WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/hp/HPN-ICF-IPSEC-MONITOR-MIB

1651 lines
59 KiB
Plaintext
Raw Blame History

-- ====================================================================
-- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
--
-- Description: The MIB is designed to get IPSec tunnels' statistic information.
-- Reference:
-- Version: 1.5
-- History:
-- V1.0: The initial version created by Caixiansen, Renweichun and
-- Maoyu.
-- V1.1: Modified by Caixiansen Mar.3 2005
-- Two values 'modp1536(5)' and 'modp2048(14)'are added for data
-- type 'HpnicfDiffHellmanGrp'.
-- V1.2: Modified by Sunludong Sep.1 2005
-- Descriptions of node 'hpnicfIPSecTunIKETunnelIndex', 'hpnicfIPSecTunLocalAddr',
-- 'hpnicfIPSecTunRemoteAddr', 'hpnicfIPSecTunLifeSize', 'hpnicfIPSecTunLifeTime',
-- 'hpnicfIPSecTunRemainTime', 'hpnicfIPSecTunActiveTime', 'hpnicfIPSecTunRemainSize'
-- are modified.
-- Ranges of node 'hpnicfIPSecTunRemainTime', 'hpnicfIPSecTunActiveTime',
-- 'hpnicfIPSecTunRemainSize' are modified.
-- Ranges of data type 'HpnicfIPSecNegoType', 'HpnicfEncapMode',
-- 'HpnicfEncryptAlgo', 'HpnicfAuthAlgo', 'HpnicfDiffHellmanGrp' are modified.
-- V1.3: Modified by Sunludong Feb.23 2006
-- Range and description of node 'hpnicfIPSecTunInitiator' are modified.
-- V1.4: Modified by liukan Jan.12 2007
-- Range of data type 'HpnicfEncryptAlgo' are modified.
-- V1.5: Modified by Liukan Dec.8 2008
-- Three values 'aesCbc128(9)', 'aesCbc192(10)' and 'aesCbc256(11)' are added
-- to data type 'HpnicfEncryptAlgo'.
-- Data type of node 'hpnicfIPSecTunLifeSize' and 'hpnicfIPSecTunRemainSize' are modified
-- from Integer32 to Gauge32.
-- =====================================================================
HPN-ICF-IPSEC-MONITOR-MIB DEFINITIONS ::= BEGIN
IMPORTS
ifIndex
FROM RFC1213-MIB
DisplayString,TEXTUAL-CONVENTION
FROM SNMPv2-TC
IpAddress, Integer32, Counter32, Counter64, OBJECT-TYPE,
MODULE-IDENTITY, Gauge32, NOTIFICATION-TYPE, Unsigned32
FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
hpnicfCommon
FROM HPN-ICF-OID-MIB;
hpnicfIPSecMonitor MODULE-IDENTITY
LAST-UPDATED "200410260000Z" -- Oct. 26, 2004 GMT
ORGANIZATION
""
CONTACT-INFO
""
DESCRIPTION
"The MIB is designed to get statistic information of
IPSec tunnels. With this MIB, we can get information of a certain
tunnel or all tunnels."
::= { hpnicfCommon 7 }
HpnicfDiffHellmanGrp ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The Diffie Hellman Group used in the IKE and IPSec negotiations.
invalidGroup(2147483647) is defined as invalid value."
SYNTAX INTEGER {
none(0),
modp768(1),
modp1024(2),
modp1536(5),
modp2048(14),
invalidGroup(2147483647)
}
HpnicfEncapMode ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The encapsulation mode used by an IPSec Phase-2 Tunnel.
invalidMode(2147483647) is defined as invalid value."
SYNTAX INTEGER {
tunnel(1),
transport(2),
invalidMode(2147483647)
}
HpnicfEncryptAlgo ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The encryption algorithm used in the IKE and IPSec negotiations.
invalidAlg(2147483647) is defined as invalid value."
SYNTAX INTEGER {
none(0),
desCbc(1),
ideaCbc(2),
blowfishCbc(3),
rc5R16B64Cbc(4),
tripledesCbc(5),
castCbc(6),
aesCbc(7),
nsaCbc(8),
aesCbc128(9),
aesCbc192(10),
aesCbc256(11),
invalidAlg(2147483647)
}
HpnicfAuthAlgo ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The authentication algorithm used in the IKE negotiations.
invalidAlg(2147483647) is defined as invalid value."
SYNTAX INTEGER {
none(0),
md5(1),
sha(2),
invalidAlg(2147483647)
}
HpnicfSaProtocol ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The protocol of security association."
SYNTAX INTEGER {
reserved(0),
isakmp(1),
ah(2),
esp(3),
ipcomp(4)
}
HpnicfTrapStatus ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The switch which determines whether send a trap or not."
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
HpnicfIPSecIDType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The type of IPSec Identity."
SYNTAX INTEGER {
reserved(0),
ipv4Addr(1),
fqdn(2), -- fully-qualified domain name
userFqdn(3), -- fully-qualified username
ipv4AddrSubnet(4),
ipv6Addr(5),
ipv6AddrSubnet(6),
ipv4AddrRange(7),
ipv6AddrRange(8),
derAsn1Dn(9), -- the binary DER encoding of an ASN.1 X.500 Distinguished
-- Name [X.501] of the princIPal whose certificates are
-- being exchanged to establish the SA.
derAsn1Gn(10), -- the binary DER encoding of an ASN.1 X.500 GeneralName
-- [X.509] of the princIPal whose certificates are being
-- exchanged to establish the SA.
keyId(11) -- specifies an opaque byte stream which may be used to
-- pass vendor-specific information necessary to identify
-- which pre-shared key should be used to authenticate
-- Aggressive mode negotiations.
}
HpnicfTrafficType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The type of the data flow."
SYNTAX INTEGER {
ipv4Addr(1),
ipv4AddrSubnet(4),
ipv6Addr(5),
ipv6AddrSubnet(6),
ipv4AddrRange(7),
ipv6AddrRange(8)
}
HpnicfIPSecNegoType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The type of key used by an IPSec Phase-2 Tunnel. invalidType(2147483647)
is defined as invalid value."
SYNTAX INTEGER {
ike(1),
manual(2),
invalidType(2147483647)
}
HpnicfIPSecTunnelState ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The state of IPSec tunnel."
SYNTAX INTEGER {
active(1),
timeout(2)
}
-- ========================================================================
-- Node definitions
-- ========================================================================
--Begin the node of hpnicfIPSecObjects.
hpnicfIPSecObjects OBJECT IDENTIFIER ::= { hpnicfIPSecMonitor 1 }
-- ===============================================
-- Begin the table of hpnicfIPSecTunnelTable.
-- ===============================================
hpnicfIPSecTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpnicfIPSecTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IPSec Phase-2 Tunnel Table. There is one
entry in this table for each active IPSec Phase-2 Tunnel."
::= { hpnicfIPSecObjects 1 }
hpnicfIPSecTunnelEntry OBJECT-TYPE
SYNTAX HpnicfIPSecTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about hpnicfIPSecTunnelTable."
INDEX { hpnicfIPSecTunIfIndex, hpnicfIPSecTunEntryIndex,hpnicfIPSecTunIndex }
::= { hpnicfIPSecTunnelTable 1 }
HpnicfIPSecTunnelEntry ::=
SEQUENCE {
hpnicfIPSecTunIfIndex
Integer32,
hpnicfIPSecTunEntryIndex
Integer32,
hpnicfIPSecTunIndex
Integer32,
hpnicfIPSecTunIKETunnelIndex
Integer32,
hpnicfIPSecTunLocalAddr
IpAddress,
hpnicfIPSecTunRemoteAddr
IpAddress,
hpnicfIPSecTunKeyType
HpnicfIPSecNegoType,
hpnicfIPSecTunEncapMode
HpnicfEncapMode,
hpnicfIPSecTunInitiator
INTEGER,
hpnicfIPSecTunLifeSize
Gauge32,
hpnicfIPSecTunLifeTime
Integer32,
hpnicfIPSecTunRemainTime
Integer32,
hpnicfIPSecTunActiveTime
Integer32,
hpnicfIPSecTunRemainSize
Gauge32,
hpnicfIPSecTunTotalRefreshes
Counter32,
hpnicfIPSecTunCurrentSaInstances
Gauge32,
hpnicfIPSecTunInSaEncryptAlgo
HpnicfEncryptAlgo,
hpnicfIPSecTunInSaAhAuthAlgo
HpnicfAuthAlgo,
hpnicfIPSecTunInSaEspAuthAlgo
HpnicfAuthAlgo,
hpnicfIPSecTunDiffHellmanGrp
HpnicfDiffHellmanGrp,
hpnicfIPSecTunOutSaEncryptAlgo
HpnicfEncryptAlgo,
hpnicfIPSecTunOutSaAhAuthAlgo
HpnicfAuthAlgo,
hpnicfIPSecTunOutSaEspAuthAlgo
HpnicfAuthAlgo,
hpnicfIPSecTunPolicyName
DisplayString,
hpnicfIPSecTunPolicyNum
Integer32,
hpnicfIPSecTunStatus
INTEGER
}
hpnicfIPSecTunIfIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The interface index( the ifIndex of ifTable )."
::= { hpnicfIPSecTunnelEntry 1 }
hpnicfIPSecTunEntryIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of IPSec policy applied in the interface."
::= { hpnicfIPSecTunnelEntry 2 }
hpnicfIPSecTunIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of IPSec Phase-2 Tunnel Table. The value of
the index is a number which begins at one and is
incremented with each tunnel that is created. The
value of this object will wrap at 2,147,483,647."
::= { hpnicfIPSecTunnelEntry 3 }
hpnicfIPSecTunIKETunnelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of the associated IPSec Phase-1 IKE Tunnel
(IKETunIndex in the IKETunnelTable). 2147483647 is defined as
invalid value. "
::= { hpnicfIPSecTunnelEntry 4 }
hpnicfIPSecTunLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the local peer for the IPSec Phase-2
Tunnel. 0.0.0.0 is defined as invalid value."
::= { hpnicfIPSecTunnelEntry 5 }
hpnicfIPSecTunRemoteAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the remote peer for the IPSec Phase-2
Tunnel. 0.0.0.0 is defined as invalid value."
::= { hpnicfIPSecTunnelEntry 6 }
hpnicfIPSecTunKeyType OBJECT-TYPE
SYNTAX HpnicfIPSecNegoType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The key negotiate mode used by the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 7 }
hpnicfIPSecTunEncapMode OBJECT-TYPE
SYNTAX HpnicfEncapMode
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The encapsulation mode used by the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 8 }
hpnicfIPSecTunInitiator OBJECT-TYPE
SYNTAX INTEGER
{
local(1),
remote(2),
none(2147483647)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The initiator of this IPSec tunnel. Value none is used for manual
IPsec tunnel, for there is no initiator or responder in this method."
::= { hpnicfIPSecTunnelEntry 9 }
hpnicfIPSecTunLifeSize OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The negotiated LifeSize of the IPSec Phase-2 Tunnel in kilobytes.
0 is defined as invalid value."
::= { hpnicfIPSecTunnelEntry 10 }
hpnicfIPSecTunLifeTime OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The negotiated LifeTime of the IPSec Phase-2 Tunnel in seconds.
2147483647 is defined as invalid value."
::= { hpnicfIPSecTunnelEntry 11 }
hpnicfIPSecTunRemainTime OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remain time of SA in seconds. 2147483647 is defined as invalid
value."
::= { hpnicfIPSecTunnelEntry 12 }
hpnicfIPSecTunActiveTime OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration the IPSec Phase-2 Tunnel has been active in
hundredths of seconds. 2147483647 is defined as invalid value."
::= { hpnicfIPSecTunnelEntry 13 }
hpnicfIPSecTunRemainSize OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remain LifeSize of SA in kilobytes. 0 is defined as
invalid value."
::= { hpnicfIPSecTunnelEntry 14 }
hpnicfIPSecTunTotalRefreshes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of security association refreshing performed."
::= { hpnicfIPSecTunnelEntry 15 }
hpnicfIPSecTunCurrentSaInstances OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of security associations which are currently active
or expiring."
::= { hpnicfIPSecTunnelEntry 16 }
hpnicfIPSecTunInSaEncryptAlgo OBJECT-TYPE
SYNTAX HpnicfEncryptAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The encryption algorithm used by the inbound security association
of the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 17 }
hpnicfIPSecTunInSaAhAuthAlgo OBJECT-TYPE
SYNTAX HpnicfAuthAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used by the inbound authentication
header (AH) security association of the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 18 }
hpnicfIPSecTunInSaEspAuthAlgo OBJECT-TYPE
SYNTAX HpnicfAuthAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used by the inbound encapsulation
security protocol(ESP) security association of the IPSec
Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 19 }
hpnicfIPSecTunDiffHellmanGrp OBJECT-TYPE
SYNTAX HpnicfDiffHellmanGrp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Diffie Hellman Group used by the security association of the
IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 20 }
hpnicfIPSecTunOutSaEncryptAlgo OBJECT-TYPE
SYNTAX HpnicfEncryptAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The encryption algorithm used by the outbound security
association of the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 21 }
hpnicfIPSecTunOutSaAhAuthAlgo OBJECT-TYPE
SYNTAX HpnicfAuthAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used by the outbound
authentication header (AH) security association of
the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 22 }
hpnicfIPSecTunOutSaEspAuthAlgo OBJECT-TYPE
SYNTAX HpnicfAuthAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used by the outbound encapsulation
security protocol(ESP) security association of the IPSec
Phase-2 Tunnel."
::= { hpnicfIPSecTunnelEntry 23 }
hpnicfIPSecTunPolicyName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The policy name used by this IPSec tunnel."
::= { hpnicfIPSecTunnelEntry 24 }
hpnicfIPSecTunPolicyNum OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sequence number of policy used by this IPSec tunnel."
::= { hpnicfIPSecTunnelEntry 25 }
hpnicfIPSecTunStatus OBJECT-TYPE
SYNTAX INTEGER
{
initial(1),
ready(2),
rekeyed(3),
closed(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the IPSec Tunnel."
::= { hpnicfIPSecTunnelEntry 26 }
-- ===============================================
-- Begin the table of hpnicfIPSecTunnelStatTable.
-- ===============================================
hpnicfIPSecTunnelStatTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpnicfIPSecTunnelStatEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IPSec Phase-2 Tunnel Statistics Table. "
::= { hpnicfIPSecObjects 2 }
hpnicfIPSecTunnelStatEntry OBJECT-TYPE
SYNTAX HpnicfIPSecTunnelStatEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about hpnicfIPSecTunnelStatTable."
INDEX { hpnicfIPSecTunIfIndex,hpnicfIPSecTunEntryIndex,hpnicfIPSecTunIndex }
::= { hpnicfIPSecTunnelStatTable 1 }
HpnicfIPSecTunnelStatEntry ::=
SEQUENCE {
hpnicfIPSecTunInOctets
Counter64,
hpnicfIPSecTunInDecompOctets
Counter64,
hpnicfIPSecTunInPkts
Counter64,
hpnicfIPSecTunInDropPkts
Counter64,
hpnicfIPSecTunInReplayDropPkts
Counter32,
hpnicfIPSecTunInAuthFails
Counter32,
hpnicfIPSecTunInDecryptFails
Counter32,
hpnicfIPSecTunOutOctets
Counter64,
hpnicfIPSecTunOutUncompOctets
Counter64,
hpnicfIPSecTunOutPkts
Counter64,
hpnicfIPSecTunOutDropPkts
Counter64,
hpnicfIPSecTunOutEncryptFails
Counter32,
hpnicfIPSecTunNoMemoryDropPkts
Counter32,
hpnicfIPSecTunQueueFullDropPkts
Counter32,
hpnicfIPSecTunInvalidLenDropPkts
Counter32,
hpnicfIPSecTunTooLongDropPkts
Counter32,
hpnicfIPSecTunInvalidSaDropPkts
Counter32
}
hpnicfIPSecTunInOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of octets received by this IPSec Phase-2 Tunnel.
This value is accumulated BEFORE determining whether or not the
packet should be decompressed."
::= { hpnicfIPSecTunnelStatEntry 1 }
hpnicfIPSecTunInDecompOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of decompressed octets received by this IPSec
Phase-2 Tunnel. This value is accumulated AFTER the packet
is decompressed."
::= { hpnicfIPSecTunnelStatEntry 2 }
hpnicfIPSecTunInPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets received by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 3 }
hpnicfIPSecTunInDropPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during receiving process
by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 4 }
hpnicfIPSecTunInReplayDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during
receiving process due to Anti-Replay process
by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 5 }
hpnicfIPSecTunInAuthFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of inbound authentication's
which ended in failure by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 6 }
hpnicfIPSecTunInDecryptFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of inbound decryption's
which ended in failure by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 7 }
hpnicfIPSecTunOutOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of octets sent by this IPSec Phase-2 Tunnel.
This value is accumulated AFTER determining whether or not
the packet should be compressed."
::= { hpnicfIPSecTunnelStatEntry 8 }
hpnicfIPSecTunOutUncompOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of uncompressed octets sent by this IPSec Phase-2
Tunnel.This value is accumulated BEFORE the packet is compressed."
::= { hpnicfIPSecTunnelStatEntry 9 }
hpnicfIPSecTunOutPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets sent by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 10 }
hpnicfIPSecTunOutDropPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during sending process
by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 11 }
hpnicfIPSecTunOutEncryptFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of outbound encryption's which ended in failure
by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 12 }
hpnicfIPSecTunNoMemoryDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to no enough memory by this
IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 13 }
hpnicfIPSecTunQueueFullDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to queue full by this
IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 14 }
hpnicfIPSecTunInvalidLenDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to invalid length packet
by this IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 15 }
hpnicfIPSecTunTooLongDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to too long packet by this
IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 16 }
hpnicfIPSecTunInvalidSaDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to invalid SA by this
IPSec Phase-2 Tunnel."
::= { hpnicfIPSecTunnelStatEntry 17 }
-- ===============================================
-- Begin the table of hpnicfIPSecSaTable.
-- ===============================================
hpnicfIPSecSaTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpnicfIPSecSaEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IPSec Phase-2 Security Protection Index Table. This table
contains an entry for each active and expiring security association."
::= { hpnicfIPSecObjects 3 }
hpnicfIPSecSaEntry OBJECT-TYPE
SYNTAX HpnicfIPSecSaEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about hpnicfIPSecSaTable."
INDEX { hpnicfIPSecTunIfIndex,hpnicfIPSecTunEntryIndex,hpnicfIPSecTunIndex,hpnicfIPSecSaIndex }
::= { hpnicfIPSecSaTable 1 }
HpnicfIPSecSaEntry ::=
SEQUENCE {
hpnicfIPSecSaIndex
Integer32,
hpnicfIPSecSaDirection
INTEGER,
hpnicfIPSecSaValue
Unsigned32,
hpnicfIPSecSaProtocol
HpnicfSaProtocol,
hpnicfIPSecSaEncryptAlgo
HpnicfEncryptAlgo,
hpnicfIPSecSaAuthAlgo
HpnicfAuthAlgo,
hpnicfIPSecSaStatus
INTEGER
}
hpnicfIPSecSaIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The number of the Sa associated with the Phase-2 Tunnel
Table. The value of this index is a number which begins
at one and is incremented with each Sa associated with
an IPSec Phase-2 Tunnel. The value of this object will
wrap at 2,147,483,647."
::= { hpnicfIPSecSaEntry 1 }
hpnicfIPSecSaDirection OBJECT-TYPE
SYNTAX INTEGER {
in(1),
out(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The direction of the SA."
::= { hpnicfIPSecSaEntry 2 }
hpnicfIPSecSaValue OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the SPI."
::= { hpnicfIPSecSaEntry 3 }
hpnicfIPSecSaProtocol OBJECT-TYPE
SYNTAX HpnicfSaProtocol
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The security protocol of the SA."
::= { hpnicfIPSecSaEntry 4 }
hpnicfIPSecSaEncryptAlgo OBJECT-TYPE
SYNTAX HpnicfEncryptAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The encryption algorithm used by the security association
of the IPSec Phase-2 Tunnel."
::= { hpnicfIPSecSaEntry 5 }
hpnicfIPSecSaAuthAlgo OBJECT-TYPE
SYNTAX HpnicfAuthAlgo
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used by the SA."
::= { hpnicfIPSecSaEntry 6 }
hpnicfIPSecSaStatus OBJECT-TYPE
SYNTAX INTEGER {
active(1),
expiring(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the SA."
::= { hpnicfIPSecSaEntry 7 }
-- ===============================================
-- Begin the table of hpnicfIPSecTrafficTable.
-- ===============================================
hpnicfIPSecTrafficTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpnicfIPSecTrafficEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IPSec Phase-2 Tunnel Traffic Table. "
::= { hpnicfIPSecObjects 4 }
hpnicfIPSecTrafficEntry OBJECT-TYPE
SYNTAX HpnicfIPSecTrafficEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about hpnicfIPSecTrafficTable."
INDEX { hpnicfIPSecTunIfIndex,hpnicfIPSecTunEntryIndex,hpnicfIPSecTunIndex }
::= { hpnicfIPSecTrafficTable 1 }
HpnicfIPSecTrafficEntry ::=
SEQUENCE {
hpnicfIPSecTrafficLocalType
HpnicfTrafficType,
hpnicfIPSecTrafficLocalAddr1
IpAddress,
hpnicfIPSecTrafficLocalAddr2
IpAddress,
hpnicfIPSecTrafficLocalProtocol
Integer32,
hpnicfIPSecTrafficLocalPort
Integer32,
hpnicfIPSecTrafficRemoteType
HpnicfTrafficType,
hpnicfIPSecTrafficRemoteAddr1
IpAddress,
hpnicfIPSecTrafficRemoteAddr2
IpAddress,
hpnicfIPSecTrafficRemoteProtocol
Integer32,
hpnicfIPSecTrafficRemotePort
Integer32
}
hpnicfIPSecTrafficLocalType OBJECT-TYPE
SYNTAX HpnicfTrafficType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of local peer. Possible values are: a single
IP address, or an IP address range, or an IP subnet."
::= { hpnicfIPSecTrafficEntry 1 }
hpnicfIPSecTrafficLocalAddr1 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The first specification of local peer's IP address. If
the local peer type is single IP address, then this is the
value of the IP address. If the local peer type is IP subnet,
then this is the value of the subnet. If the local peer type
is IP address range, then this is the value of beginning IP
address of the range."
::= { hpnicfIPSecTrafficEntry 2 }
hpnicfIPSecTrafficLocalAddr2 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The second specification of local peer's IP address. If the local
peer type is single IP address, then this is the value of the
IP address. If the local peer type is IP subnet, then this is
the value of the subnet mask. If the local peer type is IP
address range, then this is the value of ending IP address of
the range."
::= { hpnicfIPSecTrafficEntry 3 }
hpnicfIPSecTrafficLocalProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The protocol number of the local peer's traffic."
::= { hpnicfIPSecTrafficEntry 4 }
hpnicfIPSecTrafficLocalPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The port number of the local peer's traffic."
::= { hpnicfIPSecTrafficEntry 5 }
hpnicfIPSecTrafficRemoteType OBJECT-TYPE
SYNTAX HpnicfTrafficType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of remote peer. Possible values are: a single
IP address, or an IP address range, or an IP subnet."
::= { hpnicfIPSecTrafficEntry 6 }
hpnicfIPSecTrafficRemoteAddr1 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The first specification of remote peer's IP address.
If the remote peer type is single IP address, then
this is the value of the IP address. If the remote
peer type is IP subnet, then this is the value
of the subnet. If the remote peer type is IP
address range, then this is the value of beginning
IP address of the range."
::= { hpnicfIPSecTrafficEntry 7 }
hpnicfIPSecTrafficRemoteAddr2 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Single IP address, then this is the value of the IP
address. If the remote peer type is IP subnet,
then this is the value of the subnet mask. If the
remote peer type is IP address range, then this
is the value of ending IP address of the range."
::= { hpnicfIPSecTrafficEntry 8 }
hpnicfIPSecTrafficRemoteProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The protocol number of the remote peer's traffic."
::= { hpnicfIPSecTrafficEntry 9 }
hpnicfIPSecTrafficRemotePort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The port number of the remote peer's traffic."
::= { hpnicfIPSecTrafficEntry 10 }
-- ===============================================
-- Begin the hpnicfIPSecGlobalStats.
-- ===============================================
hpnicfIPSecGlobalStats OBJECT IDENTIFIER ::= { hpnicfIPSecObjects 5 }
hpnicfIPSecGlobalActiveTunnels OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of currently active IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 1 }
hpnicfIPSecGlobalActiveSas OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of currently active or expiring IPSec Phase-2 SA."
::= { hpnicfIPSecGlobalStats 2 }
hpnicfIPSecGlobalInOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of octets received by all current and previous
IPSec Phase-2 Tunnels. This value is accumulated BEFORE determining
whether or not the packet should be decompressed."
::= { hpnicfIPSecGlobalStats 3 }
hpnicfIPSecGlobalInDecompOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of decompressed octets received by all current
and previous IPSec Phase-2 Tunnels. This value is accumulated
AFTER the packet is decompressed."
::= { hpnicfIPSecGlobalStats 4 }
hpnicfIPSecGlobalInPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets received by all current and
previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 5 }
hpnicfIPSecGlobalInDrops OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during receiving
process by all current and previous IPSec Phase-2
Tunnels. "
::= { hpnicfIPSecGlobalStats 6 }
hpnicfIPSecGlobalInReplayDrops OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during receiving
process due to Anti-Replay process by all
current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 7 }
hpnicfIPSecGlobalInAuthFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of inbound authentication's which ended
in failure by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 8 }
hpnicfIPSecGlobalInDecryptFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of inbound decryption's which ended in
failure by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 9 }
hpnicfIPSecGlobalOutOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of octets sent by all current and previous
IPSec Phase-2 Tunnels. This value is accumulated AFTER
determining whether or not the packet should be compressed."
::= { hpnicfIPSecGlobalStats 10 }
hpnicfIPSecGlobalOutUncompOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of uncompressed octets sent by all current
and previous IPSec Phase-2 Tunnels. This value is accumulated
BEFORE the packet is compressed."
::= { hpnicfIPSecGlobalStats 11 }
hpnicfIPSecGlobalOutPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets sent by all current and previous
IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 12 }
hpnicfIPSecGlobalOutDrops OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped during sending process
by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 13 }
hpnicfIPSecGlobalOutEncryptFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of outbound encryption's which ended in failure
by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 14 }
hpnicfIPSecGlobalNoMemoryDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to no enough memory
by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 15 }
hpnicfIPSecGlobalNoFindSaDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to not find SA by
all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 16 }
hpnicfIPSecGlobalQueueFullDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to queue full by
all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 17 }
hpnicfIPSecGlobalInvalidLenDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to invalid packet
length by all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 18 }
hpnicfIPSecGlobalTooLongDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to too long packet by
all current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 19 }
hpnicfIPSecGlobalInvalidSaDropPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets dropped due to invalid SA by all
current and previous IPSec Phase-2 Tunnels."
::= { hpnicfIPSecGlobalStats 20 }
-- ===============================================
-- Begin the hpnicfIPSecTrapObject.
-- ===============================================
hpnicfIPSecTrapObject OBJECT IDENTIFIER ::= { hpnicfIPSecObjects 6 }
hpnicfIPSecPolicyName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The IPSec policy name with a trap."
::= { hpnicfIPSecTrapObject 1 }
hpnicfIPSecPolicySeqNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The IPSec policy sequence number with a trap."
::= { hpnicfIPSecTrapObject 2 }
hpnicfIPSecPolicySize OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The number of IPSec policies with a trap."
::= { hpnicfIPSecTrapObject 3 }
hpnicfIPSecSpiValue OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The SPI value associated with a trap."
::= { hpnicfIPSecTrapObject 4 }
-- ===============================================
-- Begin the hpnicfIPSecTrapCntl.
-- ===============================================
hpnicfIPSecTrapCntl OBJECT IDENTIFIER ::= { hpnicfIPSecObjects 7 }
hpnicfIPSecTrapGlobalCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether all IPSec traps should be generated."
::= { hpnicfIPSecTrapCntl 1 }
hpnicfIPSecTunnelStartTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecTunnelStart traps should be generated."
::= { hpnicfIPSecTrapCntl 2 }
hpnicfIPSecTunnelStopTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecTunnelStop traps should be generated."
::= { hpnicfIPSecTrapCntl 3 }
hpnicfIPSecNoSaTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecNoSaFailure traps should be generated."
::= { hpnicfIPSecTrapCntl 4 }
hpnicfIPSecAuthFailureTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecAuthFailFailure traps should be generated."
::= { hpnicfIPSecTrapCntl 5 }
hpnicfIPSecEncryFailureTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecEncryFailFailure traps should be generated."
::= { hpnicfIPSecTrapCntl 6 }
hpnicfIPSecDecryFailureTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecDecryFailFailure traps should be generated."
::= { hpnicfIPSecTrapCntl 7 }
hpnicfIPSecInvalidSaTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSec Invalid Sa Failure traps should be generated."
::= { hpnicfIPSecTrapCntl 8 }
hpnicfIPSecPolicyAddTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecPolicyAdd traps should be generated."
::= { hpnicfIPSecTrapCntl 9 }
hpnicfIPSecPolicyDelTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecPolicyDel traps should be generated."
::= { hpnicfIPSecTrapCntl 10 }
hpnicfIPSecPolicyAttachTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecPolicyAttach traps should be generated."
::= { hpnicfIPSecTrapCntl 11 }
hpnicfIPSecPolicyDetachTrapCntl OBJECT-TYPE
SYNTAX HpnicfTrapStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether hpnicfIPSecPolicyDetach traps should be generated."
::= { hpnicfIPSecTrapCntl 12 }
-- ===============================================
-- definition of traps.
-- ===============================================
hpnicfIPSecTrap OBJECT IDENTIFIER ::= { hpnicfIPSecObjects 8 }
hpnicfIPSecNotifications OBJECT IDENTIFIER ::= { hpnicfIPSecTrap 1 }
hpnicfIPSecTunnelStart NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr,
hpnicfIPSecTunLifeTime,
hpnicfIPSecTunLifeSize
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec Phase-2
Tunnel is created."
::= { hpnicfIPSecNotifications 1 }
hpnicfIPSecTunnelStop NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr,
hpnicfIPSecTunActiveTime
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec Phase-2
Tunnel is deleted."
::= { hpnicfIPSecNotifications 2 }
hpnicfIPSecNoSaFailure NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec Phase-2
non-existent SA error occurs."
::= { hpnicfIPSecNotifications 3 }
hpnicfIPSecAuthFailFailure NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr
}
STATUS current
DESCRIPTION
"This notification is generated when the IPSec phase-2
authentication failure occurs."
::= { hpnicfIPSecNotifications 4 }
hpnicfIPSecEncryFailFailure NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr
}
STATUS current
DESCRIPTION
"This notification is generated when the IPSec phase-2
tunnel has an encrypting failure."
::= { hpnicfIPSecNotifications 5 }
hpnicfIPSecDecryFailFailure NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr
}
STATUS current
DESCRIPTION
"This notification is generated when the IPSec phase-2
tunnel has a decrypting failure."
::= { hpnicfIPSecNotifications 6 }
hpnicfIPSecInvalidSaFailure NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr,
hpnicfIPSecSpiValue
}
STATUS current
DESCRIPTION
"This notification is generated when the IPSec phase-2
invalid SA failure occurs."
::= { hpnicfIPSecNotifications 7 }
hpnicfIPSecPolicyAdd NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecPolicyName,
hpnicfIPSecPolicySeqNum,
hpnicfIPSecPolicySize
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec policy is added."
::= { hpnicfIPSecNotifications 8 }
hpnicfIPSecPolicyDel NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecPolicyName,
hpnicfIPSecPolicySeqNum,
hpnicfIPSecPolicySize
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec policy is deleted."
::= { hpnicfIPSecNotifications 9 }
hpnicfIPSecPolicyAttach NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecPolicyName,
hpnicfIPSecPolicySize,
ifIndex
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec policy is attached
with one interface."
::= { hpnicfIPSecNotifications 10 }
hpnicfIPSecPolicyDetach NOTIFICATION-TYPE
OBJECTS { hpnicfIPSecPolicyName,
hpnicfIPSecPolicySize,
ifIndex
}
STATUS current
DESCRIPTION
"This notification is generated when an IPSec policy is detached
with one interface."
::= { hpnicfIPSecNotifications 11 }
-- ===============================================
-- Conformance Information
-- ===============================================
hpnicfIPSecConformance OBJECT IDENTIFIER
::= { hpnicfIPSecMonitor 2 }
hpnicfIPSecCompliances OBJECT IDENTIFIER
::= { hpnicfIPSecConformance 1 }
hpnicfIPSecGroups OBJECT IDENTIFIER
::= { hpnicfIPSecConformance 2 }
-- ===============================================
-- Compliance Statements
-- ===============================================
hpnicfIPSecCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
" "
MODULE -- this module
MANDATORY-GROUPS
{
hpnicfIPSecTunnelTableGroup,
hpnicfIPSecTunnelStatGroup,
hpnicfIPSecSaGroup,
hpnicfIPSecTrafficTableGroup,
hpnicfIPSecGlobalStatsGroup,
hpnicfIPSecTrapObjectGroup,
hpnicfIPSecTrapCntlGroup,
hpnicfIPSecTrapGroup
}
::= { hpnicfIPSecCompliances 1 }
hpnicfIPSecTunnelTableGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecTunIKETunnelIndex,
hpnicfIPSecTunLocalAddr,
hpnicfIPSecTunRemoteAddr,
hpnicfIPSecTunKeyType,
hpnicfIPSecTunEncapMode,
hpnicfIPSecTunInitiator,
hpnicfIPSecTunLifeSize,
hpnicfIPSecTunLifeTime,
hpnicfIPSecTunRemainTime,
hpnicfIPSecTunActiveTime,
hpnicfIPSecTunRemainSize,
hpnicfIPSecTunTotalRefreshes,
hpnicfIPSecTunCurrentSaInstances,
hpnicfIPSecTunInSaEncryptAlgo,
hpnicfIPSecTunInSaAhAuthAlgo,
hpnicfIPSecTunInSaEspAuthAlgo,
hpnicfIPSecTunDiffHellmanGrp,
hpnicfIPSecTunOutSaEncryptAlgo,
hpnicfIPSecTunOutSaAhAuthAlgo,
hpnicfIPSecTunOutSaEspAuthAlgo,
hpnicfIPSecTunPolicyName,
hpnicfIPSecTunPolicyNum,
hpnicfIPSecTunStatus
}
STATUS current
DESCRIPTION
"The group contains the IPSec tunnel's property information."
::= { hpnicfIPSecGroups 1 }
hpnicfIPSecTunnelStatGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecTunInOctets,
hpnicfIPSecTunInDecompOctets,
hpnicfIPSecTunInPkts,
hpnicfIPSecTunInDropPkts,
hpnicfIPSecTunInReplayDropPkts,
hpnicfIPSecTunInAuthFails,
hpnicfIPSecTunInDecryptFails,
hpnicfIPSecTunOutOctets,
hpnicfIPSecTunOutUncompOctets,
hpnicfIPSecTunOutPkts,
hpnicfIPSecTunOutDropPkts,
hpnicfIPSecTunOutEncryptFails,
hpnicfIPSecTunNoMemoryDropPkts,
hpnicfIPSecTunQueueFullDropPkts,
hpnicfIPSecTunInvalidLenDropPkts,
hpnicfIPSecTunTooLongDropPkts,
hpnicfIPSecTunInvalidSaDropPkts
}
STATUS current
DESCRIPTION
"The group contains the IPSec tunnel's statistic information."
::= { hpnicfIPSecGroups 2 }
hpnicfIPSecSaGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecSaDirection,
hpnicfIPSecSaValue,
hpnicfIPSecSaProtocol,
hpnicfIPSecSaEncryptAlgo,
hpnicfIPSecSaAuthAlgo,
hpnicfIPSecSaStatus
}
STATUS current
DESCRIPTION
"The group contains the SA's property information."
::= { hpnicfIPSecGroups 3 }
hpnicfIPSecTrafficTableGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecTrafficLocalType,
hpnicfIPSecTrafficLocalAddr1,
hpnicfIPSecTrafficLocalAddr2,
hpnicfIPSecTrafficLocalProtocol,
hpnicfIPSecTrafficLocalPort,
hpnicfIPSecTrafficRemoteType,
hpnicfIPSecTrafficRemoteAddr1,
hpnicfIPSecTrafficRemoteAddr2,
hpnicfIPSecTrafficRemoteProtocol,
hpnicfIPSecTrafficRemotePort
}
STATUS current
DESCRIPTION
"The group contains the property information of the
data flow protected by IPSec tunnel."
::= { hpnicfIPSecGroups 4 }
hpnicfIPSecGlobalStatsGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecGlobalActiveTunnels,
hpnicfIPSecGlobalActiveSas,
hpnicfIPSecGlobalInOctets,
hpnicfIPSecGlobalInDecompOctets,
hpnicfIPSecGlobalInPkts,
hpnicfIPSecGlobalInDrops,
hpnicfIPSecGlobalInReplayDrops,
hpnicfIPSecGlobalInAuthFails,
hpnicfIPSecGlobalInDecryptFails,
hpnicfIPSecGlobalOutOctets,
hpnicfIPSecGlobalOutUncompOctets,
hpnicfIPSecGlobalOutPkts,
hpnicfIPSecGlobalOutDrops,
hpnicfIPSecGlobalOutEncryptFails,
hpnicfIPSecGlobalNoMemoryDropPkts,
hpnicfIPSecGlobalNoFindSaDropPkts,
hpnicfIPSecGlobalQueueFullDropPkts,
hpnicfIPSecGlobalInvalidLenDropPkts,
hpnicfIPSecGlobalTooLongDropPkts,
hpnicfIPSecGlobalInvalidSaDropPkts
}
STATUS current
DESCRIPTION
"The group contains all of the IPSec tunnel's statistic
information."
::= { hpnicfIPSecGroups 5 }
hpnicfIPSecTrapObjectGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecPolicyName,
hpnicfIPSecPolicySeqNum,
hpnicfIPSecPolicySize,
hpnicfIPSecSpiValue
}
STATUS current
DESCRIPTION
"The group contains all of trap objects of IPSec tunnels."
::= { hpnicfIPSecGroups 6 }
hpnicfIPSecTrapCntlGroup OBJECT-GROUP
OBJECTS {
hpnicfIPSecTrapGlobalCntl,
hpnicfIPSecTunnelStartTrapCntl,
hpnicfIPSecTunnelStopTrapCntl,
hpnicfIPSecNoSaTrapCntl,
hpnicfIPSecAuthFailureTrapCntl,
hpnicfIPSecEncryFailureTrapCntl,
hpnicfIPSecDecryFailureTrapCntl,
hpnicfIPSecInvalidSaTrapCntl,
hpnicfIPSecPolicyAddTrapCntl,
hpnicfIPSecPolicyDelTrapCntl,
hpnicfIPSecPolicyAttachTrapCntl,
hpnicfIPSecPolicyDetachTrapCntl
}
STATUS current
DESCRIPTION
"The group contains all of trap switches of IPSec tunnels."
::= { hpnicfIPSecGroups 7 }
hpnicfIPSecTrapGroup NOTIFICATION-GROUP
NOTIFICATIONS {
hpnicfIPSecTunnelStart,
hpnicfIPSecTunnelStop,
hpnicfIPSecNoSaFailure,
hpnicfIPSecAuthFailFailure,
hpnicfIPSecEncryFailFailure,
hpnicfIPSecDecryFailFailure,
hpnicfIPSecInvalidSaFailure,
hpnicfIPSecPolicyAdd,
hpnicfIPSecPolicyDel,
hpnicfIPSecPolicyAttach,
hpnicfIPSecPolicyDetach
}
STATUS current
DESCRIPTION
"The group contains all of trap of IPSec tunnels."
::= { hpnicfIPSecGroups 8 }
END
View Git Blame Copy Permalink