CISCO-IKE-FLOW-EXT-MIB

File: CISCO-IKE-FLOW-EXT-MIB.mib (10201 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMP-FRAMEWORK-MIB
CISCO-SMI CISCO-IPSEC-SIGNALING-MIB CISCO-IPSEC-TC

Imported symbols

MODULE-IDENTITY OBJECT-TYPE MODULE-COMPLIANCE
OBJECT-GROUP SnmpAdminString ciscoMgmt
cisgIpsSgProtocol cisgIpsSgTunIndex CIKEIsakmpDoi
CIPsecPhase1PeerIdentityType

Defined Types

CifeTunnelExtEntry  
SEQUENCE    
  cifeTunnelExtDoi CIKEIsakmpDoi
  cifeTunnelExtLocalIdenType CIPsecPhase1PeerIdentityType
  cifeTunnelExtLocalIdentity SnmpAdminString
  cifeTunnelExtRemoteIdenType CIPsecPhase1PeerIdentityType
  cifeTunnelExtRemoteIdentity SnmpAdminString

Defined Values

ciscoIkeFlowExtMIB 1.3.6.1.4.1.9.9.428
This MIB module is an extension to CISCO-IKE-FLOW-MIB and contains Cisco Specific extensions for monitoring IKE. It is for monitoring the structures and status of IPsec control flows based on Internet Key Exchange protocol. Acronyms The following acronyms are used in this document: Flow, Tunnel: An ISAKMP SA can be regarded as representing a flow of ISAKMP/IKE traffic. Hence an ISAKMP is referred to as a 'Phase 1 Tunnel' in this document. IPsec: Secure IP Protocol. ISAKMP: Internet Security Association and Key Management Protocol. IKE: Internet Key Exchange Protocol. FCSP: Fibre Channel Security Protocol. SA: Security Association (ref: rfc2408). Phase 2 Tunnel: AN instance of a non-ISAKMP SA bundle in which all the SA share the same proxy identifiers protect the same stream of application traffic. Such an SA bundle is termed a 'Phase 2 Tunnel'. Note that a Phase 2 tunnel may comprise different SA bundles and different number of SA bundles at different times (due to key refresh).
MODULE-IDENTITY    

ciscoIkeFlowExtMIBNotifs 1.3.6.1.4.1.9.9.428.0
OBJECT IDENTIFIER    

ciscoIkeFlowExtMIBObjects 1.3.6.1.4.1.9.9.428.1
OBJECT IDENTIFIER    

ciscoIkeFlowExtMIBConform 1.3.6.1.4.1.9.9.428.2
OBJECT IDENTIFIER    

cifeIkeGlobals 1.3.6.1.4.1.9.9.428.1.1
OBJECT IDENTIFIER    

cifeClearAllTunnels 1.3.6.1.4.1.9.9.428.1.1.1
Clears all the tunnels of a specific type. 'none' is returned on reading this object. 'clearIPSec' all the IPSec tunnels are cleared. 'clearFCSP' all FCSP tunnels are cleared.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER none(1), clearIPSec(2), clearFCSP(3)  

cifeTunnelExtTable 1.3.6.1.4.1.9.9.428.1.2
The Phase-1 Internet Key Exchange Tunnel Table. There is one entry in this table for each active IKE tunnel. This table is an extension to cifIkeTunnelTable defined in CISCO-IKE-FLOW-MIB. Some information in this table is also present in the cisgIpsSgTunnelTable, but the table is indexed differently so that the rows in this table are grouped/ordered by domain of interpretation (DOI).
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    CifeTunnelExtEntry

cifeTunnelExtEntry 1.3.6.1.4.1.9.9.428.1.2.1
Each entry contains the attributes associated with an active IKE Tunnel, identified by cisgIpsSgTunIndex, for the IKE protocol, identified by cisgIpsSgProtocol, in this DOI, identified by cifeTunnelExtDoi.
Status: current Access: not-accessible
OBJECT-TYPE    
  CifeTunnelExtEntry  

cifeTunnelExtDoi 1.3.6.1.4.1.9.9.428.1.2.1.1
This identifies the DOI of Phase-2 operations in which this control tunnel operates. This may be used to identify the Phase-2 protocol.
Status: current Access: not-accessible
OBJECT-TYPE    
  CIKEIsakmpDoi  

cifeTunnelExtLocalIdenType 1.3.6.1.4.1.9.9.428.1.2.1.2
The type of the identity used by the managed entity authenticating itself to the peer in the setup of the IKE tunnel corresponding to this conceptual row. This object would have same value as cisgIpsSgTunLocalType from CISCO-IPSEC-SIGNALLING-MIB.
Status: current Access: read-only
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cifeTunnelExtLocalIdentity 1.3.6.1.4.1.9.9.428.1.2.1.3
The value of the local peer identity. This object would have same value as cisgIpsSgTunLocalValue from CISCO-IPSEC-SIGNALLING-MIB.
Status: current Access: read-only
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cifeTunnelExtRemoteIdenType 1.3.6.1.4.1.9.9.428.1.2.1.4
The type of the identity used by the peer in authenticating itself to the local entity in the setup of the IKE tunnel corresponding to this conceptual row. This object would have same value as cisgIpsSgTunRemoteType from CISCO-IPSEC-SIGNALLING-MIB.
Status: current Access: read-only
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cifeTunnelExtRemoteIdentity 1.3.6.1.4.1.9.9.428.1.2.1.5
The value of the remote peer identity. This object would have same value as cisgIpsSgTunRemoteValue from CISCO-IPSEC-SIGNALLING-MIB.
Status: current Access: read-only
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cifeMIBConformances 1.3.6.1.4.1.9.9.428.2.1
OBJECT IDENTIFIER    

cifeMIBGroups 1.3.6.1.4.1.9.9.428.2.2
OBJECT IDENTIFIER    

cifeMIBCompliance 1.3.6.1.4.1.9.9.428.2.1.1
The compliance statement for entities which implement the Cisco IKE extension MIB.
Status: current Access: read-only
MODULE-COMPLIANCE    

cifeGlobalsGroup 1.3.6.1.4.1.9.9.428.2.2.1
A collection of objects providing Global IKE configuration.
Status: current Access: read-only
OBJECT-GROUP    

cifeTunnelExtGroup 1.3.6.1.4.1.9.9.428.2.2.2
The collection of objects providing IKE tunnels info.
Status: current Access: read-only
OBJECT-GROUP