IPComp.
Note: 255 means no IPComp."
::= { manTunnelEntry 13 }
manTunnelOutCPI OBJECT-TYPE
SYNTAX INTEGER(255..511)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the CPI of the outbound SA on protocol IPComp.
Note: 255 means no IPComp."
::= { manTunnelEntry 14 }
manTunnelIPsecProp OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by the tunnel for constructing IPsec SAs."
::= { manTunnelEntry 15 }
manTunnelLocalIfName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the local interface name used by a crypto tunnel."
::= { manTunnelEntry 16 }
manTunnelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { manTunnelEntry 17 }
-- *****************************************************************
-- *****************************************************************
-- IKE Proposal Table
ikePropTable OBJECT-TYPE
SYNTAX SEQUENCE OF IKEPropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the IKE proposals configured by the operator."
::={ ipsecConfigGroup 3 }
ikePropEntry OBJECT-TYPE
SYNTAX IKEPropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one IKE proposal."
INDEX { ikePropName }
::= { ikePropTable 1 }
IKEPropEntry ::=
SEQUENCE {
ikePropName OCTET STRING,
ikePropEncyptoAlg INTEGER,
ikePropAuthAlg INTEGER,
ikePropDHGroup INTEGER,
ikePropLifetime INTEGER,
ikePropStatus RowStatus
}
ikePropName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IKE proposal. "
::= { ikePropEntry 1 }
ikePropEncyptoAlg OBJECT-TYPE
SYNTAX INTEGER {
trides(1),
des(2),
aes128(3),
aes192(4),
aes256(5),
blowfish(6),
cast(7)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the encryption algorithm for one IKE proposal. "
DEFVAL { des }
::= { ikePropEntry 2 }
ikePropAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
md5(1),
sha1(2),
sha256(3),
sha512(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the authentication algorithm for one IKE proposal. "
DEFVAL { sha1 }
::= { ikePropEntry 3 }
ikePropDHGroup OBJECT-TYPE
SYNTAX INTEGER {
group1(1),
group2(2),
group5(3),
group14(4),
group15(5),
group16(6),
group17(7),
group18(8)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the DH groupware for one IKE proposal. "
DEFVAL { group1 }
::= { ikePropEntry 4 }
ikePropLifetime OBJECT-TYPE
SYNTAX INTEGER(180..31536000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the lifetime for one IKE proposal. "
DEFVAL { 86400}
::= { ikePropEntry 5 }
ikePropStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { ikePropEntry 6 }
-- *****************************************************************
-- *****************************************************************
-- IPsec Proposal Table
ipsecPropTable OBJECT-TYPE
SYNTAX SEQUENCE OF IPsecPropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the IPsec proposals configured by the operator."
::={ ipsecConfigGroup 4 }
ipsecPropEntry OBJECT-TYPE
SYNTAX IPsecPropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one IPsec proposal."
INDEX { ipsecPropName }
::= { ipsecPropTable 1 }
IPsecPropEntry ::=
SEQUENCE {
ipsecPropName OCTET STRING,
ipsecPropEncyptoAlg INTEGER,
ipsecPropESPAuthAlg INTEGER,
ipsecPropAHAuthAlg INTEGER,
ipsecPropCompAlg INTEGER,
ipsecPropEncapMode INTEGER,
ipsecPropDHGroup INTEGER,
ipsecPropLifeSeconds INTEGER,
ipsecPropLifeKBytes INTEGER,
ipsecPropStatus RowStatus
}
ipsecPropName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec proposal. "
::= { ipsecPropEntry 1 }
ipsecPropEncyptoAlg OBJECT-TYPE
SYNTAX INTEGER {
trides(1),
des(2),
aes128(3),
aes192(4),
aes256(5),
blowfish(6),
cast(7),
serpent(8),
twofish(9),
ssp02(10),
null(11),
none(12)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the encryption algorithm for one IPsec proposal. "
DEFVAL { des }
::= { ipsecPropEntry 2 }
ipsecPropESPAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
md5(1),
sha1(2),
sha256(3),
sha512(4),
rmd160(5),
aesmac(6),
none(7)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the encryption algorithm for one IPsec proposal. "
DEFVAL { md5 }
::= { ipsecPropEntry 3 }
ipsecPropAHAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
md5(1),
sha1(2),
sha256(3),
sha512(4),
none(5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the authentication algorithm for one IPsec proposal. "
DEFVAL { none }
::= { ipsecPropEntry 4 }
ipsecPropCompAlg OBJECT-TYPE
SYNTAX INTEGER {
lzs(1),
deflate(2),
none(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the compression algorithm for one IPsec proposal. "
DEFVAL { none }
::= { ipsecPropEntry 5 }
ipsecPropEncapMode OBJECT-TYPE
SYNTAX INTEGER {
tunnel(1),
transport(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the encapsulation mode for one IPsec proposal. "
DEFVAL { tunnel }
::= { ipsecPropEntry 6 }
ipsecPropDHGroup OBJECT-TYPE
SYNTAX INTEGER {
group1(1),
group2(2),
group5(3),
group14(4),
group15(5),
group16(6),
group17(7),
group18(8),
none(9)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the DH groupware for one IPsec proposal. "
DEFVAL { group1 }
::= { ipsecPropEntry 7 }
ipsecPropLifeSeconds OBJECT-TYPE
SYNTAX INTEGER(180..31536000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the lifetime for one IPsec proposal. "
::= { ipsecPropEntry 8 }
ipsecPropLifeKBytes OBJECT-TYPE
SYNTAX INTEGER(204800..2147483647)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the lifetime for one IPsec proposal. "
::= { ipsecPropEntry 9 }
ipsecPropStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { ipsecPropEntry 10 }
-- *****************************************************************
-- *****************************************************************
-- Security Level Table
secLevelTable OBJECT-TYPE
SYNTAX SEQUENCE OF SecLevelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the security level suits which can be customed by the operator."
::={ ipsecConfigGroup 5 }
secLevelEntry OBJECT-TYPE
SYNTAX SecLevelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one security level suit. "
INDEX { secLevelID }
::= { secLevelTable 1 }
SecLevelEntry ::=
SEQUENCE {
secLevelID INTEGER,
secLevelIKEProp1 OCTET STRING,
secLevelIKEProp2 OCTET STRING,
secLevelIKEProp3 OCTET STRING,
secLevelIKEProp4 OCTET STRING,
secLevelIPsecProp1 OCTET STRING,
secLevelIPsecProp2 OCTET STRING,
secLevelIPsecProp3 OCTET STRING,
secLevelIpsecProp4 OCTET STRING,
secLevelStatus RowStatus
}
secLevelID OBJECT-TYPE
SYNTAX INTEGER {
basic(1),
standard(2),
high(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the index of one security level suit. "
::= { secLevelEntry 1 }
secLevelIKEProp1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IKE proposal in this security level suit. "
::= { secLevelEntry 2 }
secLevelIKEProp2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IKE proposal in this security level suit. "
::= { secLevelEntry 3 }
secLevelIKEProp3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IKE proposal in this security level suit. "
::= { secLevelEntry 4 }
secLevelIKEProp4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IKE proposal in this security level suit. "
::= { secLevelEntry 5 }
secLevelIPsecProp1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec proposal in this security level suit. "
::= { secLevelEntry 6 }
secLevelIPsecProp2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec proposal in this security level suit. "
::= { secLevelEntry 7 }
secLevelIPsecProp3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec proposal in this security level suit. "
::= { secLevelEntry 8 }
secLevelIPsecProp4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec proposal in this security level suit. "
::= { secLevelEntry 9 }
secLevelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { secLevelEntry 10 }
-- *****************************************************************
-- *****************************************************************
-- PreShared Key Table
preshKeyTable OBJECT-TYPE
SYNTAX SEQUENCE OF PreShKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the preshared keys configured by the operator."
::={ ipsecConfigGroup 6 }
preshKeyEntry OBJECT-TYPE
SYNTAX PreShKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one preshared key. "
INDEX { preshKeyID, preshKeyAny }
::= { preshKeyTable 1 }
PreShKeyEntry ::=
SEQUENCE {
preshKeyID OCTET STRING,
preshKeyAny INTEGER,
preshKeyData OCTET STRING,
preshKeySeed INTEGER,
preshKeyStatus RowStatus
}
preshKeyID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the identity of one preshared key. "
::= { preshKeyEntry 1 }
preshKeyAny OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines if the key is for any peer or not. "
DEFVAL { no }
::= { preshKeyEntry 2 }
preshKeyData OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the data of one preshared key. "
::= { preshKeyEntry 3 }
preshKeySeed OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines if the key is seed one or not. "
DEFVAL { no }
::= { preshKeyEntry 4 }
preshKeyStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { preshKeyEntry 5 }
-- *****************************************************************
-- *****************************************************************
-- IPsec Policy (Data Flow and Action) Table
ipsecPolTable OBJECT-TYPE
SYNTAX SEQUENCE OF IPsecPolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the IPsec policies configured by the operator."
::={ ipsecConfigGroup 7 }
ipsecPolEntry OBJECT-TYPE
SYNTAX IPsecPolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one IPsec policy. "
INDEX { ipsecPolName }
::= { ipsecPolTable 1 }
IPsecPolEntry ::=
SEQUENCE {
ipsecPolName OCTET STRING,
ipsecPolSrcAddr OCTET STRING,
ipsecPolSrcMask OCTET STRING,
ipsecPolDstAddr OCTET STRING,
ipsecPolDstMask OCTET STRING,
ipsecPolProto INTEGER,
ipsecPolSrcPortType INTEGER,
ipsecPolSrcPort1 INTEGER,
ipsecPolSrcPort2 INTEGER,
ipsecPolDstPortType INTEGER,
ipsecPolDstPort1 INTEGER,
ipsecPolDstPort2 INTEGER,
ipsecPolAction INTEGER,
ipsecPolTunnel1 OCTET STRING,
ipsecPolTunnel2 OCTET STRING,
ipsecPolTunnel3 OCTET STRING,
ipsecPolTunnel4 OCTET STRING,
ipsecPolLoadBalance INTEGER,
ipsecPolBypass INTEGER,
ipsecPolIPsecProp1 OCTET STRING,
ipsecPolIPsecProp2 OCTET STRING,
ipsecPolIPsecProp3 OCTET STRING,
ipsecPolIPsecProp4 OCTET STRING,
ipsecPolType INTEGER,
ipsecPolParentName OCTET STRING,
ipsecPolTimeRange OCTET STRING,
ipsecPolStatus RowStatus,
ipsecPolRTReverse INTEGER
}
ipsecPolName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of one IPsec policy. "
::= { ipsecPolEntry 1 }
ipsecPolSrcAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the source address for the IPsec policy. "
::= { ipsecPolEntry 2 }
ipsecPolSrcMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the source address mask for the IPsec policy. "
::= { ipsecPolEntry 3 }
ipsecPolDstAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the destination address for the IPsec policy. "
::= { ipsecPolEntry 4 }
ipsecPolDstMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the destination address mask for the IPsec policy. "
::= { ipsecPolEntry 5 }
ipsecPolProto OBJECT-TYPE
SYNTAX INTEGER {
ip(1),
tcp(2),
udp(3),
icmp(4),
igmp(5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the protocol of the data flow for the IPsec policy. "
DEFVAL { ip }
::= { ipsecPolEntry 6 }
ipsecPolSrcPortType OBJECT-TYPE
SYNTAX INTEGER {
single(1),
range(2),
any(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the type of source port number of the flow for one IPsec policy, which
determined whether the following two source ports is meaningful or not. "
::= { ipsecPolEntry 7 }
ipsecPolSrcPort1 OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the source port number of the flow for one IPsec policy.
If the prot range is specified, it is the first port for starting. "
::= { ipsecPolEntry 8 }
ipsecPolSrcPort2 OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the source port number of the flow for one IPsec policy.
If the prot range is specified, it is the last port for ending. "
::= { ipsecPolEntry 9 }
ipsecPolDstPortType OBJECT-TYPE
SYNTAX INTEGER {
single(1),
range(2),
any(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the type of destination port number of the flow for one IPsec policy, which
determined whether the following two destination ports is meaningful or not. "
::= { ipsecPolEntry 10 }
ipsecPolDstPort1 OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the destination port number of the flow for one IPsec policy.
If the prot range is specified, it is the first port for starting. "
::= { ipsecPolEntry 11 }
ipsecPolDstPort2 OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the destination port number of the flow for one IPsec policy.
If the prot range is specified, it is the last port for ending. "
::= { ipsecPolEntry 12 }
ipsecPolAction OBJECT-TYPE
SYNTAX INTEGER {
permit(1),
deny(2),
tunnel(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines what action will be executed for this IPsec policy. "
DEFVAL { tunnel }
::= { ipsecPolEntry 13 }
ipsecPolTunnel1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec tunnel for this policy. "
::= { ipsecPolEntry 14 }
ipsecPolTunnel2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec tunnel for this policy. "
::= { ipsecPolEntry 15 }
ipsecPolTunnel3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec tunnel for this policy. "
::= { ipsecPolEntry 16 }
ipsecPolTunnel4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec tunnel for this policy. "
::= { ipsecPolEntry 17 }
ipsecPolLoadBalance OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines whether the IPsec tunnels is for payload balance on this policy. "
DEFVAL { no }
::= { ipsecPolEntry 18 }
ipsecPolBypass OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines whether the packets could be bypass when the ipsec sa for it is not existed. "
DEFVAL { no }
::= { ipsecPolEntry 19 }
ipsecPolIPsecProp1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by this policy. "
::= { ipsecPolEntry 20 }
ipsecPolIPsecProp2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by this policy. "
::= { ipsecPolEntry 21 }
ipsecPolIPsecProp3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by this policy. "
::= { ipsecPolEntry 22 }
ipsecPolIPsecProp4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the IPsec proposal used by this policy. "
::= { ipsecPolEntry 23 }
ipsecPolType OBJECT-TYPE
SYNTAX INTEGER {
original(1),
subpolicy(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the type of this policy. Note: subpolicy means this policy is generated during IKE negotiation."
::= { ipsecPolEntry 24 }
ipsecPolParentName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the parent policy name of sub-policy. "
::= { ipsecPolEntry 25 }
ipsecPolTimeRange OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the time range of the policy. "
::= { ipsecPolEntry 26 }
ipsecPolStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { ipsecPolEntry 27 }
ipsecPolRTReverse OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines whether set the reverse route while sa is established . "
DEFVAL { no }
::= { ipsecPolEntry 28 }
-- *****************************************************************
-- *****************************************************************
-- IKE ID alias
idAliasTable OBJECT-TYPE
SYNTAX SEQUENCE OF IdAliasEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the ID alias configured by the operator."
::={ ipsecConfigGroup 8 }
idAliasEntry OBJECT-TYPE
SYNTAX IdAliasEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with one ID alias. "
INDEX { idAliasName }
::= { idAliasTable 1 }
IdAliasEntry ::=
SEQUENCE {
idAliasName OCTET STRING,
idAliasId OCTET STRING,
idRsetPoolName OCTET STRING,
idRsetAddr OCTET STRING,
idRsetMask OCTET STRING,
idRsetFirstWinsAddr OCTET STRING,
idRsetSecondWinsAddr OCTET STRING,
idRsetFirstDnsAddr OCTET STRING,
idRsetSecondDnsAddr OCTET STRING,
idAuthListName OCTET STRING,
idAuthUserName OCTET STRING,
idAuthUserGroupName OCTET STRING,
idAuthorListName OCTET STRING,
idAliasDisable INTEGER,
idAliasRef INTEGER,
idAliasTimeRange OCTET STRING,
idAliasStatus RowStatus,
idAliasVrcCfgVer INTEGER,
idAliasVrcOption INTEGER
}
idAliasName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the ID alias. "
::= { idAliasEntry 1 }
idAliasId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the id of the ID alias. "
::= { idAliasEntry 2 }
idRsetPoolName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the pool name in remote settings. "
::= { idAliasEntry 3 }
idRsetAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the ip address in remote settings. "
::= { idAliasEntry 4 }
idRsetMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the ip address mask in remote settings. "
::= { idAliasEntry 5 }
idRsetFirstWinsAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the first wins address in remote settings. "
::= { idAliasEntry 6 }
idRsetSecondWinsAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the second wins address in remote settings. "
::= { idAliasEntry 7 }
idRsetFirstDnsAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the first dns address in remote settings. "
::= { idAliasEntry 8 }
idRsetSecondDnsAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the second dns address in remote settings. "
::= { idAliasEntry 9 }
idAuthListName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the authentication list name in remote settings. "
::= { idAliasEntry 10 }
idAuthUserName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the user name of authentication in remote settings. "
::= { idAliasEntry 11 }
idAuthUserGroupName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the user group name of authentication in remote settings. "
::= { idAliasEntry 12 }
idAuthorListName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the authorization list name in remote settings. "
::= { idAliasEntry 13 }
idAliasDisable OBJECT-TYPE
SYNTAX INTEGER {
true(1),
false(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the disable flag of ID alias. "
::= { idAliasEntry 14 }
idAliasRef OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the reference number of ID alias. "
::= { idAliasEntry 15 }
idAliasTimeRange OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the time range of alias. "
::= { idAliasEntry 16 }
idAliasStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { idAliasEntry 17 }
idAliasVrcCfgVer OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the version of the config_file of vrc."
::= { idAliasEntry 18 }
idAliasVrcOption OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the binding information of vrc."
::= { idAliasEntry 19 }
-- *****************************************************************
-- *****************************************************************
-- Excluded id table
excludedIdTable OBJECT-TYPE
SYNTAX SEQUENCE OF ExcludedIdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the excluded ID in ID alias."
::={ ipsecConfigGroup 9 }
excludedIdEntry OBJECT-TYPE
SYNTAX ExcludedIdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with excluded ID. "
INDEX { idAliasName, excludedId }
::= { excludedIdTable 1 }
ExcludedIdEntry ::=
SEQUENCE {
idAliasName OCTET STRING,
excludedId OCTET STRING,
excludedIdStatus RowStatus
}
idAliasName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the ID alias. "
::= { excludedIdEntry 1 }
excludedId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the excluded ID. "
::= { excludedIdEntry 2 }
excludedIdStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { excludedIdEntry 3 }
-- *****************************************************************
-- *****************************************************************
-- ID group table
idGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF IdGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the ID group."
::={ ipsecConfigGroup 10 }
idGroupEntry OBJECT-TYPE
SYNTAX AliasInGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with ID group. "
INDEX { idGroupName }
::= { idGroupTable 1 }
IdGroupEntry ::=
SEQUENCE {
idGroupName OCTET STRING,
idGroupRef INTEGER,
idGroupStatus RowStatus
}
idGroupName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the ID group. "
::= { idGroupEntry 1 }
idGroupRef OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the referenced number. "
::= { idGroupEntry 2 }
idGroupStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { idGroupEntry 3 }
-- *****************************************************************
-- alias in group table
aliasInGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF AliasInGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the ID group."
::={ ipsecConfigGroup 11 }
aliasInGroupEntry OBJECT-TYPE
SYNTAX AliasInGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the alias used by group. "
INDEX { idGroupName, idAliasName }
::= { aliasInGroupTable 1 }
AliasInGroupEntry ::=
SEQUENCE {
idGroupName OCTET STRING,
idAliasName OCTET STRING,
aliasInGroupStatus RowStatus
}
idGroupName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the name of the ID group. "
::= { aliasInGroupEntry 1 }
idAliasName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the ID alias. "
::= { aliasInGroupEntry 2 }
aliasInGroupStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { aliasInGroupEntry 3 }
-- *****************************************************************
-- *****************************************************************
-- IPsec Global Command Group
ipsecGlobalGroup OBJECT IDENTIFIER ::= { ipsecConfigGroup 12 }
ipsecFastForward OBJECT-TYPE
SYNTAX INTEGER {
disable(1),
enable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the operation of IPsec fast-forward. "
::= { ipsecGlobalGroup 1 }
ipsecPreFragment OBJECT-TYPE
SYNTAX INTEGER{
disable(1),
enable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the operation of IPsec pre-fragment."
::= { ipsecGlobalGroup 2 }
mpInitConfUserName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the user name of init config. "
::= { ipsecGlobalGroup 3 }
-- *****************************************************************
-- *****************************************************************
clearSAGroup OBJECT IDENTIFIER ::= { ipsecDebugGroup 1 }
clearSARebuild OBJECT-TYPE
SYNTAX INTEGER {
yes(1),
no(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the operation clearing crypto SAs, and the value of it determines whether
the SAs need to be rebuilded after being cleared. "
::= { clearSAGroup 1 }
clearSATunnelName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the name of the tunnel"
::= { clearSAGroup 2 }
clearSATunnelId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the id number of the tunnel"
::= { clearSAGroup 3 }
clearSAPolicyName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the name of the policy. "
::= { clearSAGroup 4 }
clearSAPolicyId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object defines the id number of the policy. "
::= { clearSAGroup 5 }
-- *****************************************************************
-- *****************************************************************
changePolicyOrderGroup OBJECT IDENTIFIER ::= { ipsecDebugGroup 2 }
changePolicyOrderType OBJECT-TYPE
SYNTAX INTEGER {
before(1),
after(2),
first(3),
last(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The type of the operation for changed policy position. "
::= { changePolicyOrderGroup 1 }
changePolicyName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The name of the policy which should be changed. "
::= { changePolicyOrderGroup 2 }
changePolicyIndexName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The name of the index policy. "
::= { changePolicyOrderGroup 3 }
-- *****************************************************************
-- *****************************************************************
specialActionTable OBJECT-TYPE
SYNTAX SEQUENCE OF SpecialActionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all of special action for IPsec module."
::={ ipsecDebugGroup 3 }
specialActionEntry OBJECT-TYPE
SYNTAX SpecialActionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with excluded ID. "
INDEX { mpSpecActObjName, mpSpecActOptCode }
::= { specialActionTable 1 }
SpecialActionEntry ::=
SEQUENCE {
mpSpecActObjName OCTET STRING,
mpSpecActOptCode INTEGER,
mpSpecActOptReturn INTEGER,
mpSpecActStatus RowStatus
}
mpSpecActObjName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the object name of special action. "
::= { specialActionEntry 1 }
mpSpecActOptCode OBJECT-TYPE
SYNTAX INTEGER {
delete_tunnel(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the option code of special action. "
::= { specialActionEntry 2 }
mpSpecActOptReturn OBJECT-TYPE
SYNTAX INTEGER {
executing(1)
success(2),
fail(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the option code of special action. "
::= { specialActionEntry 3 }
mpSpecActStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object defines the status of the table entry."
::= { specialActionEntry 4 }
-- *****************************************************************
-- *****************************************************************
-- IPsec notify
ipsecTraps OBJECT IDENTIFIER ::= { ipsecMonitorGroup 0 }
ipsecSAEsatbalishedTrap NOTIFICATION-TYPE
OBJECTS {
estabSaTrapStateIndex,
estabSaTrapReplacedStateIndex,
estabSaTrapRemoteId,
estabSaTrapLocalId,
estabSaTrapRemoteAddress,
estabSaTrapLocalAddress,
estabSaTrapPolSrcAddr,
estabSaTrapPolSrcMask,
estabSaTrapPolDstAddr,
estabSaTrapPolDstMask,
estabSaTrapPolProto,
estabSaTrapPolSrcPort,
estabSaTrapPolDstPort
}
STATUS current
DESCRIPTION
"IPsec SA<53><41><EFBFBD><EFBFBD><EFBFBD><EFBFBD>TRAP."
::={ ipsecTraps 1 }
ipsecSADeletedTrap NOTIFICATION-TYPE
OBJECTS {
delSaTrapStateIndex,
delSaTrapRemoteId,
delSaTrapLocalId,
delSaTrapDurationTime,
delSaTrapOutboundKBytes,
delSaTrapInboundKBytes
}
STATUS current
DESCRIPTION
"IPsec SAɾ<41><C9BE><EFBFBD><EFBFBD>TRAP."
::={ ipsecTraps 2 }
ipsecKeepAliveTrap NOTIFICATION-TYPE
OBJECTS {
mpInitConfUserName
}
STATUS current
DESCRIPTION
"IPsec keep alive<76><65>TRAP."
::={ ipsecTraps 3 }
-- *****************************************************************
-- *****************************************************************
-- IKE SA table
ikeSaInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF IkeSaInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all the detail about ISAKMP SAs including the connected IPSec SAs.
It corresponds to cmd: show crypto isa sa. When showing the simple information, it only
shows the four fields of the table: IkeSaLocalAddress, IkeSaRemoteAddress, IkeSaStatus, IkeSASerialNo. "
::= { ipsecMonitorGroup 1 }
ikeSaInfoEntry OBJECT-TYPE
SYNTAX IkeSaInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains all the fields connected with one IKE SA."
INDEX { ikeSASerialNo }
::= { ikeSaInfoTable 1 }
IkeSaInfoEntry ::=
SEQUENCE {
ikeSASerialNo Counter32,
ikeSaStatus OCTET STRING,
ikeSaStatusDetail OCTET STRING,
ikeSaState INTEGER,
ikeSaLocalAddress IpAddress,
ikeSaRemoteAddress IpAddress,
ikeSaTunnelName OCTET STRING,
ikeSaRemoteCfgIdentity OCTET STRING,
ikeSaRemoteInstIdentity OCTET STRING,
ikeSaLocalCfgIdentity OCTET STRING,
ikeSaLocalInstIdentity OCTET STRING,
ikeFlowName OCTET STRING,
ikeSaTimerEvent1 OCTET STRING,
ikeSaTimerRemain1 UInteger32,
ikeSaTimerEvent2 OCTET STRING,
ikeSaTimerRemain2 UInteger32,
ikeSaTimerEvent3 OCTET STRING,
ikeSaTimerRemain3 UInteger32,
ikeSaTimerEvent4 OCTET STRING,
ikeSaTimerRemain4 UInteger32,
ikeSaIpsecAhOutSpi Counter32,
ikeSaIpsecAhInSpi Counter32,
ikeSaIpsecEspOutSpi Counter32,
ikeSaIpsecEspInSpi Counter32,
}
ikeSASerialNo OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines serial number of an IKE SA, which is also the index of the table. "
::= { ikeSaInfoEntry 1 }
ikeSaStatus OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the state of an IKE SA, which also shows the state of IKE exchange for building IPSec SA. "
::= { ikeSaInfoEntry 2 }
ikeSaStatusDetail OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the detail about IkeSaStatus object, which can be easily understood. "
::= { ikeSaInfoEntry 3 }
ikeSaState OBJECT-TYPE
SYNTAX INTEGER {
current(1),
negotiation(2),
replaced(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines three type of state. "
::= { ikeSaInfoEntry 4 }
ikeSaLocalAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the local IP address of the tunnel. "
::= { ikeSaInfoEntry 5 }
ikeSaRemoteAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the peer IP address of the tunnel. "
::= { ikeSaInfoEntry 6 }
ikeSaTunnelName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identifier nubmer of the tunnel corresponding to the IKE SA. "
::= { ikeSaInfoEntry 7 }
ikeSaRemoteCfgIdentity OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identity of the remote end. "
::= { ikeSaInfoEntry 8 }
ikeSaRemoteInstIdentity OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identity of the remote end. "
::= { ikeSaInfoEntry 9 }
ikeSaLocalCfgIdentity OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identity of the local end. "
::= { ikeSaInfoEntry 10 }
ikeSaLocalInstIdentity OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identity of the local end. "
::= { ikeSaInfoEntry 11 }
ikeFlowName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the identifier nubmer of the policy corresponding to the IKE SA. "
::= { ikeSaInfoEntry 12 }
ikeSaTimerEvent1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the type of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 13 }
ikeSaTimerRemain1 OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remainder time of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 14 }
ikeSaTimerEvent2 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the type of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 15 }
ikeSaTimerRemain2 OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remainder time of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 16 }
ikeSaTimerEvent3 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the type of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 17 }
ikeSaTimerRemain3 OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remainder time of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 18 }
ikeSaTimerEvent4 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the type of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 19 }
ikeSaTimerRemain4 OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remainder time of the timer event connected with an IKE SA. "
::= { ikeSaInfoEntry 20 }
ikeSaIpsecAhOutSpi OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI which is one part of an outbound IPSec SA identifier corresponding to
AH protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
::= { ikeSaInfoEntry 21 }
ikeSaIpsecAhInSpi OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI which is one part of an inbound IPSec SA identifier corresponding to
AH protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
::= { ikeSaInfoEntry 22 }
ikeSaIpsecEspOutSpi OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI which is one part of an outbound IPSec SA identifier corresponding to
ESP protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
::= { ikeSaInfoEntry 23 }
ikeSaIpsecEspInSpi OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI which is one part of an inbound IPSec SA identifier corresponding to
ESP protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
::= { ikeSaInfoEntry 24 }
-- *****************************************************************
-- *****************************************************************
-- IPSec SA Information Table
ipsecSAInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF IPSecSAInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains the detail information about all the IPSec SAs, which is only for being displayed. "
::={ ipsecMonitorGroup 2 }
ipsecSAInfoEntry OBJECT-TYPE
SYNTAX IPSecSAInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains all the attributes about one pair of IPSec SAs. "
INDEX { ipsecSAIndex }
::= { ipsecSAInfoTable 1 }
IPSecSAInfoEntry ::=
SEQUENCE {
ipsecSAIndex COUNTER32,
ipsecSAStateIndex COUNTER32,
ipsecSAFlowName OCTET STRING,
ipsecSAProtoName INTEGER,
ipsecSAEncAlgName OCTET STRING,
ipsecSAAuthAlgName OCTET STRING,
ipsecSAIPCompAlgName OCTET STRING,
ipsecSAInSPI Counter32,
ipsecSAInExpTime Counter32,
ipsecSAInRemainTime Counter32,
ipsecSAInPackets UInteger32,
ipsecSAInKiloBytes UInteger32,
ipsecSAInLeftKBytes UInteger32,
ipsecSAInCompedBytes UInteger32,
ipsecSAInDecompedBytes UInteger32,
ipsecSAInGroupSASPI Counter32,
ipsecSAInGroupID INTEGER,
ipsecSAOutSPI Counter32,
ipsecSAOutExpTime Counter32,
ipsecSAOutRemainTime Counter32,
ipsecSAOutPackets UInteger32,
ipsecSAOutKiloBytes UInteger32,
ipsecSAOutLeftKBytes UInteger32,
ipsecSAOutCompedBytes UINTEGER32,
ipsecSAOutDecompedBytes UINTEGER32,
ipsecSAOutGroupSASPI Counter32,
ipsecSAOutGroupID INTEGER
}
ipsecSAIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the index of pairs of IPSec SAs, which is only the index of the table and not has actual meaning. "
::= { ipsecSAInfoEntry 1 }
ipsecSAStateIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the id number of the phase2 ike sa. "
::= { ipsecSAInfoEntry 2 }
ipsecSAFlowName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the name of the flow corresponding to the IPSec SAs."
::= { ipsecSAInfoEntry 3 }
ipsecSAProtoName OBJECT-TYPE
SYNTAX INTEGER {
esp(1),
ah(2),
ipcomp(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the switch of anti-replaying associated with the IPSec SAs. "
::= { ipsecSAInfoEntry 4 }
ipsecSAEncAlgName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the name of the encryption algorithm. "
::= { ipsecSAInfoEntry 5 }
ipsecSAAuthAlgName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the name of the authentication algorithm. "
::= { ipsecSAInfoEntry 6 }
ipsecSAIPCompAlgName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the name of the compression algorithm. "
::= { ipsecSAInfoEntry 7 }
ipsecSAInSPI OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI of the inbound IPSec SA. "
::= { ipsecSAInfoEntry 8 }
ipsecSAInExpTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the expired time of the inbound IPSec SA. "
::= { ipsecSAInfoEntry 9 }
ipsecSAInRemainTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remaining time of the inbound IPSec SA. "
::= { ipsecSAInfoEntry 10 }
ipsecSAInPackets OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the total number of the input packets protected by the inbound IPSec SA. "
::= { ipsecSAInfoEntry 11 }
ipsecSAInKiloBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the input data protected by the inbound IPSec SA. "
::= { ipsecSAInfoEntry 12 }
ipsecSAInLeftKBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remained lifetime measured as kilobytes about the inbound IPSec SA. "
::= { ipsecSAInfoEntry 13 }
ipsecSAInCompedBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the input compressed data measured as kilobytes. "
::= { ipsecSAInfoEntry 14 }
ipsecSAInDecompedBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the input decompressed data measured as kilobytes. "
::= { ipsecSAInfoEntry 15 }
ipsecSAInGroupSASPI OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI of the IPSec SA which protects the same input data flow with the inbound IPSec SA.
In current its value is usually null. "
::= { ipsecSAInfoEntry 16 }
ipsecSAInGroupID OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The group identity of inbound SA. "
::= { ipsecSAInfoEntry 17 }
ipsecSAOutSPI OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI of the outbound IPSec SA. "
::= { ipsecSAInfoEntry 18 }
ipsecSAOutExpTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the expired time of the outbound IPSec SA. "
::= { ipsecSAInfoEntry 19 }
ipsecSAOutRemainTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remaining time of the outbound IPSec SA. "
::= { ipsecSAInfoEntry 20 }
ipsecSAOutPackets OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the total number of the output packets protected by the outbound IPSec SA. "
::= { ipsecSAInfoEntry 21 }
ipsecSAOutKiloBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the output data measured as kilobytes protected by the outbound IPSec SA. "
::= { ipsecSAInfoEntry 22 }
ipsecSAOutLeftKBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remained lifetime measured as kilobytes about the outbound IPSec SA. "
::= { ipsecSAInfoEntry 23 }
ipsecSAOutCompedBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the output compressed data measured as kilobytes. "
::= { ipsecSAInfoEntry 24 }
ipsecSAOutDecompedBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the output decompressed data measured as kilobytes. "
::= { ipsecSAInfoEntry 25 }
ipsecSAOutGroupSASPI OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the SPI of the IPSec SA which protects the same output data flow with the outbound IPSec SA. "
::= { ipsecSAInfoEntry 26 }
ipsecSAOutGroupID OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The group identity of outbound SA. "
::= { ipsecSAInfoEntry 27 }
-- *****************************************************************
-- *****************************************************************
-- IPSec SA Simple Information Table
ipsecSASimpleInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF IPSecSASimpleInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains the detail information about all the IPSec SAs, which is only for being displayed. "
::={ ipsecMonitorGroup 3 }
ipsecSASimpleInfoEntry OBJECT-TYPE
SYNTAX IPSecSASimpleInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains all the attributes about one pair of IPSec SAs. "
INDEX { mpIPsecSimpIndex }
::= { ipsecSASimpleInfoTable 1 }
IPSecSASimpleInfoEntry ::=
SEQUENCE {
mpIPsecSimpIndex COUNTER32,
mpIPsecSimpPeerAddr OCTET STRING,
mpIPsecSimpLocalAddr OCTET STRING,
mpIPsecSimpPeerID OCTET STRING,
mpIPsecSimpLocalID OCTET STRING,
mpIPsecSimpSrcAddr OCTET STRING,
mpIPsecSimpSrcMask OCTET STRING,
mpIPsecSimpDstAddr OCTET STRING,
mpIPsecSimpDstMask OCTET STRING,
mpIPsecSimpInExpTime Counter32,
mpIPsecSimpInRemainTime Counter32,
mpIPsecSimpInPackets UInteger32,
mpIPsecSimpInKiloBytes UInteger32,
mpIPsecSimpInLeftKBytes UInteger32,
mpIPsecSimpOutExpTime Counter32,
mpIPsecSimpOutRemainTime Counter32,
mpIPsecSimpOutPackets UInteger32,
mpIPsecSimpOutKiloBytes UInteger32,
mpIPsecSimpOutLeftKBytes UInteger32,
mpIPsecSimpFlowName OCTET STRING,
mpIPsecStateId COUNTER32,
mpIPsecSimpPFlowName OCTET STRING
}
mpIPsecSimpIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the index of pairs of IPSec SAs, which is only the index of the table and not has actual meaning. "
::= { ipsecSASimpleInfoEntry 1 }
mpIPsecSimpPeerAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the peer address. "
::= { ipsecSASimpleInfoEntry 2 }
mpIPsecSimpLocalAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the local address. "
::= { ipsecSASimpleInfoEntry 3 }
mpIPsecSimpPeerID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the peer identity. "
::= { ipsecSASimpleInfoEntry 4 }
mpIPsecSimpLocalID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the local identity. "
::= { ipsecSASimpleInfoEntry 5 }
mpIPsecSimpSrcAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the source address. "
::= { ipsecSASimpleInfoEntry 6 }
mpIPsecSimpSrcMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the source mask. "
::= { ipsecSASimpleInfoEntry 7 }
mpIPsecSimpDstAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the destination address. "
::= { ipsecSASimpleInfoEntry 8 }
mpIPsecSimpDstMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the destination mask. "
::= { ipsecSASimpleInfoEntry 9 }
mpIPsecSimpInExpTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the expiration time of inbound IPsec SA. "
::= { ipsecSASimpleInfoEntry 10 }
mpIPsecSimpInRemainTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remaining time of inbound IPsec SA. "
::= { ipsecSASimpleInfoEntry 11 }
mpIPsecSimpInPackets OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the packets number of inbound IPsec SA. "
::= { ipsecSASimpleInfoEntry 12 }
mpIPsecSimpInKiloBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the input data protected by the inbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 13 }
mpIPsecSimpInLeftKBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remained lifetime measured as kilobytes about the inbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 14 }
mpIPsecSimpOutExpTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the expired time of the outbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 15 }
mpIPsecSimpOutRemainTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remaining time of the outbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 16 }
mpIPsecSimpOutPackets OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the total number of the output packets protected by the outbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 17 }
mpIPsecSimpOutKiloBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines all the output data measured as kilobytes protected by the outbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 18 }
mpIPsecSimpOutLeftKBytes OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the remained lifetime measured as kilobytes about the outbound IPSec SA. "
::= { ipsecSASimpleInfoEntry 19 }
mpIPsecSimpFlowName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the policy name. "
::= { ipsecSASimpleInfoEntry 20 }
mpIPsecStateId OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the state id of IPsec SA. "
::= { ipsecSASimpleInfoEntry 21 }
mpIPsecSimpPFlowName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the parent policy name. "
::= { ipsecSASimpleInfoEntry 22 }
-- *****************************************************************
-- *****************************************************************
ipsecTrapObjectsGroup OBJECT IDENTIFIER ::= { ipsecMonitorGroup 4 }
estabSaTrapStateIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22>׶ζ<D7B6>state<74><65><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 1 }
estabSaTrapReplacedStateIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>Ľ׶ζ<D7B6>state<74><65><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 2 }
estabSaTrapRemoteId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22>Զ<EFBFBD>ID. "
::= { ipsecTrapObjectsGroup 3 }
estabSaTrapLocalId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>ID. "
::= { ipsecTrapObjectsGroup 4 }
estabSaTrapRemoteAddress OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22>Զ<EFBFBD>IP. "
::= { ipsecTrapObjectsGroup 5 }
estabSaTrapLocalAddress OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>IP. "
::= { ipsecTrapObjectsGroup 6 }
estabSaTrapPolSrcAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>Դ<EFBFBD><D4B4>ַ. "
::= { ipsecTrapObjectsGroup 7 }
estabSaTrapPolSrcMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>Դ<EFBFBD><D4B4>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 8 }
estabSaTrapPolDstAddr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>Ŀ<EFBFBD>ĵ<EFBFBD>ַ. "
::= { ipsecTrapObjectsGroup 9 }
estabSaTrapPolDstMask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>Ŀ<EFBFBD>ĵ<EFBFBD>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 10 }
estabSaTrapPolProto OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
<><D0AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 11 }
estabSaTrapPolSrcPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
<>˿<EFBFBD>. "
::= { ipsecTrapObjectsGroup 12 }
estabSaTrapPolDstPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Ŀ<>Ķ˿<C4B6>. "
::= { ipsecTrapObjectsGroup 13 }
delSaTrapStateIndex OBJECT-TYPE
SYNTAX COUNTER32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><>ɾ<EFBFBD><C9BE><EFBFBD><EFBFBD>state<74><65><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 14 }
delSaTrapRemoteId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22>Զ<EFBFBD>ID. "
::= { ipsecTrapObjectsGroup 15 }
delSaTrapLocalId OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>ID. "
::= { ipsecTrapObjectsGroup 16 }
delSaTrapDurationTime OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD>ʱ<EFBFBD><EFBFBD><E4B3A4>. "
::= { ipsecTrapObjectsGroup 17 }
delSaTrapOutboundKBytes OBJECT-TYPE
SYNTAX COUNTER64
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 18 }
delSaTrapInboundKBytes OBJECT-TYPE
SYNTAX COUNTER64
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"<22><><EFBFBD><EFBFBD><EBB1A8><EFBFBD><EFBFBD>. "
::= { ipsecTrapObjectsGroup 19 }
-- *****************************************************************
-- *****************************************************************
-- IPsec Diagnostic Information Table
ipsecDiagInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF IPsecDiagInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains all IPsec diagnostic informations for all policy-tunnel pairs."
::={ ipsecMonitorGroup 5 }
ipsecDiagInfoEntry OBJECT-TYPE
SYNTAX IPsecDiagInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the diagnostic informations for one policy-tunnel pair. "
INDEX { ipsecDiagInfoPolicyId, ipsecDiagInfoTunnelId }
::= { ipsecDiagInfoTable 1 }
IPsecDiagInfoEntry ::=
SEQUENCE {
ipsecDiagInfoPolicyId UInteger32,
ipsecDiagInfoTunnelId UInteger32,
ipsecDiagInfoPolicyName DisplayString,
ipsecDiagInfoTunnelName DisplayString,
ipsecDiagInfoStatus UInteger32
}
ipsecDiagInfoPolicyId OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the policy id. "
::= { ipsecDiagInfoEntry 1 }
ipsecDiagInfoTunnelId OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the tunnel id. "
::= { ipsecDiagInfoEntry 2 }
ipsecDiagInfoPolicyName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the policy name. "
::= { ipsecDiagInfoEntry 3 }
ipsecDiagInfoTunnelName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the tunnel name. "
::= { ipsecDiagInfoEntry 4 }
ipsecDiagInfoStatus OBJECT-TYPE
SYNTAX UInteger32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object defines the status of specify policy-tunnel pair. "
::= { ipsecDiagInfoEntry 5 }
-- *****************************************************************
END
View Git Blame Copy Permalink