1473 lines
57 KiB
Plaintext
1473 lines
57 KiB
Plaintext
RC-IPSEC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, Counter64,
|
|
IpAddress
|
|
FROM SNMPv2-SMI
|
|
DisplayString, TruthValue, RowStatus
|
|
FROM SNMPv2-TC
|
|
InterfaceIndex
|
|
FROM IF-MIB
|
|
InetAddressType, InetAddress
|
|
FROM INET-ADDRESS-MIB
|
|
rcIpsec
|
|
FROM RAPID-CITY;
|
|
|
|
rcIpsecMib MODULE-IDENTITY
|
|
LAST-UPDATED "201707180000Z"
|
|
ORGANIZATION "Avaya"
|
|
CONTACT-INFO "
|
|
Postal:
|
|
email:
|
|
"
|
|
DESCRIPTION "Enterprise MIB for the IPSEC mibs."
|
|
|
|
REVISION "201707180000Z" -- 18 July 2017
|
|
DESCRIPTION "Version 10: Modified objects description."
|
|
|
|
REVISION "201702150000Z" -- 15 Feb 2017
|
|
DESCRIPTION "Version 9: Corrected MIB compiler error."
|
|
|
|
REVISION "201610060000Z" -- 6 October 2016
|
|
DESCRIPTION "Version 8: Added icmp(1) under rcIpsecPolicyL4Protocol.
|
|
Requested by Hariprasad Rajendran
|
|
(prempa)"
|
|
|
|
REVISION "201608020000Z" -- 02 Aug. 2016
|
|
DESCRIPTION "Version 7: Updated range from 1..40 to 0..64 for
|
|
rcIpsecSAHashKeyName and rcIpsecSAHashKeyLength"
|
|
|
|
REVISION "201605020000Z" -- 02 May 2016
|
|
DESCRIPTION "Version 6: Added option aes256Cbc(5) to
|
|
rcIpsecSAEncryptAlgorithm
|
|
Added option sha2 to
|
|
rcIpsecSAHashAlgorithm"
|
|
|
|
REVISION "201603020000Z" -- 02 Mar 2016
|
|
DESCRIPTION "Version 5: correct the range to 1..4294967295 for
|
|
rcIpsecSALifetimeSeconds and rcIpsecSALifetimeKbytes"
|
|
|
|
REVISION "201502120000Z" -- 12 Feb 2015
|
|
DESCRIPTION "Version 4: Changed the SYNTAX of rcIpsecSALifetimeSeconds and
|
|
rcIpsecSALifetimeKbytes from Integer32 to Unsigned32
|
|
Requested by Anoop Muraleedharan for VSP Federal (Prem)"
|
|
|
|
REVISION "201501220000Z" -- 22 Jan 2015
|
|
DESCRIPTION "Version 3: Removed rcIpsecPolicyDstAddressType and rcIpsecPolicyDstAddress
|
|
as an index to rcIpsecPolicyTable mib and
|
|
made them read-create objects.
|
|
Requested by Hariprasad Rajendran for VSP Federal (Prem)"
|
|
|
|
REVISION "201501050000Z" -- 5 Jan 2015
|
|
DESCRIPTION "Version 2: Removed rcIpsecSASpi as an index to rcIpsecSATable mib and
|
|
made it a read-create object and the range is now 0..4294967295.
|
|
Made rcIpsecInterfacePolicyIfEnabled object read-only
|
|
Changed the range of rcIpsecOspf6VirtualLinkPolicySAName from
|
|
1..32 to 0..32.
|
|
Requested by Roshni for VSP Federal (Prem)"
|
|
|
|
REVISION "201410090000Z" -- 09 Oct 2014
|
|
DESCRIPTION "Version 1: Initial version"
|
|
|
|
::= { rcIpsec 0 }
|
|
|
|
---
|
|
---Ipsec policy table
|
|
---
|
|
|
|
rcIpsecPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "The policy table is used to store all the
|
|
attribute values under the policy. An IPSec
|
|
policy typically consists of a policy name,
|
|
raddr and laddr to which the policy is associated
|
|
to, the protocol to which policy is applied,and
|
|
the associated action whether to permit or drop
|
|
the packets"
|
|
::= { rcIpsec 1 }
|
|
|
|
rcIpsecPolicyEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "An Ipsec Policy table entry."
|
|
INDEX {
|
|
rcIpsecPolicyName
|
|
}
|
|
::= { rcIpsecPolicyTable 1 }
|
|
|
|
RcIpsecPolicyEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecPolicyName DisplayString,
|
|
rcIpsecPolicyDstAddressType InetAddressType,
|
|
rcIpsecPolicyDstAddress InetAddress,
|
|
rcIpsecPolicySrcAddressType InetAddressType,
|
|
rcIpsecPolicySrcAddress InetAddress,
|
|
rcIpsecPolicySrcPort INTEGER,
|
|
rcIpsecPolicyDstPort INTEGER,
|
|
rcIpsecPolicyAdminFlag TruthValue,
|
|
rcIpsecPolicyL4Protocol INTEGER,
|
|
rcIpsecPolicyAction INTEGER,
|
|
rcIpsecPolicyRowStatus RowStatus
|
|
}
|
|
|
|
rcIpsecPolicyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This object contains name of the Ipsec
|
|
policy."
|
|
::= { rcIpsecPolicyEntry 1 }
|
|
|
|
rcIpsecPolicyDstAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object specifies the type of address
|
|
field in the rcIpsecPolicyDstAddress."
|
|
::= { rcIpsecPolicyEntry 2 }
|
|
|
|
rcIpsecPolicyDstAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The destination interface address to which
|
|
the policy is added."
|
|
::= { rcIpsecPolicyEntry 3 }
|
|
|
|
rcIpsecPolicySrcAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object specifies the type of address
|
|
field in the rcIpsecPolicySrcAddress."
|
|
::= { rcIpsecPolicyEntry 4 }
|
|
|
|
rcIpsecPolicySrcAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The source interface address of the router
|
|
to which the policy is added."
|
|
::= { rcIpsecPolicyEntry 5 }
|
|
|
|
rcIpsecPolicySrcPort OBJECT-TYPE
|
|
SYNTAX INTEGER (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The TCP/UDP source port number for which the
|
|
policy is added."
|
|
::= { rcIpsecPolicyEntry 6 }
|
|
|
|
rcIpsecPolicyDstPort OBJECT-TYPE
|
|
SYNTAX INTEGER (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The TCP/UDP destination port number for which
|
|
the policy is added."
|
|
::= { rcIpsecPolicyEntry 7 }
|
|
|
|
rcIpsecPolicyAdminFlag OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The flag is used to enable the policy created."
|
|
::= { rcIpsecPolicyEntry 8 }
|
|
|
|
rcIpsecPolicyL4Protocol OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
tcp(6),
|
|
udp(17),
|
|
icmpv6(58),
|
|
ospfv3(89),
|
|
icmp(1)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object specifies the IP protocol number
|
|
for the l4 protocol to which this particular
|
|
policy is added."
|
|
DEFVAL { tcp }
|
|
::= { rcIpsecPolicyEntry 9 }
|
|
|
|
rcIpsecPolicyAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
drop(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The object contains a value that set the
|
|
action for the IPSec policy, either to permit
|
|
or drop the packet."
|
|
DEFVAL { permit }
|
|
::= { rcIpsecPolicyEntry 10 }
|
|
|
|
rcIpsecPolicyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries in the
|
|
rcIpsecPolicyTable."
|
|
::= { rcIpsecPolicyEntry 11 }
|
|
|
|
---
|
|
---Ipsec SA struct table
|
|
---
|
|
|
|
rcIpsecSATable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "The Security Association(SA) table is used to
|
|
store all the attribute values under the security
|
|
association. An IPSec SA typically consists of SA
|
|
name, security parameter index, encapsulation
|
|
protocol, authentication algorithm, encryption
|
|
algorithm, mode of SA, key mode used and SA lifetime."
|
|
::= { rcIpsec 2 }
|
|
|
|
rcIpsecSAEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A Security Association structure table
|
|
entry."
|
|
INDEX {
|
|
rcIpsecSAName
|
|
}
|
|
::= { rcIpsecSATable 1 }
|
|
|
|
RcIpsecSAEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecSAName DisplayString,
|
|
rcIpsecSASpi Unsigned32,
|
|
rcIpsecSAHashAlgorithm INTEGER,
|
|
rcIpsecSAEncryptAlgorithm INTEGER,
|
|
rcIpsecSAAuthMethod INTEGER,
|
|
rcIpsecSAMode INTEGER,
|
|
rcIpsecSAKeyMode INTEGER,
|
|
rcIpsecSAEncryptKeyName DisplayString,
|
|
rcIpsecSAHashKeyName DisplayString,
|
|
rcIpsecSAHashKeyLength Integer32,
|
|
rcIpsecSAEncryptKeyLength Integer32,
|
|
rcIpsecSALifetimeSeconds Unsigned32,
|
|
rcIpsecSALifetimeKbytes Unsigned32,
|
|
rcIpsecSARowStatus RowStatus
|
|
}
|
|
|
|
rcIpsecSAName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This object contains name of the security
|
|
association."
|
|
::= { rcIpsecSAEntry 1 }
|
|
|
|
rcIpsecSASpi OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967295)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object contains, Security Parameter Index
|
|
(SPI), which is an identification tag added to
|
|
the header. This along with protocol value and
|
|
destination are used to identify a SA"
|
|
::= { rcIpsecSAEntry 2 }
|
|
|
|
rcIpsecSAHashAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
sha1(1),
|
|
aesXcbc(2),
|
|
md5(3),
|
|
null(4),
|
|
sha2(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object contains the hash algorithm
|
|
used in this SA. The algorithms used are
|
|
SHA1, AES_CBC, MD5 and SHA2"
|
|
DEFVAL { md5 }
|
|
::= { rcIpsecSAEntry 3 }
|
|
|
|
rcIpsecSAEncryptAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
des3Cbc(1),
|
|
aes128Cbc(2),
|
|
aesCtr(3),
|
|
null(4),
|
|
aes256Cbc(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object contains the encryption
|
|
algorithm used in this SA. The algorithms
|
|
used are 3DES_CBC, AES128_CBC, AES_CTR and AES256_CBC"
|
|
DEFVAL { aes128Cbc }
|
|
::= { rcIpsecSAEntry 4 }
|
|
|
|
rcIpsecSAAuthMethod OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ah(1),
|
|
es(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object specifies authentication Method
|
|
of the SA. It can be AH (Authentication Header)
|
|
or ES (Encapsulated Security Payload)."
|
|
DEFVAL { es }
|
|
::= { rcIpsecSAEntry 5 }
|
|
|
|
rcIpsecSAMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
transport(1),
|
|
tunnel(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This flag is used to switch between transport
|
|
and tunnel mode. Transport mode is used to
|
|
protect the upper layer protocols whereas tunnel
|
|
mode is used to protect the whole IP packet."
|
|
DEFVAL { transport }
|
|
::= { rcIpsecSAEntry 6 }
|
|
|
|
rcIpsecSAKeyMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
manual(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This flag selects configuration mode of shared
|
|
keys, manual or automatic."
|
|
DEFVAL { manual }
|
|
::= { rcIpsecSAEntry 7 }
|
|
|
|
rcIpsecSAEncryptKeyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Key Value for the Encryption Key. Maximum
|
|
size is 64"
|
|
::= { rcIpsecSAEntry 8 }
|
|
|
|
rcIpsecSAHashKeyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Key value for the Hash Key. Maximum size
|
|
is 64."
|
|
::= { rcIpsecSAEntry 9 }
|
|
|
|
rcIpsecSAHashKeyLength OBJECT-TYPE
|
|
SYNTAX Integer32 (0..64)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Number of bits used in the Hash key.
|
|
The values are as follows:
|
|
AES-XCBC-MAC - 32
|
|
MD5 - 32
|
|
SHA1 - 40
|
|
SHA2 - 64"
|
|
::= { rcIpsecSAEntry 10 }
|
|
|
|
rcIpsecSAEncryptKeyLength OBJECT-TYPE
|
|
SYNTAX Integer32 (1..64)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Number of bits used in the Encryption key.
|
|
The values are as follows:
|
|
3DES - 48
|
|
AES-CBC - 32, 48, 64
|
|
AES-CTR - 32"
|
|
::= { rcIpsecSAEntry 11 }
|
|
|
|
rcIpsecSALifetimeSeconds OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The life time in seconds for a security
|
|
association."
|
|
::= { rcIpsecSAEntry 12 }
|
|
|
|
rcIpsecSALifetimeKbytes OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The traffic, in kilobytes, that can pass
|
|
between IPSec peers using a given security
|
|
association before that security association
|
|
expires."
|
|
::= { rcIpsecSAEntry 13 }
|
|
|
|
rcIpsecSARowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries in the
|
|
rcIpsecSATable."
|
|
::= { rcIpsecSAEntry 14 }
|
|
|
|
---
|
|
---Ipsec Interface Policy Table
|
|
---
|
|
|
|
rcIpsecInterfacePolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecInterfacePolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This table is used to store the policy and
|
|
interface details while linking the policy
|
|
to an interface. This table contains the
|
|
policy name, ifindex, direction on which
|
|
the policy is applied and the enable flag to
|
|
enable/disable ipsec on the interface."
|
|
::= { rcIpsec 3 }
|
|
|
|
rcIpsecInterfacePolicyEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecInterfacePolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A Policy interface link table entry."
|
|
INDEX {
|
|
rcIpsecInterfacePolicyName,
|
|
rcIpsecInterfacePolicyIfIndex
|
|
}
|
|
::= { rcIpsecInterfacePolicyTable 1 }
|
|
|
|
RcIpsecInterfacePolicyEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecInterfacePolicyName DisplayString,
|
|
rcIpsecInterfacePolicyIfIndex InterfaceIndex,
|
|
rcIpsecInterfacePolicyIfEnabled TruthValue,
|
|
rcIpsecInterfacePolicyIfDirection INTEGER,
|
|
rcIpsecInterfacePolicyRowStatus RowStatus
|
|
}
|
|
|
|
rcIpsecInterfacePolicyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This object contains name of the Ipsec
|
|
policy that is to be linked with the
|
|
interface."
|
|
::= { rcIpsecInterfacePolicyEntry 1 }
|
|
|
|
rcIpsecInterfacePolicyIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "If index to which the policy is applied."
|
|
::= { rcIpsecInterfacePolicyEntry 2 }
|
|
|
|
rcIpsecInterfacePolicyIfEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "This object denotes whether IPSec is
|
|
enabled on that interface or not.
|
|
The value for this attribute is set
|
|
when Ipsec is enabled on the interface
|
|
and admin state of the policy is in
|
|
enabled state."
|
|
::= { rcIpsecInterfacePolicyEntry 3 }
|
|
|
|
rcIpsecInterfacePolicyIfDirection OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
inBound(1),
|
|
outBound(2),
|
|
bothDirections(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object contains the direction of
|
|
traffic in the interface, where security
|
|
needs to be applied. Whether its inBound,
|
|
outBound or both Directions"
|
|
::= { rcIpsecInterfacePolicyEntry 4 }
|
|
|
|
rcIpsecInterfacePolicyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries in the
|
|
rcIpsecInterfacePolicyTable."
|
|
::= { rcIpsecInterfacePolicyEntry 5 }
|
|
|
|
---
|
|
---Ipsec Ospf6 Virtual Link Policy table
|
|
---
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecOspf6VirtualLinkPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This table is used to store all the
|
|
attribute values under Ospf virtual
|
|
link policy. This table contains the
|
|
virtual link area id, neighbour id, SA name
|
|
policy action, policy direction, admin status
|
|
of the policy, source address, destination
|
|
address, virtual link id, interface index
|
|
and operation status of the virtual link."
|
|
::= { rcIpsec 4 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecOspf6VirtualLinkPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "An OSPF virtual link Policy table entry."
|
|
INDEX {
|
|
rcIpsecOspf6VirtualLinkPolicyAreaId,
|
|
rcIpsecOspf6VirtualLinkPolicyNeighbor
|
|
}
|
|
::= { rcIpsecOspf6VirtualLinkPolicyTable 1 }
|
|
|
|
RcIpsecOspf6VirtualLinkPolicyEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecOspf6VirtualLinkPolicyAreaId IpAddress,
|
|
rcIpsecOspf6VirtualLinkPolicyNeighbor IpAddress,
|
|
rcIpsecOspf6VirtualLinkPolicySAName DisplayString,
|
|
rcIpsecOspf6VirtualLinkPolicyAdminStatus TruthValue,
|
|
rcIpsecOspf6VirtualLinkPolicyAction INTEGER,
|
|
rcIpsecOspf6VirtualLinkPolicyDirection INTEGER,
|
|
rcIpsecOspf6VirtualLinkPolicySrcAddressType InetAddressType,
|
|
rcIpsecOspf6VirtualLinkPolicySrcAddress InetAddress,
|
|
rcIpsecOspf6VirtualLinkPolicyDstAddressType InetAddressType,
|
|
rcIpsecOspf6VirtualLinkPolicyDstAddress InetAddress,
|
|
rcIpsecOspf6VirtualLinkPolicyLinkID INTEGER,
|
|
rcIpsecOspf6VirtualLinkPolicyIfIndex InterfaceIndex,
|
|
rcIpsecOspf6VirtualLinkPolicyOperStatus INTEGER,
|
|
rcIpsecOspf6VirtualLinkPolicyRowStatus RowStatus
|
|
}
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyAreaId OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A 32-bit integer uniquely identifying
|
|
the Ospf virtual link area."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 1 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyNeighbor OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A 32-bit integer uniquely identifying
|
|
the Ospf virtual link neighbour."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 2 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicySAName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "This object contains the security
|
|
association linked to the virtual link."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 3 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyAdminStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The flag is used to enable the policy
|
|
created."
|
|
DEFVAL { false }
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 4 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
drop(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The object contains a value that set the
|
|
action of the IPSec Ospf virtual link policy,
|
|
either to permit or drop."
|
|
DEFVAL { permit }
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 5 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inBound(1),
|
|
outBound(2),
|
|
bothDirections(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "The object indicates the policy direction
|
|
for the virtual link."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 6 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicySrcAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "This object specifies the type of address
|
|
field in thercIpsecOspf6VirtualLinkSrcAddress.
|
|
Only IPv6 address types are supported for
|
|
this release."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 7 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicySrcAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The source interface address to which the
|
|
policy is added."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 8 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyDstAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "This object specifies the type of address
|
|
field in thercIpsecOspf6VirtualLinkDstAddress.
|
|
Only IPv6 address types are supported for
|
|
this release."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 9 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyDstAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The destination interface address to which
|
|
the policy is added."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 10 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyLinkID OBJECT-TYPE
|
|
SYNTAX INTEGER (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "This object contains unique id for an ospf
|
|
virtual link."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 11 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The interface If index to which Ospf
|
|
virtual link the policy is added."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 12 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
up(1),
|
|
down(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Operation status of the link, up or down."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 13 }
|
|
|
|
rcIpsecOspf6VirtualLinkPolicyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries in the
|
|
rcIpsecOspf6VirtualLinkPolicyTable."
|
|
::= { rcIpsecOspf6VirtualLinkPolicyEntry 14 }
|
|
|
|
---
|
|
---Ipsec Policy SA Table
|
|
---
|
|
|
|
rcIpsecPolicySALinkTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecPolicySALinkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This table is used to store the policy and
|
|
security association details while linking
|
|
the policy to a SA. This table contains the
|
|
policy name, and the SA name to which the
|
|
policy is linked."
|
|
::= { rcIpsec 5 }
|
|
|
|
rcIpsecPolicySALinkEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecPolicySALinkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A Policy interface link table entry."
|
|
INDEX {
|
|
rcIpsecPolicySALinkPolicyName,
|
|
rcIpsecPolicySALinkSAName
|
|
}
|
|
::= { rcIpsecPolicySALinkTable 1 }
|
|
|
|
RcIpsecPolicySALinkEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecPolicySALinkPolicyName DisplayString,
|
|
rcIpsecPolicySALinkSAName DisplayString,
|
|
rcIpsecPolicySALinkRowStatus RowStatus
|
|
}
|
|
|
|
rcIpsecPolicySALinkPolicyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This object contains name of the Ipsec
|
|
policy."
|
|
::= { rcIpsecPolicySALinkEntry 1 }
|
|
|
|
rcIpsecPolicySALinkSAName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This object contains name of the Security
|
|
Association."
|
|
::= { rcIpsecPolicySALinkEntry 2 }
|
|
|
|
rcIpsecPolicySALinkRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries in the
|
|
rcIpsecPolicySALinkTable."
|
|
::= { rcIpsecPolicySALinkEntry 3 }
|
|
|
|
---
|
|
---Ipsec Stats table
|
|
---
|
|
|
|
rcIpsecStatisticsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RcIpsecStatisticsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "This contains the IPSec statistics / counter
|
|
values on the switch level for all the IPSec
|
|
enabled interfaces."
|
|
::= { rcIpsec 6 }
|
|
|
|
rcIpsecStatisticsEntry OBJECT-TYPE
|
|
SYNTAX RcIpsecStatisticsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "An Ipsec stats table entry."
|
|
INDEX { rcIpsecStatisticsIfIndex }
|
|
::= { rcIpsecStatisticsTable 1 }
|
|
|
|
RcIpsecStatisticsEntry ::=
|
|
SEQUENCE
|
|
{
|
|
rcIpsecStatisticsIfIndex InterfaceIndex,
|
|
rcIpsecStatisticsInSuccesses Counter64,
|
|
rcIpsecStatisticsInSPViolations Counter64,
|
|
rcIpsecStatisticsInNotEnoughMemories Counter64,
|
|
rcIpsecStatisticsInAHESPReplays Counter64,
|
|
rcIpsecStatisticsInESPReplays Counter64,
|
|
rcIpsecStatisticsInAHFailures Counter64,
|
|
rcIpsecStatisticsInESPFailures Counter64,
|
|
rcIpsecStatisticsOutSuccesses Counter64,
|
|
rcIpsecStatisticsOutSPViolations Counter64,
|
|
rcIpsecStatisticsOutNotEnoughMemories Counter64,
|
|
rcIpsecStatisticsgeneralError Counter64,
|
|
rcIpsecStatisticsInAHSuccesses Counter64,
|
|
rcIpsecStatisticsOutAHSuccesses Counter64,
|
|
rcIpsecStatisticsInESPSuccesses Counter64,
|
|
rcIpsecStatisticsOutESPSuccesses Counter64,
|
|
rcIpsecStatisticsOutKBytes Counter64,
|
|
rcIpsecStatisticsOutBytes Counter64,
|
|
rcIpsecStatisticsInKBytes Counter64,
|
|
rcIpsecStatisticsInBytes Counter64,
|
|
rcIpsecStatisticsTotalPacketsProcessed Counter64,
|
|
rcIpsecStatisticsTotalPacketsByPassed Counter64,
|
|
rcIpsecStatisticsOutAHFailures Counter64,
|
|
rcIpsecStatisticsOutESPFailures Counter64,
|
|
rcIpsecStatisticsInMD5Hmacs Counter64,
|
|
rcIpsecStatisticsInSHA1Hmacs Counter64,
|
|
rcIpsecStatisticsInAESXCBCs Counter64,
|
|
rcIpsecStatisticsInAnyNullAuth Counter64,
|
|
rcIpsecStatisticsIn3DESCBCs Counter64,
|
|
rcIpsecStatisticsInAESCBCs Counter64,
|
|
rcIpsecStatisticsInAESCTRs Counter64,
|
|
rcIpsecStatisticsInAnyNullEncrypt Counter64,
|
|
rcIpsecStatisticsOutMD5Hmacs Counter64,
|
|
rcIpsecStatisticsOutSHA1Hmacs Counter64,
|
|
rcIpsecStatisticsOutAESXCBCs Counter64,
|
|
rcIpsecStatisticsOutInAnyNullAuth Counter64,
|
|
rcIpsecStatisticsOut3DESCBCs Counter64,
|
|
rcIpsecStatisticsOutAESCBCs Counter64,
|
|
rcIpsecStatisticsOutAESCTRs Counter64,
|
|
rcIpsecStatisticsOutInAnyNullEncrypt Counter64
|
|
}
|
|
|
|
rcIpsecStatisticsIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Interface If index for which the statistics is
|
|
captured for this interface."
|
|
::= { rcIpsecStatisticsEntry 1 }
|
|
|
|
rcIpsecStatisticsInSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of ingress packets successfully
|
|
carried on IPSec for this interface."
|
|
::= { rcIpsecStatisticsEntry 2 }
|
|
|
|
rcIpsecStatisticsInSPViolations OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of ingress packets discarded
|
|
by IPSec if security policy violation since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 3 }
|
|
|
|
rcIpsecStatisticsInNotEnoughMemories OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if not enough memory available since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 4 }
|
|
|
|
rcIpsecStatisticsInAHESPReplays OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if AH replay check failed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 5 }
|
|
|
|
rcIpsecStatisticsInESPReplays OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if ESP replay check failed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 6 }
|
|
|
|
rcIpsecStatisticsInAHFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if AH authentication check failed since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 7 }
|
|
|
|
rcIpsecStatisticsInESPFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded by
|
|
IPSec if ESP authentication check failed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 8 }
|
|
|
|
rcIpsecStatisticsOutSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets successfully
|
|
carried on IPSec since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 9 }
|
|
|
|
rcIpsecStatisticsOutSPViolations OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if security policy violation since boot time
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 10 }
|
|
|
|
rcIpsecStatisticsOutNotEnoughMemories OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if not enough memory available since boot time
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 11 }
|
|
|
|
rcIpsecStatisticsgeneralError OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of general occurs since boot time
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 12 }
|
|
|
|
rcIpsecStatisticsInAHSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets carried by IPSec
|
|
if AH authentication succeeded since boot time
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 13 }
|
|
|
|
rcIpsecStatisticsOutAHSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets carried by IPSec
|
|
if AH authentication succeeded since boot time for this
|
|
interface."
|
|
::= { rcIpsecStatisticsEntry 14 }
|
|
|
|
rcIpsecStatisticsInESPSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets carried by IPSec
|
|
if ESP authentication succeeded since boot time for
|
|
this interface."
|
|
::= { rcIpsecStatisticsEntry 15 }
|
|
|
|
rcIpsecStatisticsOutESPSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets carried by IPSec
|
|
if ESP authentication succeeded since boot time for this
|
|
interface."
|
|
::= { rcIpsecStatisticsEntry 16 }
|
|
|
|
rcIpsecStatisticsOutKBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets greater than
|
|
1 KB for this interface."
|
|
::= { rcIpsecStatisticsEntry 17 }
|
|
|
|
rcIpsecStatisticsOutBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound byte sized packets for
|
|
this interface"
|
|
::= { rcIpsecStatisticsEntry 18 }
|
|
|
|
rcIpsecStatisticsInKBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets greater than
|
|
1 KB for this interface."
|
|
::= { rcIpsecStatisticsEntry 19 }
|
|
|
|
rcIpsecStatisticsInBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound byte sized packets
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 20 }
|
|
|
|
rcIpsecStatisticsTotalPacketsProcessed OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of packets processed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 21 }
|
|
|
|
rcIpsecStatisticsTotalPacketsByPassed OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of packets bypassed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 22 }
|
|
|
|
rcIpsecStatisticsOutAHFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if AH authentication check failed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 23 }
|
|
|
|
rcIpsecStatisticsOutESPFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if ESP authentication check failed since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 24 }
|
|
|
|
rcIpsecStatisticsInMD5Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound HMAC MD5 occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 25 }
|
|
|
|
rcIpsecStatisticsInSHA1Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound HMAC SHA1 occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 26 }
|
|
|
|
rcIpsecStatisticsInAESXCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound AES XCBC MAC occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 27 }
|
|
|
|
rcIpsecStatisticsInAnyNullAuth OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of inbound packets without any Authentication
|
|
algorithm for this interface."
|
|
::= { rcIpsecStatisticsEntry 28 }
|
|
|
|
rcIpsecStatisticsIn3DESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound Triple DES CBC occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 29 }
|
|
|
|
rcIpsecStatisticsInAESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound AES CBC occurrences since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 30 }
|
|
|
|
rcIpsecStatisticsInAESCTRs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound DES CBC occurrences since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 31 }
|
|
|
|
rcIpsecStatisticsInAnyNullEncrypt OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of inbound packets without any Encryption
|
|
algorithm for this interface."
|
|
::= { rcIpsecStatisticsEntry 32 }
|
|
|
|
rcIpsecStatisticsOutMD5Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound HMAC MD5 occurrences since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 33 }
|
|
|
|
rcIpsecStatisticsOutSHA1Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound HMAC SHA1 occurrences since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 34 }
|
|
|
|
rcIpsecStatisticsOutAESXCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound AES XCBC MAC occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 35 }
|
|
|
|
rcIpsecStatisticsOutInAnyNullAuth OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of packets without any Authentication
|
|
algorithm for this interface."
|
|
::= { rcIpsecStatisticsEntry 36 }
|
|
|
|
rcIpsecStatisticsOut3DESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound Triple DES CBC occurrences
|
|
since boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 37 }
|
|
|
|
rcIpsecStatisticsOutAESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound AES CBC occurrences since
|
|
boot time for this interface."
|
|
::= { rcIpsecStatisticsEntry 38 }
|
|
|
|
rcIpsecStatisticsOutAESCTRs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound DES CBC occurrence since boot
|
|
time for this interface."
|
|
::= { rcIpsecStatisticsEntry 39 }
|
|
|
|
rcIpsecStatisticsOutInAnyNullEncrypt OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of packets without any Encryption algorithm
|
|
for this interface."
|
|
::= { rcIpsecStatisticsEntry 40 }
|
|
|
|
---
|
|
---Ipsec Global Statistics Scalars
|
|
---
|
|
|
|
rcIpsecGlobalStatisticsScalars OBJECT IDENTIFIER ::= { rcIpsec 7 }
|
|
|
|
rcIpsecGlobalStatisticsInSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of ingress packets successfully
|
|
carried on IPSec."
|
|
::= { rcIpsecGlobalStatisticsScalars 1 }
|
|
|
|
rcIpsecGlobalStatisticsInSPViolations OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of ingress packets discarded
|
|
by IPSec if security policy violation since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 2 }
|
|
|
|
rcIpsecGlobalStatisticsInNotEnoughMemories OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if not enough memory available since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 3 }
|
|
|
|
rcIpsecGlobalStatisticsInAHESPReplays OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if AH replay check failed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 4 }
|
|
|
|
rcIpsecGlobalStatisticsInESPReplays OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if ESP replay check failed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 5 }
|
|
|
|
rcIpsecGlobalStatisticsInAHFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded
|
|
by IPSec if AH authentication check failed since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 6 }
|
|
|
|
rcIpsecGlobalStatisticsInESPFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets discarded by
|
|
IPSec if ESP authentication check failed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 7 }
|
|
|
|
rcIpsecGlobalStatisticsOutSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets successfully
|
|
carried on IPSec since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 8 }
|
|
|
|
rcIpsecGlobalStatisticsOutSPViolations OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if security policy violation since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 9 }
|
|
|
|
rcIpsecGlobalStatisticsOutNotEnoughMemories OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if not enough memory available since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 10 }
|
|
|
|
rcIpsecGlobalStatisticsgeneralError OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of general occurs since boot time"
|
|
::= { rcIpsecGlobalStatisticsScalars 11 }
|
|
|
|
rcIpsecGlobalStatisticsInAHSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets carried by IPSec
|
|
if AH authentication succeeded since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 12 }
|
|
|
|
rcIpsecGlobalStatisticsOutAHSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets carried by IPSec
|
|
if AH authentication succeeded since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 13 }
|
|
|
|
rcIpsecGlobalStatisticsInESPSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets carried by IPSec
|
|
if ESP authentication succeeded since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 14 }
|
|
|
|
rcIpsecGlobalStatisticsOutESPSuccesses OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets carried by IPSec
|
|
if ESP authentication succeeded since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 15 }
|
|
|
|
rcIpsecGlobalStatisticsOutKBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets greater than
|
|
1 KB."
|
|
::= { rcIpsecGlobalStatisticsScalars 16 }
|
|
|
|
rcIpsecGlobalStatisticsOutBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound byte sized packets"
|
|
::= { rcIpsecGlobalStatisticsScalars 17 }
|
|
|
|
rcIpsecGlobalStatisticsInKBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound packets greater than
|
|
1 KB."
|
|
::= { rcIpsecGlobalStatisticsScalars 18 }
|
|
|
|
rcIpsecGlobalStatisticsInBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound byte sized packets."
|
|
::= { rcIpsecGlobalStatisticsScalars 19 }
|
|
|
|
rcIpsecGlobalStatisticsTotalPacketsProcessed OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of packets processed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 20 }
|
|
|
|
rcIpsecGlobalStatisticsTotalPacketsByPassed OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of packets bypassed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 21 }
|
|
|
|
rcIpsecGlobalStatisticsOutAHFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if AH authentication check failed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 22 }
|
|
|
|
rcIpsecGlobalStatisticsOutESPFailures OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound packets discarded by
|
|
IPSec if ESP authentication check failed since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 23 }
|
|
|
|
rcIpsecGlobalStatisticsInMD5Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound HMAC MD5 occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 24 }
|
|
|
|
rcIpsecGlobalStatisticsInSHA1Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound HMAC SHA1 occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 25 }
|
|
|
|
rcIpsecGlobalStatisticsInAESXCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound AES XCBC MAC occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 26 }
|
|
|
|
rcIpsecGlobalStatisticsInAnyNullAuth OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of inbound packets without any Authentication
|
|
algorithm."
|
|
::= { rcIpsecGlobalStatisticsScalars 27 }
|
|
|
|
rcIpsecGlobalStatisticsIn3DESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound Triple DES CBC occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 28 }
|
|
|
|
rcIpsecGlobalStatisticsInAESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of inbound AES CBC occurrences since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 29 }
|
|
|
|
rcIpsecGlobalStatisticsInAESCTRs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound DES CBC occurrences since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 30 }
|
|
|
|
rcIpsecGlobalStatisticsInAnyNullEncrypt OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of inbound packets without any Encryption
|
|
algorithm"
|
|
::= { rcIpsecGlobalStatisticsScalars 31 }
|
|
|
|
rcIpsecGlobalStatisticsOutMD5Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound HMAC MD5 occurrences since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 32 }
|
|
|
|
rcIpsecGlobalStatisticsOutSHA1Hmacs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound HMAC SHA1 occurrences since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 33 }
|
|
|
|
rcIpsecGlobalStatisticsOutAESXCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound AES XCBC MAC occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 34 }
|
|
|
|
rcIpsecGlobalStatisticsOutInAnyNullAuth OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of outbound packets without any Authentication
|
|
algorithm"
|
|
::= { rcIpsecGlobalStatisticsScalars 35 }
|
|
|
|
rcIpsecGlobalStatisticsOut3DESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound Triple DES CBC occurrences
|
|
since boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 36 }
|
|
|
|
rcIpsecGlobalStatisticsOutAESCBCs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound AES CBC occurrences since
|
|
boot time."
|
|
::= { rcIpsecGlobalStatisticsScalars 37 }
|
|
|
|
rcIpsecGlobalStatisticsOutAESCTRs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "The total number of outbound DES CBC occurrence since boot
|
|
time."
|
|
::= { rcIpsecGlobalStatisticsScalars 38 }
|
|
|
|
rcIpsecGlobalStatisticsOutInAnyNullEncrypt OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Total number of inbound packets without any Encryption
|
|
algorithm"
|
|
::= { rcIpsecGlobalStatisticsScalars 39 }
|
|
|
|
END
|
|
|