IPSEC-MIB

File: IPSEC-MIB.mib (53360 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Counter32
Counter64 Integer32 Unsigned32
experimental NOTIFICATION-TYPE DateAndTime
TruthValue

Defined Types

IpsecProtSuiteEntry  
SEQUENCE    
  ipsecProtSuiteIndex Integer32
  ipsecProtSuiteLocalAddress OCTET STRING
  ipsecProtSuiteRemoteAddress OCTET STRING
  ipsecProtSuiteInboundEspSpi Unsigned32
  ipsecProtSuiteOutboundEspSpi Unsigned32
  ipsecProtSuiteInboundAhSpi Unsigned32
  ipsecProtSuiteOutboundAhSpi Unsigned32
  ipsecProtSuiteInboundCompCpi INTEGER
  ipsecProtSuiteOutboundCompCpi INTEGER
  ipsecProtSuiteLocalId OCTET STRING
  ipsecProtSuiteLocalIdType Unsigned32
  ipsecProtSuiteRemoteId OCTET STRING
  ipsecProtSuiteRemoteIdType Unsigned32
  ipsecProtSuiteProtocol Integer32
  ipsecProtSuiteLocalPort Integer32
  ipsecProtSuiteRemotePort Integer32
  ipsecProtSuiteDifHelGroupDesc Integer32
  ipsecProtSuiteDifHelGroupType Integer32
  ipsecProtSuitePFS TruthValue
  ipsecProtSuiteEncapsulation INTEGER
  ipsecProtSuiteEspEncAlg Integer32
  ipsecProtSuiteEspEncKeyLength Unsigned32
  ipsecProtSuiteEspAuthAlg Integer32
  ipsecProtSuiteAhAuthAlg Integer32
  ipsecProtSuiteCompAlg Integer32
  ipsecProtSuiteCreationTime DateAndTime
  ipsecProtSuiteTimeLimit OCTET STRING
  ipsecProtSuiteTrafficLimit OCTET STRING
  ipsecProtSuiteInTrafficCount OCTET STRING
  ipsecProtSuiteOutTrafficCount OCTET STRING
  ipsecProtSuiteInboundTraffic Counter64
  ipsecProtSuiteOutboundTraffic Counter64
  ipsecProtSuiteInboundPackets Counter64
  ipsecProtSuiteOutboundPackets Counter64
  ipsecProtSuiteDecryptErrors Counter32
  ipsecProtSuiteAuthErrors Counter32
  ipsecProtSuiteReplayErrors Counter32
  ipsecProtSuitePolicyErrors Counter32
  ipsecProtSuiteOtherReceiveErrors Counter32
  ipsecProtSuiteSendErrors Counter32

IpsecIkeSaEntry  
SEQUENCE    
  ipsecIkeSaIndex Integer32
  ipsecIkeSaInitiatorCookie OCTET STRING
  ipsecIkeSaResponderCookie OCTET STRING
  ipsecIkeSaLocalIpAddress OCTET STRING
  ipsecIkeSaLocalPortNumber INTEGER
  ipsecIkeSaLocalIdType Integer32
  ipsecIkeSaLocalId OCTET STRING
  ipsecIkeSaPeerIpAddress OCTET STRING
  ipsecIkeSaPeerPortNumber INTEGER
  ipsecIkeSaAuthMethod Integer32
  ipsecIkeSaPeerIdType Integer32
  ipsecIkeSaPeerId OCTET STRING
  ipsecIkeSaPeerCertSerialNum OCTET STRING
  ipsecIkeSaPeerCertIssuer OCTET STRING
  ipsecIkeSaEncAlg INTEGER
  ipsecIkeSaEncKeyLength Integer32
  ipsecIkeSaHashAlg Integer32
  ipsecIkeSaDifHelGroupDesc Integer32
  ipsecIkeSaDifHelGroupType Integer32
  ipsecIkeSaDifHelFieldSize Integer32
  ipsecIkeSaPRF Integer32
  ipsecIkeSaPFS TruthValue
  ipsecIkeSaTimeStart DateAndTime
  ipsecIkeSaTimeLimit OCTET STRING
  ipsecIkeSaTrafficLimit OCTET STRING
  ipsecIkeSaInboundTraffic Counter64
  ipsecIkeSaOutboundTraffic Counter64
  ipsecIkeSaInboundPackets Counter32
  ipsecIkeSaOutboundPackets Counter32
  ipsecIkeProtSuitesCreated Counter32
  ipsecIkeProtSuitesDeleted Counter32
  ipsecIkeSaDecryptErrors Counter32
  ipsecIkeSaAuthErrors Counter32
  ipsecIkeSaOtherReceiveErrors Counter32
  ipsecIkeSaSendErrors Counter32

IpsecNotifyCountEntry  
SEQUENCE    
  ipsecNotifyMessage INTEGER
  ipsecNotifyMessageCount Counter32

Defined Values

ipsecMIB 1.3.6.1.3.500
The MIB module to describe generic IPSec objects, and entity level IPSec objects and events.
MODULE-IDENTITY    

ipsecMIBObjects 1.3.6.1.3.500.1
OBJECT IDENTIFIER    

ipsec 1.3.6.1.3.500.1.1
OBJECT IDENTIFIER    

ipsecProtSuiteTable 1.3.6.1.3.500.1.1.1
The (conceptual) table containing information on IPSec protection suites.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpsecProtSuiteEntry

ipsecProtSuiteEntry 1.3.6.1.3.500.1.1.1.1
An entry (conceptual row) containing the information on a particular IPSec protection suite.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpsecProtSuiteEntry  

ipsecProtSuiteIndex 1.3.6.1.3.500.1.1.1.1.1
A unique value, greater than zero, for each IPSec protection suite. It is recommended that values are assigned contiguously starting from 1.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 1..2147483647  

ipsecProtSuiteLocalAddress 1.3.6.1.3.500.1.1.1.1.2
The local IP address used by the protection suite. The size of this object is 4 if the address is an IPv4 address, or 16 if the address is an IPv6 address.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4|16)  

ipsecProtSuiteRemoteAddress 1.3.6.1.3.500.1.1.1.1.3
The peer IP address used by the protection suite. The size of this object is 4 if the address is an IPv4 address, or 16 if the address is an IPv6 address.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4|16)  

ipsecProtSuiteInboundEspSpi 1.3.6.1.3.500.1.1.1.1.4
The value of the SPI for the inbound protection suite that provides the ESP security service, or zero if ESP is not used.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 1..4294967295  

ipsecProtSuiteOutboundEspSpi 1.3.6.1.3.500.1.1.1.1.5
The value of the SPI for the outbound protection suite that provides the ESP security service, or zero if ESP is not used.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 1..4294967295  

ipsecProtSuiteInboundAhSpi 1.3.6.1.3.500.1.1.1.1.6
The value of the SPI for the inbound protection suite that provides the AH security service, or zero if AH is not used.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 1..4294967295  

ipsecProtSuiteOutboundAhSpi 1.3.6.1.3.500.1.1.1.1.7
The value of the SPI for the outbound protection suite that provides the AH security service, or zero if AH is not used.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 1..4294967295  

ipsecProtSuiteInboundCompCpi 1.3.6.1.3.500.1.1.1.1.8
The value of the CPI for the inbound protection suite that provides IP compression, or zero if IPCOMP is not used.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecProtSuiteOutboundCompCpi 1.3.6.1.3.500.1.1.1.1.9
The value of the CPI for the outbound protection suite that provides IP compression, or zero if IPCOMP is not used.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecProtSuiteLocalId 1.3.6.1.3.500.1.1.1.1.10
The local identifier of the protection suite, or 0 if unknown or if the protection suite uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteLocalIdType 1.3.6.1.3.500.1.1.1.1.11
The type of identifier presented by 'ipsecTunnelLocalId', or 0 if unknown or if the protection suite uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ipsecProtSuiteRemoteId 1.3.6.1.3.500.1.1.1.1.12
The remote identifier of the protection suite, or 0 if unknown or if the protection suite uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteRemoteIdType 1.3.6.1.3.500.1.1.1.1.13
The type of identifier presented by 'ipsecTunnelRemoteId', or 0 if unknown or if the protection suite uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ipsecProtSuiteProtocol 1.3.6.1.3.500.1.1.1.1.14
The IP protocol number that this protection suite carries, or 0 if it carries any protocol.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..255  

ipsecProtSuiteLocalPort 1.3.6.1.3.500.1.1.1.1.15
The local UDP or TCP port number that this protection suite carries, or 0 if it carries any port number.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecProtSuiteRemotePort 1.3.6.1.3.500.1.1.1.1.16
The remote UDP or TCP port number that this protection suite carries, or 0 if it carries any port number.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecProtSuiteDifHelGroupDesc 1.3.6.1.3.500.1.1.1.1.17
A unique value representing the Diffie-Hellman group description used to set up this protection suite, or 0 if the description is unknown. Specific values are used as described in the ISAKMP Class Values of Group Description from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipsecProtSuiteDifHelGroupType 1.3.6.1.3.500.1.1.1.1.18
A unique value representing the Diffie-Hellman group type used to set up this protection suite, or 0 if the type is unknown. Specific values are used as described in the ISAKMP Class Values of Group Type from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipsecProtSuitePFS 1.3.6.1.3.500.1.1.1.1.19
'true' if the protection suite was created using perfect forward secrect.
Status: current Access: read-only
OBJECT-TYPE    
  TruthValue  

ipsecProtSuiteEncapsulation 1.3.6.1.3.500.1.1.1.1.20
The type of encapsulation used by this protection suite.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER transport(1), tunnel(2)  

ipsecProtSuiteEspEncAlg 1.3.6.1.3.500.1.1.1.1.21
A unique value representing the encryption algorithm applied to traffic carried by this protection suite if it uses ESP or 0 if there is no encryption applied by ESP or if ESP is not used. Specific values are taken from section 4.4.4 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..255  

ipsecProtSuiteEspEncKeyLength 1.3.6.1.3.500.1.1.1.1.22
The length of the encryption key in bits used for the algorithm specified in the 'ipsecTunnelEspEncAlg' object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ipsecProtSuiteEspAuthAlg 1.3.6.1.3.500.1.1.1.1.23
A unique value representing the hash algorithm applied to traffic carried by this protection suite if it uses ESP or 0 if there is no authentication applied by ESP or if ESP is not used. Specific values are taken from the Authentication Algorithm attribute values of Section 4.5 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..255  

ipsecProtSuiteAhAuthAlg 1.3.6.1.3.500.1.1.1.1.24
A unique value representing the hash algorithm applied to traffic carried by this protection suite if it uses AH or 0 if AH is not used. Specific values are taken from Section 4.4.3 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..255  

ipsecProtSuiteCompAlg 1.3.6.1.3.500.1.1.1.1.25
A unique value representing the compression algorithm applied to traffic carried by this protection suite if it uses IPCOMP. Specific values are taken from Section 4.4.5 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..255  

ipsecProtSuiteCreationTime 1.3.6.1.3.500.1.1.1.1.26
The date and time that the current protection suite was set up.
Status: current Access: read-only
OBJECT-TYPE    
  DateAndTime  

ipsecProtSuiteTimeLimit 1.3.6.1.3.500.1.1.1.1.27
The maximum lifetime in seconds of the protection suite, or 0 if there is no time constraint on its expiration.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteTrafficLimit 1.3.6.1.3.500.1.1.1.1.28
The maximum traffic in 1024-byte blocks that the protection suite is allowed to support, or 0 if there is no traffic constraint on its expiration.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteInTrafficCount 1.3.6.1.3.500.1.1.1.1.29
The amount of inbound traffic accumulated that counts against the protection suite's expiration by traffic limitation, measured in 1024-byte blocks. This value may be 0 if the protection suite does not expire based on traffic. In the case of multiple SAs within a protection suite, this value is the maximum of any traffic accumulation values applied to any of the individual SAs within the protection suite.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteOutTrafficCount 1.3.6.1.3.500.1.1.1.1.30
The amount of outbound traffic accumulated that counts against the protection suite's expiration by traffic limitation, measured in 1024-byte blocks. This value may be 0 if the protection suite does not expire based on traffic. In the case of multiple SAs within a protection suite, this value is the maximum of any traffic accumulation values applied to any of the individual SAs within the protection suite.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4..255)  

ipsecProtSuiteInboundTraffic 1.3.6.1.3.500.1.1.1.1.31
The amount of user level traffic measured in bytes handled by the protection suite in the inbound direction. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecProtSuiteOutboundTraffic 1.3.6.1.3.500.1.1.1.1.32
The amount of user level traffic measured in bytes handled by the protection suite in the outbound direction. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecProtSuiteInboundPackets 1.3.6.1.3.500.1.1.1.1.33
The number of packets handled by the protection suite in the inbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecProtSuiteOutboundPackets 1.3.6.1.3.500.1.1.1.1.34
The number of packets handled by the protection suite in the outbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecProtSuiteDecryptErrors 1.3.6.1.3.500.1.1.1.1.35
The number of inbound packets discarded by the protection suite due to decryption errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecProtSuiteAuthErrors 1.3.6.1.3.500.1.1.1.1.36
The number of inbound packets discarded by the protection suite due to authentication errors. This includes hash failures in both ESP and AH.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecProtSuiteReplayErrors 1.3.6.1.3.500.1.1.1.1.37
The number of inbound packets discarded by the protection suite due to replay errors. This includes replay failures both ESP and AH.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecProtSuitePolicyErrors 1.3.6.1.3.500.1.1.1.1.38
The number of inbound packets discarded by the protection suite due to policy errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecProtSuiteOtherReceiveErrors 1.3.6.1.3.500.1.1.1.1.39
The number of inbound packets discarded by the protection suite due to errors other than decryption, authentication or replay errors. This may include decompression errors or errors due to a lack of receive buffers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecProtSuiteSendErrors 1.3.6.1.3.500.1.1.1.1.40
The number of outbound packets discarded by the protection suite due to any error. This may include compression errors or errors due to a lack of transmit buffers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaTable 1.3.6.1.3.500.1.1.2
The (conceptual) table containing information on IPSec's IKE SAs.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpsecIkeSaEntry

ipsecIkeSaEntry 1.3.6.1.3.500.1.1.2.1
An entry (conceptual row) containing the information on a particular IKE SA.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpsecIkeSaEntry  

ipsecIkeSaIndex 1.3.6.1.3.500.1.1.2.1.1
A unique value, greater than zero, for each phase 1 SA. It is recommended that values are assigned contiguously starting from 1. The value for each entry must remain constant at least from one re-initialization of entity's network management system to the next re-initialization.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 1..16777215  

ipsecIkeSaInitiatorCookie 1.3.6.1.3.500.1.1.2.1.2
The value of the cookie used by the initiator for the phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(16)  

ipsecIkeSaResponderCookie 1.3.6.1.3.500.1.1.2.1.3
The value of the cookie used by the responder for the phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(16)  

ipsecIkeSaLocalIpAddress 1.3.6.1.3.500.1.1.2.1.4
The local IP address used to negotiated the SA. The size of the object is 4 if the address is an IPv4 address and 16 if an IPv6 address.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4|16)  

ipsecIkeSaLocalPortNumber 1.3.6.1.3.500.1.1.2.1.5
The local UDP port number that this SA was negotiated with.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecIkeSaLocalIdType 1.3.6.1.3.500.1.1.2.1.8
The type of ID used by the local end of this SA. Specific values are used as described in Section 4.6.2.1 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..256  

ipsecIkeSaLocalId 1.3.6.1.3.500.1.1.2.1.9
The ID of the local host that negotiated this SA. The length may require truncation under some conditions.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(0..511)  

ipsecIkeSaPeerIpAddress 1.3.6.1.3.500.1.1.2.1.10
The IP address of the peer that this SA was negotiated with. The size of the object is 4 if the address is an IPv4 address and 16 if it is an IPv6 address.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(4|16)  

ipsecIkeSaPeerPortNumber 1.3.6.1.3.500.1.1.2.1.11
The UDP port number of the peer that this SA was negotiated with.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecIkeSaAuthMethod 1.3.6.1.3.500.1.1.2.1.12
The authentication method used to authenticate the peer. Note that this does not include the specific method of authentication if extended authenticated is used. Specific values are used as described in the ISAKMP Class Values of Authentication Method from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecIkeSaPeerIdType 1.3.6.1.3.500.1.1.2.1.13
The type of ID used by the peer. Specific values are used as described in Section 4.6.2.1 of [IPDOI].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..256  

ipsecIkeSaPeerId 1.3.6.1.3.500.1.1.2.1.14
The ID of the peer this SA was negotiated with. The length may require truncation under some conditions.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(0..511)  

ipsecIkeSaPeerCertSerialNum 1.3.6.1.3.500.1.1.2.1.15
The serial number of the certificate of the peer this SA was negotiated with. This object has no meaning if a certificate was not used in authenticating the peer.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(0..63)  

ipsecIkeSaPeerCertIssuer 1.3.6.1.3.500.1.1.2.1.16
The issuer of the certificate of the peer this SA was negotiated with. This object has no meaning if a certificate was not used in authenticating the peer.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING Size(0..511)  

ipsecIkeSaEncAlg 1.3.6.1.3.500.1.1.2.1.17
A unique value representing the encryption algorithm applied to traffic carried by this SA. Specific values are used as described in the ISAKMP Class Values of Encryption Algorithms from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecIkeSaEncKeyLength 1.3.6.1.3.500.1.1.2.1.18
The length of the encryption key in bits used for algorithm specified in the ipsecIkeSaEncAlg object or 0 if the key length is implicit in the specified algorithm.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipsecIkeSaHashAlg 1.3.6.1.3.500.1.1.2.1.19
A unique value representing the hash algorithm applied to traffic carried by this SA. Specific values are used as described in the ISAKMP Class Values of Hash Algorithms from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecIkeSaDifHelGroupDesc 1.3.6.1.3.500.1.1.2.1.20
A unique value representing the Diffie-Hellman group description used or 0 if the group is unknown. Specific values are used as described in the ISAKMP Class Values of Group Description from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecIkeSaDifHelGroupType 1.3.6.1.3.500.1.1.2.1.21
A unique value representing the Diffie-Hellman group type used or 0 if the group is unknown. Specific values are used as described in the ISAKMP Class Values of Group Type from Appendix A of [IKE].
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecIkeSaDifHelFieldSize 1.3.6.1.3.500.1.1.2.1.22
The field size, in bits, of the Diffie-Hellman group used to generate the key-pair, or 0 if unknown.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipsecIkeSaPRF 1.3.6.1.3.500.1.1.2.1.23
The pseudo-random functions used, or 0 if not used or if unknown. Specific values are used as described in the ISAKMP Class Values of PRF from Appendix A of [IKE] (which specifies none at the present time).
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 0..65535  

ipsecIkeSaPFS 1.3.6.1.3.500.1.1.2.1.24
A value that indicates that perfect forward secrecy is used for all IPSec SAs created by this IKE SA.
Status: current Access: read-only
OBJECT-TYPE    
  TruthValue  

ipsecIkeSaTimeStart 1.3.6.1.3.500.1.1.2.1.25
The date and time that the SA was set up.
Status: current Access: read-only
OBJECT-TYPE    
  DateAndTime  

ipsecIkeSaTimeLimit 1.3.6.1.3.500.1.1.2.1.26
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING  

ipsecIkeSaTrafficLimit 1.3.6.1.3.500.1.1.2.1.27
The maximum traffic in 1024-byte blocks that the SA is allowed to carry, or 0 if there is no traffic constraint on its expiration.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING  

ipsecIkeSaInboundTraffic 1.3.6.1.3.500.1.1.2.1.28
The amount traffic measured in bytes handled in the SA in the inbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeSaOutboundTraffic 1.3.6.1.3.500.1.1.2.1.29
The amount traffic measured in bytes handled in the SA in the outbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeSaInboundPackets 1.3.6.1.3.500.1.1.2.1.30
The number of packets handled in the SA in the inbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaOutboundPackets 1.3.6.1.3.500.1.1.2.1.31
The number of packets handled in the SA in the outbound direction.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeProtSuitesCreated 1.3.6.1.3.500.1.1.2.1.32
The total number of phase 2 protection suites created by the SA.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeProtSuitesDeleted 1.3.6.1.3.500.1.1.2.1.33
The total number of phase 2 protection suites deleted by the SA.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaDecryptErrors 1.3.6.1.3.500.1.1.2.1.34
The number of inbound packets discarded by the phase1 SA due to decryption errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaAuthErrors 1.3.6.1.3.500.1.1.2.1.35
The number of inbound packets discarded by the phase 1 SA due to authentication errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaOtherReceiveErrors 1.3.6.1.3.500.1.1.2.1.36
The number of inbound packets discarded by the phase 1 SA due to errors other than decryption or authentication errors. This may include errors due to a lack of receive buffers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSaSendErrors 1.3.6.1.3.500.1.1.2.1.37
The number of outbound packets discarded by the phase 1 SA due to any error. This may include errors due to a lack of transmit buffers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecTrapsA 1.3.6.1.3.500.1.1.3
OBJECT IDENTIFIER    

ipsecTraps 1.3.6.1.3.500.1.1.3.0
OBJECT IDENTIFIER    

ipsecIpsecStats 1.3.6.1.3.500.1.1.4
OBJECT IDENTIFIER    

ipsecIpsecErrorStats 1.3.6.1.3.500.1.1.5
OBJECT IDENTIFIER    

ipsecIkeStats 1.3.6.1.3.500.1.1.6
OBJECT IDENTIFIER    

ipsecIkeErrorStats 1.3.6.1.3.500.1.1.7
OBJECT IDENTIFIER    

ipsecNotifications 1.3.6.1.3.500.1.1.8
OBJECT IDENTIFIER    

ipsecIpsecTotalProtSuites 1.3.6.1.3.500.1.1.4.1
The total number of phase 2 protection suites established by the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecNegFailures 1.3.6.1.3.500.1.1.4.2
The total number of phase 2 protection suite negotiations that failed that occurred in the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecTotalInboundPackets 1.3.6.1.3.500.1.1.4.3
The total number of inbound packets carried on IPSec protection suites since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecTotalTransOutboundPackets 1.3.6.1.3.500.1.1.4.4
The total number of outbound packets carried on IPSec protection suites since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecTotalTransInboundTraffic 1.3.6.1.3.500.1.1.4.5
The total amount of inbound traffic carried on IPSec protection suites since boot time, measured in 1024-octet blocks.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecTotalTransOutboundTraffic 1.3.6.1.3.500.1.1.4.6
The total amount of outbound traffic carried on IPSec protection suites since boot time, measured in 1024-octet blocks.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIpsecDecryptionErrors 1.3.6.1.3.500.1.1.5.1
The total number of packets received by the entity in the IPSec protection suites since boot time with decryption errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIpsecAuthenticationErrors 1.3.6.1.3.500.1.1.5.2
The total number of packets received by the entity in the IPSec protection suites since boot time with authentication errors. This includes all packets in which the hash value is determined to be invalid.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIpsecReplayErrors 1.3.6.1.3.500.1.1.5.3
The total number of packets received by the entity in the IPSec protection suites since boot time with replay errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIpsecPolicyErrors 1.3.6.1.3.500.1.1.5.4
The total number of packets received by the entity in the IPSec protection suites since boot time and discarded due to policy errors. This includes packets that had selectors that were invalid for the SA or protection suite that carried them.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIpsecOtherReceiveErrors 1.3.6.1.3.500.1.1.5.5
The total number of packets received by the entity in the IPSec protection suites since boot time and discarded due to errors not due to decryption, authentication, replay or policy.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIpsecSendErrors 1.3.6.1.3.500.1.1.5.6
The total number of packets to be sent by the entity in the IPSec protection suites since boot time and discarded due to errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecUnknownSpiErrors 1.3.6.1.3.500.1.1.5.7
The total number of packets received by the entity since boot time with SPIs or CPIs that were not valid.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeTotalSAs 1.3.6.1.3.500.1.1.6.1
The total number of phase 1 SAs successfully established by the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeNegFailures 1.3.6.1.3.500.1.1.6.2
The total number of phase 1 SA negotiations that failed that occurred in the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeTotalInboundPackets 1.3.6.1.3.500.1.1.6.3
The total number of inbound packets carried on phase 1 SAs since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeTotalTransOutboundPackets 1.3.6.1.3.500.1.1.6.4
The total number of outbound packets carried on phase 1 SAs since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeTotalTransInboundTraffic 1.3.6.1.3.500.1.1.6.5
The total amount of inbound traffic carried on phase 1 SAs since boot time, measured in 1024-octet blocks.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeTotalTransOutboundTraffic 1.3.6.1.3.500.1.1.6.6
The total amount of outbound traffic carried on phase 1 SAs since boot time, measured in 1024-octet blocks.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecIkeProtocolErrors 1.3.6.1.3.500.1.1.7.1
The total number of packets received by the entity since boot time with IKE protocol errors. This includes packets with invalid cookies, but does not include errors that are associated with specific IKE SAs.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeDecryptionErrors 1.3.6.1.3.500.1.1.7.2
The total number of packets received by the entity in the IPSec protection suites since boot time with decryption errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeAuthenticationErrors 1.3.6.1.3.500.1.1.7.3
The total number of packets received by the entity in the IPSec protection suites since boot time with authentication errors. This includes all packets in which the hash value is determined to be invalid.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeOtherReceiveErrors 1.3.6.1.3.500.1.1.7.4
The total number of packets received by the entity in phase 1 SAs since boot time and discarded due to errors not due to decryption or authentication.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecIkeSendErrors 1.3.6.1.3.500.1.1.7.5
The total number of packets to be sent by the entity in phase 1 SAs since boot time and discarded due to errors.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecNotifyMessageTotalCount 1.3.6.1.3.500.1.1.8.1
The total number of all types of notify messages sent or received by the entity since boot time. It is the sum of all occurrences in the 'ipsecNotifyCountTable'.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

ipsecNotifyCountTable 1.3.6.1.3.500.1.1.8.2
The (conceptual) table containing information on IPSec notify message counts. This table MAY be sparsely populated; that is, rows for which the count is 0 may be absent.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpsecNotifyCountEntry

ipsecNotifyCountEntry 1.3.6.1.3.500.1.1.8.2.1
An entry (conceptual row) containing the total number of occurrences of a notify message.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpsecNotifyCountEntry  

ipsecNotifyMessage 1.3.6.1.3.500.1.1.8.2.1.1
The value representing a specific IPSec notify message, or 0 if unknown. Values are assigned from the set of notify message types as defined in Section 3.14.1 of [ISAKMP]. In addition, the value 0 may be used for this object when the object is used as a trap cause, and the cause is unknown.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

ipsecNotifyMessageCount 1.3.6.1.3.500.1.1.8.2.1.2
The total number of times the specific notify message has been received or sent by the entity since system boot.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

ipsecTrapIkeNegFailure 1.3.6.1.3.500.1.1.3.0.1
An attempt to negotiate a phase 1 SA failed.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapInvalidCookie 1.3.6.1.3.500.1.1.3.0.2
IKE packets with invalid cookies were detected from the specified peer. Implementations SHOULD send one trap per peer (within a reasonable time period, rather than sending one trap per packet.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapIpsecNegFailure 1.3.6.1.3.500.1.1.3.0.3
An attempt to negotiate a phase 2 protection suite within the specified IKE SA failed.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapIpsecAuthFailure 1.3.6.1.3.500.1.1.3.0.4
IPSec packets with invalid hashes were found in the specified protection suite. Implementations SHOULD send one trap per protection suite (within a reasonable time period), rather than sending one trap per packet.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapIpsecReplayFailure 1.3.6.1.3.500.1.1.3.0.5
IPSec packets with invalid sequence numbers were found in the specified protection suite. Implementations SHOULD send one trap per protection suite (within a reasonable time period), rather than sending one trap per packet.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapIpsecPolicyFailure 1.3.6.1.3.500.1.1.3.0.6
IPSec packets carrying packets with invalid selectors for the specified protection suite were found. Implementations SHOULD send one trap per protection suite (within a reasonable time period), rather than sending one trap per packet.
Status: current Access: read-only
NOTIFICATION-TYPE    

ipsecTrapInvalidSpi 1.3.6.1.3.500.1.1.3.0.7
ESP, AH or IPCOMP packets with unknown SPIs (or CPIs) were detected from the specified peer. Implementations SHOULD send one trap per peer (within a reasonable time period), rather than sending one trap per packet.
Status: current Access: read-only
NOTIFICATION-TYPE    

Generation date: July 28, 2023, 16:18:13, Copyright © 2007 - 2022 - Circitor