TIMESTEP-IPSEC-MIB: View SNMP OID List / Download MIB
VENDOR: TIMESTEP CORP.
Home | MIB: TIMESTEP-IPSEC-MIB | |||
---|---|---|---|---|
Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
Object Name | OID | Type | Access | Info |
ipsecMIB | 1.3.6.1.4.1.1022.10 |
The MIB module to describe generic IPSec objects, transient and permanent virtual tunnels created by IPSec SAs, and entity level IPSec objects and events. |
||
ipsecMIBObjects | 1.3.6.1.4.1.1022.10.1 | |||
ipsec | 1.3.6.1.4.1.1022.10.1.1 | |||
ipsecIkeSaTable | 1.3.6.1.4.1.1022.10.1.1.1 | no-access |
The (conceptual) table containing information on IPSec's IKE SAs. |
|
1.3.6.1.4.1.1022.10.1.1.1.1 | no-access |
An entry (conceptual row) containing the information on a particular IKE SA. |
||
ipsecIkeSaIndex | 1.3.6.1.4.1.1022.10.1.1.1.1.1 | integer32 | read-only |
A unique value, greater than zero, for each tunnel interface. It is recommended that values are assigned contiguously starting from 1. The value for each tunnel interface must remain constant at least from one re-initialization of entity's network management system to the next re-initialization. Further, the value for tunnel interfaces that are marked as permanent must remain constant across all re- initializations of the network management system. |
ipsecIkeSaPeerIpAddress | 1.3.6.1.4.1.1022.10.1.1.1.1.2 | ipaddress | read-only |
The IP address of the peer that this SA was negotiated with, or 0 if unknown. |
ipsecIkeSaPeerPortNumber | 1.3.6.1.4.1.1022.10.1.1.1.1.3 | integer | read-only |
The port number of the peer that this SA was negotiated with, or 0 if the default ISAKMP port number (500). |
ipsecIkeSaAuthMethod | 1.3.6.1.4.1.1022.10.1.1.1.1.4 | integer32 | read-only |
The authentication method used to authenticate the peers. Note that this does not include the specific method of authentication if extended authenticated is used. Specific values are used as described in the ISAKMP Class Values of Authentication Method from Appendix A of [IKE]. |
ipsecIkeSaPeerIdType | 1.3.6.1.4.1.1022.10.1.1.1.1.5 | integer32 | read-only |
The type of ID used by the peer. Specific values are used as described in Section 4.6.2.1 of [IPDOI]. |
ipsecIkeSaPeerId | 1.3.6.1.4.1.1022.10.1.1.1.1.6 | octet string | read-only |
The ID of the peer this SA was negotiated with. The length may require truncation under some conditions. |
ipsecIkeSaPeerCertSerialNum | 1.3.6.1.4.1.1022.10.1.1.1.1.7 | octet string | read-only |
The serial number of the certificate of the peer this SA was negotiated with. This object has no meaning if a certificate was not used in authenticating the peer. |
ipsecIkeSaPeerCertIssuer | 1.3.6.1.4.1.1022.10.1.1.1.1.8 | octet string | read-only |
The serial number of the certificate of the peer this SA was negotiated with. This object has no meaning if a certificate was not used in authenticating the peer. |
ipsecIkeSaType | 1.3.6.1.4.1.1022.10.1.1.1.1.9 | integer | read-only |
The type of virtual tunnel represented by this row. A transient link will disappear from the table when the SAs needed for it cannot be established. A permanent link will shows its status in the ipsecIkeSaStatus object. Enumeration: 'permanent': 2, 'transient': 1. |
ipsecIkeSaStatus | 1.3.6.1.4.1.1022.10.1.1.1.1.10 | integer | read-only |
The status of the virtual tunnel represented by this row, if the tunnel is configured as permanent. 'neverTried' means that no attempt to set-up the link has been done. 'linkUp' means that the link is up and operating normally. 'linkDown' means that the link was up, but has gone down. Enumeration: 'linkUp': 1, 'linkDown': 2, 'neverTried': 0. |
ipsecIkeSaEncAlg | 1.3.6.1.4.1.1022.10.1.1.1.1.11 | integer | read-only |
A unique value representing the encryption algorithm applied to traffic carried by this SA or 0 if there is no encryption applied. Specific values are used as described in the ISAKMP Class Values of Encryption Algorithms from Appendix A of [IKE]. |
ipsecIkeSaEncKeyLength | 1.3.6.1.4.1.1022.10.1.1.1.1.12 | integer32 | read-only |
The length of the encryption key in bits used for algorithm specified in the ipsecIkeSaEncAlg object or 0 if the key length is implicit in the specified algorithm or there is no encryption specified. |
ipsecIkeSaHashAlg | 1.3.6.1.4.1.1022.10.1.1.1.1.13 | integer32 | read-only |
A unique value representing the hash algorithm applied to traffic carried by this SA or 0 if there is no encryption applied. Specific values are used as described in the ISAKMP Class Values of Hash Algorithms from Appendix A of [IKE]. |
ipsecIkeSaDifHelGroupDesc | 1.3.6.1.4.1.1022.10.1.1.1.1.14 | integer32 | read-only |
A unique value representing the Diffie-Hellman group description used or 0 if the group is unknown. Specific values are used as described in the ISAKMP Class Values of Group Description from Appendix A of [IKE]. |
ipsecIkeSaDifHelGroupType | 1.3.6.1.4.1.1022.10.1.1.1.1.15 | integer32 | read-only |
A unique value representing the Diffie-Hellman group type used or 0 if the group is unknown. Specific values are used as described in the ISAKMP Class Values of Group Type from Appendix A of [IKE]. |
ipsecIkeSaDifHelFieldSize | 1.3.6.1.4.1.1022.10.1.1.1.1.16 | integer32 | read-only |
The field size, in bits, of a Diffie-Hellman group. |
ipsecIkeSaPRF | 1.3.6.1.4.1.1022.10.1.1.1.1.17 | integer32 | read-only |
The pseudo-random functions used, or 0 if not used or if unknown. Specific values are used as described in the ISAKMP Class Values of PRF from Appendix A of [IKE] (which specifies none at the present time). |
ipsecIkeSaPFS | 1.3.6.1.4.1.1022.10.1.1.1.1.18 | truthvalue | read-only |
A value that indicates that perfect forward secrecy is used for all IPSec SAs created by this IKE SA. |
ipsecIkeSaInitiatorCookie | 1.3.6.1.4.1.1022.10.1.1.1.1.19 | octet string | read-only |
The value of the cookie used by the initiator for the current phase 1 SA. |
ipsecIkeSaResponderCookie | 1.3.6.1.4.1.1022.10.1.1.1.1.20 | octet string | read-only |
The value of the cookie used by the responder for the current phase 1 SA. |
ipsecIkeSaTimeStart | 1.3.6.1.4.1.1022.10.1.1.1.1.21 | dateandtime | read-only |
The date and time that the current SA within the link was set up. It is not the date and time that the virtual tunnel was set up. |
ipsecIkeSaTimeLimit | 1.3.6.1.4.1.1022.10.1.1.1.1.22 | gauge32 | read-only |
The maximum lifetime in seconds of the current SA supporting the virtual tunnel, or 0 if there is no time constraint on its expiration. |
ipsecIkeSaTrafficLimit | 1.3.6.1.4.1.1022.10.1.1.1.1.23 | gauge32 | read-only |
The maximum traffic in 1024-byte blocks that the current SA supporting the virtual tunnel is allowed to support, or 0 if there is no traffic constraint on its expiration. |
ipsecIkeSaInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.24 | counter32 | read-only |
The amount traffic measured in bytes handled in the current SA in the inbound direction. |
ipsecIkeSaOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.25 | counter32 | read-only |
The amount traffic measured in bytes handled in the current SA in the outbound direction. |
ipsecIkeSaInboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.26 | counter32 | read-only |
The number of packets handled in the current SA in the inbound direction. |
ipsecIkeSaOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.27 | counter32 | read-only |
The number of packets handled in the current SA in the outbound direction. |
ipsecIkeSaTotalSaNum | 1.3.6.1.4.1.1022.10.1.1.1.1.28 | counter32 | read-only |
The total number of SAs, including the current SA, that have been set up to support this virtual tunnel. |
ipsecIkeSaFirstTimeStart | 1.3.6.1.4.1.1022.10.1.1.1.1.29 | dateandtime | read-only |
The data and time that this virtual tunnel was originally set up. It is not the time that the current SA was set up. If this is a permanent virtual tunnel, it is reset when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaTotalInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.30 | counter32 | read-only |
The total amount of traffic measured in bytes handled in the tunnel in the inbound direction. In other words, it is the aggregate value of all inbound traffic carried by all SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaTotalOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.31 | counter32 | read-only |
The total amount of traffic measured in bytes handled in the tunnel in the outbound direction. In other words, it is the aggregate value of all inbound traffic carried by all SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaTotalInboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.32 | counter32 | read-only |
The total number of packets handled by the virtual tunnel since it became active in the inbound direction. In other words, it is the aggregate value of the number of inbound packets carried by all SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaTotalOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.33 | counter32 | read-only |
The total number of packets handled by the virtual tunnel since it became active in the outbound direction. In other words, it is the aggregate value of the number of outbound packets carried by all SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaDecryptErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.34 | counter32 | read-only |
The total number of inbound packets to this SA discarded due to decryption errors. Note that this refers to IKE protocol packets, and not to packets carried by SAs set up by the SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaHashErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.35 | counter32 | read-only |
The total number of inbound packets to this SA discarded due to hash errors. Note that this refers to IKE protocol packets, and not to packets carried by SAs set up by the SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaOtherReceiveErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.36 | counter32 | read-only |
The total number of inbound packets to this SA discarded for reasons other than bad hashes or decryption errors. This may include packets dropped to a lack of receive buffer space. Note that this refers to IKE protocol packets, and not to packets carried by SAs set up by the SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaSendErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.37 | counter32 | read-only |
The total number of outbound packets from this SA discarded for any reason. This may include packets dropped to a lack of transmit buffer space. Note that this refers to IKE protocol packets, and not to packets carried by SAs set up by the SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.38 | counter32 | read-only |
The total amount of inbound traffic measured in bytes handled by all IPSec SAs set up by phase 1 SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.1.1.39 | counter32 | read-only |
The total amount of outbound traffic measured in bytes handled by all IPSec SAs set up by phase 1 SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecInboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.40 | counter32 | read-only |
The total number of inbound packets handled by all IPSec SAs set up by phase 1 SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.1.1.41 | counter32 | read-only |
The total number of outbound packets handled by all IPSec SAs set up by phase 1 SAs supporting this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecDecryptErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.42 | counter32 | read-only |
The total number of inbound packets discarded by all IPSec SAs due to decryption errors. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecAuthErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.43 | counter32 | read-only |
The total number of inbound packets discarded by all IPSec SAs due to authentication errors. This includes hash failures in IPSec SAs using ESP and AH. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecReplayErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.44 | counter32 | read-only |
The total number of inbound packets discarded by all IPSec SAs due to replay errors. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecOtherReceiveErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.45 | counter32 | read-only |
The total number of inbound packets discarded by all IPSec SAs due to errors other than authentication, decryption or replay errors. This may include packets dropped due to lack of receive buffers. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecIkeSaIpsecSendErrors | 1.3.6.1.4.1.1022.10.1.1.1.1.46 | counter32 | read-only |
The total number of outbound packets discarded by all IPSec SAs due to any error. This may include packets dropped due to lack of receive buffers. If this is a permanent virtual tunnel, it is not reset to zero when the tunnel goes to the 'linkUp' state. |
ipsecTunnelTable | 1.3.6.1.4.1.1022.10.1.1.2 | no-access |
The (conceptual) table containing information on IPSec SA-based tunnels. |
|
1.3.6.1.4.1.1022.10.1.1.2.1 | no-access |
An entry (conceptual row) containing the information on a particular configured tunnel. |
||
ipsecTunnelIndex | 1.3.6.1.4.1.1022.10.1.1.2.1.1 | integer32 | read-only |
A unique value, greater than zero, for each tunnel interface. It is recommended that values are assigned contiguously starting from 1. The value for each tunnel interface must remain constant at least from one re-initialization of the entity's network management system to the next re-initialization. Further, the value for tunnel interfaces that are marked as permanent must remain constant across all re- initializations of the network management system. |
ipsecTunnelIkeSa | 1.3.6.1.4.1.1022.10.1.1.2.1.2 | integer32 | read-only |
The value of the index into the IKE SA tunnel table that created this tunnel (ipsecIkeSaIndex), or 0 if the tunnel is created by a static IPSec SA. |
ipsecTunnelType | 1.3.6.1.4.1.1022.10.1.1.2.1.3 | integer | read-only |
The type of the virtual tunnel represented by this row. 'static' means that the tunnel is supported by a single static IPSec SA that was setup by configuration, and not by using a key exchange protocol. In this case, the value of ipsecTunnelIkeSa must be 0. Enumeration: 'permanent': 2, 'transient': 1, 'static': 0. |
ipsecTunnelLocalAddressOrStart | 1.3.6.1.4.1.1022.10.1.1.2.1.4 | ipaddress | read-only |
The address of or the start address (if an address range) of the local endpoint of the tunnel, or 0.0.0.0 if unknown or if the SA uses transport mode encapsulation. |
ipsecTunnelLocalAddressMaskOrEnd | 1.3.6.1.4.1.1022.10.1.1.2.1.5 | ipaddress | read-only |
The mask of or the end address (if an address range) of the local endpoint of the tunnel, or 0.0.0.0 if unknown or if the SA uses transport mode encapsulation. |
ipsecTunnelRemoteAddressOrStart | 1.3.6.1.4.1.1022.10.1.1.2.1.6 | ipaddress | read-only |
The address of or the start address (if an address range) of the remote endpoint of the tunnel, or 0.0.0.0 if unknown or if the SA uses transport mode encapsulation. |
ipsecTunnelRemoteAddressMaskOrEnd | 1.3.6.1.4.1.1022.10.1.1.2.1.7 | ipaddress | read-only |
The mask of or the end address (if an address range) of the remote endpoint of the tunnel, or 0.0.0.0 if unknown or if the SA uses transport mode encapsulation. |
ipsecTunnelProtocol | 1.3.6.1.4.1.1022.10.1.1.2.1.8 | integer32 | read-only |
The number of the protocol that this tunnel carries, or 0 if it carries any protocol. |
ipsecTunnelLocalPort | 1.3.6.1.4.1.1022.10.1.1.2.1.9 | integer32 | read-only |
The number of the local port that this tunnel carries, or 0 if it carries any port number. |
ipsecTunnelRemotePort | 1.3.6.1.4.1.1022.10.1.1.2.1.10 | integer32 | read-only |
The number of the remote port that this tunnel carries, or 0 if it carries any port number. |
ipsecTunnelMode | 1.3.6.1.4.1.1022.10.1.1.2.1.11 | integer | read-only |
The type of encapsulation used by this virtual tunnel. Enumeration: 'tunnel': 2, 'transport': 1. |
ipsecTunnelEspEncAlg | 1.3.6.1.4.1.1022.10.1.1.2.1.12 | integer32 | read-only |
A unique value representing the encryption algorithm applied to traffic carried by this SA if it uses ESP or 0 if there is no encryption applied by ESP or if ESP is not used. Specific values are taken from section 4.4.4 of [IPDOI]. |
ipsecTunnelEspEncKeyLength | 1.3.6.1.4.1.1022.10.1.1.2.1.13 | integer32 | read-only |
The length of the encryption key in bits used for the algorithm specified in the ipsecTunnelEspEncAlg object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified. |
ipsecTunnelEspAuthAlg | 1.3.6.1.4.1.1022.10.1.1.2.1.14 | integer32 | read-only |
A unique value representing the hash algorithm applied to traffic carried by this SA if it uses ESP or 0 if there is no authentication applied by ESP or if ESP is not used. Specific values are taken from the Authentication Algorithm attribute values of Section 4.5 of [IPDOI]. |
ipsecTunnelAhAuthAlg | 1.3.6.1.4.1.1022.10.1.1.2.1.15 | integer32 | read-only |
A unique value representing the hash algorithm applied to traffic carried by this SA if it uses AH or 0 if AH is not used. Specific values are taken from Section 4.4.3 of [IPDOI]. |
ipsecTunnelCompAlg | 1.3.6.1.4.1.1022.10.1.1.2.1.16 | integer32 | read-only |
A unique value representing the compression algorithm applied to traffic carried by this SA if it uses IPCOMP. Specific values are taken from Section 4.4.5 of [IPDOI]. |
ipsecTunnelStartTime | 1.3.6.1.4.1.1022.10.1.1.2.1.17 | dateandtime | read-only |
The date and time that this virtual tunnel was set up. If this is a permanent virtual tunnel, it is reset when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelCurrentSaNum | 1.3.6.1.4.1.1022.10.1.1.2.1.18 | gauge32 | read-only |
The number of current SAs set up to support this virtual tunnel. If this number is 0, the tunnel must be considered down. Also if this number is 0, the tunnel must a permanent tunnel, since transient tunnels that are down do not appear in the table. |
ipsecTunnelTotalSaNum | 1.3.6.1.4.1.1022.10.1.1.2.1.19 | counter32 | read-only |
The total number of SAs, including all current SAs, that have been set up to support this virtual tunnel. |
ipsecTunnelTotalInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.2.1.20 | counter32 | read-only |
The total amount of traffic measured in bytes handled in the tunnel in the inbound direction. In other words, it is the aggregate value of all inbound traffic carried by all IPSec SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelTotalOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.2.1.21 | counter32 | read-only |
The total amount of traffic measured in bytes handled in the tunnel in the outbound direction. In other words, it is the aggregate value of all inbound traffic carried by all IPSec SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelTotalInboundPackets | 1.3.6.1.4.1.1022.10.1.1.2.1.22 | counter32 | read-only |
The total number of packets handled in the tunnel in the inbound direction. In other words, it is the aggregate value of all inbound packets carried by all IPSec SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelTotalOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.2.1.23 | counter32 | read-only |
The total number of packets handled in the tunnel in the outbound direction. In other words, it is the aggregate value of all outbound packets carried by all IPSec SAs ever set up to support the virtual tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelDecryptErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.24 | counter32 | read-only |
The total number of inbound packets discarded by this virtual tunnel due to decryption errors in ESP. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelAuthErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.25 | counter32 | read-only |
The total number of inbound packets discarded by this virtual tunnel due to authentication errors. This includes hash failures in IPSec SA bundles using both ESP and AH. If this is a permanent virtual tunnel, it is not resetto zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelReplayErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.26 | counter32 | read-only |
The total number of inbound packets discarded by this virtual tunnel due to replay errors. This includes replay failures in IPSec SA bundles using both ESP and AH. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelPolicyErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.27 | counter32 | read-only |
The total number of inbound packets discarded by this virtual tunnel due to policy errors. This includes errors in all transforms if SA bundles are used. Policy errors are due to the detection of a packet that was inappropriately sent into this tunnel. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelOtherReceiveErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.28 | counter32 | read-only |
The total number of inbound packets discarded by this virtual tunnel due to errors other than decryption, authentication or replay errors. This may include packets dropped due to a lack of receive buffers. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecTunnelSendErrors | 1.3.6.1.4.1.1022.10.1.1.2.1.29 | counter32 | read-only |
The total number of outbound packets discarded by this virtual tunnel due to any error. This may include packets dropped due to a lack of transmit buffers. If this is a permanent virtual tunnel, it is not reset to zero when the number of current SAs (ipsecTunnelCurrentSaNum) changes from 0 to 1. |
ipsecSaTable | 1.3.6.1.4.1.1022.10.1.1.3 | no-access |
The (conceptual) table containing information on IPSec SAs. |
|
1.3.6.1.4.1.1022.10.1.1.3.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec SA. |
||
ipsecSaIndex | 1.3.6.1.4.1.1022.10.1.1.3.1.1 | integer32 | read-only |
A unique value, greater than zero, for each IPSec SA. It is recommended that values are assigned contiguously starting from 1. |
ipsecSaTunnel | 1.3.6.1.4.1.1022.10.1.1.3.1.2 | integer32 | read-only |
The value of the index into the IPSec SA tunnel table that this SA supports (ipsecTunnelIndex). |
ipsecSaInboundEspSpi | 1.3.6.1.4.1.1022.10.1.1.3.1.3 | unsigned32 | read-only |
The value of the SPI for the inbound SA that provides the ESP security service, or zero if ESP is not used. |
ipsecSaOutboundEspSpi | 1.3.6.1.4.1.1022.10.1.1.3.1.4 | unsigned32 | read-only |
The value of the SPI for the outbound SA that provides the ESP security service, or zero if ESP is not used. |
ipsecSaInboundAhSpi | 1.3.6.1.4.1.1022.10.1.1.3.1.5 | unsigned32 | read-only |
The value of the SPI for the inbound SA that provides the AH security service, or zero if AH is not used. |
ipsecSaOutboundAhSpi | 1.3.6.1.4.1.1022.10.1.1.3.1.6 | unsigned32 | read-only |
The value of the SPI for the outbound SA that provides the AH security service, or zero if AH is not used. |
ipsecSaInboundCompCpi | 1.3.6.1.4.1.1022.10.1.1.3.1.7 | integer | read-only |
The value of the CPI for the inbound SA that provides IP compression, or zero if IPCOMP is not used. |
ipsecSaOutboundCompCpi | 1.3.6.1.4.1.1022.10.1.1.3.1.8 | integer | read-only |
The value of the CPI for the outbound SA that provides IP compression, or zero if IPCOMP is not used. |
ipsecSaCreationTime | 1.3.6.1.4.1.1022.10.1.1.3.1.9 | dateandtime | read-only |
The date and time that the current SA was set up. |
ipsecSaTimeLimit | 1.3.6.1.4.1.1022.10.1.1.3.1.10 | gauge32 | read-only |
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. |
ipsecSaTrafficLimit | 1.3.6.1.4.1.1022.10.1.1.3.1.11 | gauge32 | read-only |
The maximum traffic in 1024-byte blocks that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. |
ipsecSaInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.3.1.12 | counter32 | read-only |
The amount traffic measured in bytes handled by the SA in the inbound direction. |
ipsecSaOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.3.1.13 | counter32 | read-only |
The amount traffic measured in bytes handled by the SA in the outbound direction. |
ipsecSaInboundPackets | 1.3.6.1.4.1.1022.10.1.1.3.1.14 | counter32 | read-only |
The number of packets handled by the SA in the inbound direction. |
ipsecSaOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.3.1.15 | counter32 | read-only |
The number of packets handled by the SA in the outbound direction. |
ipsecSaDecryptErrors | 1.3.6.1.4.1.1022.10.1.1.3.1.16 | counter32 | read-only |
The number of inbound packets discarded by the SA due to decryption errors. |
ipsecSaAuthErrors | 1.3.6.1.4.1.1022.10.1.1.3.1.17 | counter32 | read-only |
The number of inbound packets discarded by the SA due to authentication errors. This includes hash failures in both ESP and AH. |
ipsecSaReplayErrors | 1.3.6.1.4.1.1022.10.1.1.3.1.18 | counter32 | read-only |
The number of inbound packets discarded by the SA due to replay errors. This includes replay failures both ESP and AH. |
ipsecSaOtherReceiveErrors | 1.3.6.1.4.1.1022.10.1.1.3.1.19 | counter32 | read-only |
The number of inbound packets discarded by the SA due to errors other than decryption, authentication or replay errors. This may include decompression errors or errors due to a lack of receive buffers. |
ipsecSaSendErrors | 1.3.6.1.4.1.1022.10.1.1.3.1.20 | counter32 | read-only |
The number of outbound packets discarded by the SA due to any error. This may include compression errors or errors due to a lack of transmit buffers. |
ipsecTraps | 1.3.6.1.4.1.1022.10.1.1.4 | |||
ipsecTrapsObjects | 1.3.6.1.4.1.1022.10.1.1.4.0 | |||
ipsecTrapPermIkeNegFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.1 |
An attempt to negotiate a phase 1 SA for the specified permanent IKE tunnel failed. |
||
ipsecTrapTransIkeNegFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.2 |
An attempt to negotiate a phase 1 SA for a transient IKE tunnel failed. This trap is different from the 'ipsecTrapPermIkeNegFailure' trap, since this one will likely result in the removal of this entry from the IKE SA tunnel table. |
||
ipsecTrapInvalidCookie | 1.3.6.1.4.1.1022.10.1.1.4.0.3 |
IKE packets with invalid cookies were detected from the specified peer. Implementations SHOULD send one trap per peer (within a reasonable time period, rather than sending one trap per packet. |
||
ipsecTrapIpsecNegFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.4 |
An attempt to negotiate a phase 2 SA within the specified IKE tunnel failed. |
||
ipsecTrapIpsecAuthFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.5 |
IPSec packets with invalid hashes were found in the specified SA. Implementations SHOULD send one trap per SA (within a reasonable time period), rather than sending one trap per packet. |
||
ipsecTrapIpsecReplayFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.6 |
IPSec packets with invalid sequence numbers were found in the specified SA. Implementations SHOULD send one trap per SA (within a reasonable time period), rather than sending one trap per packet. |
||
ipsecTrapIpsecPolicyFailure | 1.3.6.1.4.1.1022.10.1.1.4.0.7 |
IPSec packets carrying packets with invalid selectors for the specified SA were found. Implementations SHOULD send one trap per SA (within a reasonable time period), rather than sending one trap per packet. |
||
ipsecTrapInvalidSpi | 1.3.6.1.4.1.1022.10.1.1.4.0.8 |
ESP, AH or IPCOMP packets with unknown SPIs (or CPIs) were detected from the specified peer. Implementations SHOULD send one trap per peer (within a reasonable time period), rather than sending one trap per packet. |
||
ipsecSaCounts | 1.3.6.1.4.1.1022.10.1.1.5 | |||
ipsecTotalIkeSAs | 1.3.6.1.4.1.1022.10.1.1.5.1 | counter32 | read-only |
The total number of phase 1 SAs established by the entity since boot time. It is not the total number of tunnels established by the entity since boot time. It does include SAs established to support both permanent and transient tunnels. |
ipsecTotalIpsecSAs | 1.3.6.1.4.1.1022.10.1.1.5.2 | counter32 | read-only |
The total number of phase 2 SAs established by the entity since boot time. It is not the total number of IPSec virtual tunnels established by the entity since boot time. It does include SAs established to support permanent and transient tunnels. It is recommended that SA bundles or security suites be considered a single SA for the purposes of this statistic. |
ipsecPermTunStats | 1.3.6.1.4.1.1022.10.1.1.6 | |||
ipsecCnfgPermIkeTunnels | 1.3.6.1.4.1.1022.10.1.1.6.1 | gauge32 | read-only |
The total number of phase 1 tunnels in the entity that are configured as permanent. |
ipsecUpPermIkeTunnels | 1.3.6.1.4.1.1022.10.1.1.6.2 | gauge32 | read-only |
The total number of phase 1 tunnels in the entity that are configured as permanent and are up and available for use. |
ipsecCnfgPermIpsecTunnels | 1.3.6.1.4.1.1022.10.1.1.6.3 | gauge32 | read-only |
The total number of phase 2 tunnels in the entity that are configured as permanent. |
ipsecUpPermIpsecTunnels | 1.3.6.1.4.1.1022.10.1.1.6.4 | gauge32 | read-only |
The total number of phase 2 tunnels in the entity that are configured as permanent and are up and available for use. |
ipsecTransTunStats | 1.3.6.1.4.1.1022.10.1.1.7 | |||
ipsecTotalTransIkeTunnels | 1.3.6.1.4.1.1022.10.1.1.7.1 | counter32 | read-only |
The total number of transient phase 1 tunnels established by the entity since boot time. |
ipsecCurrentTransIkeTunnels | 1.3.6.1.4.1.1022.10.1.1.7.2 | gauge32 | read-only |
The number of transient phase 1 tunnels in the entity that are up and available for use at this moment in time. |
ipsecTotalTransIpsecTunnels | 1.3.6.1.4.1.1022.10.1.1.7.3 | counter32 | read-only |
The total number of transient phase 2 tunnels established by the entity since boot time. |
ipsecCurrentTransIpsecTunnels | 1.3.6.1.4.1.1022.10.1.1.7.4 | gauge32 | read-only |
The number of phase 2 tunnels in the entity that are up and available for use at this moment in time. |
ipsecTotalTransInboundPackets | 1.3.6.1.4.1.1022.10.1.1.7.5 | counter32 | read-only |
The total number of inbound packets carried on transient IPSec tunnels since boot time. |
ipsecTotalTransOutboundPackets | 1.3.6.1.4.1.1022.10.1.1.7.6 | counter32 | read-only |
The total number of outbound packets carried on transient IPSec tunnels since boot time. |
ipsecTotalTransInboundTraffic | 1.3.6.1.4.1.1022.10.1.1.7.7 | counter32 | read-only |
The total amount of inbound traffic carried on transient IPSec tunnels since boot time, measured in 1024-octet blocks. |
ipsecTotalTransOutboundTraffic | 1.3.6.1.4.1.1022.10.1.1.7.8 | counter32 | read-only |
The total amount of outbound traffic carried on transient IPSec tunnels since boot time, measured in 1024-octet blocks. |
ipsecTotalTransIkeSetupFailures | 1.3.6.1.4.1.1022.10.1.1.7.9 | counter32 | read-only |
The total number of IKE SA set up attempts that have failed since entity boot time. This includes SAs associated with transient tunnels only. |
ipsecNotifications | 1.3.6.1.4.1.1022.10.1.1.8 | |||
ipsecNotifyMessageTotalCount | 1.3.6.1.4.1.1022.10.1.1.8.1 | counter32 | read-only |
The total number of all types of notify messages sent or received by the entity since boot time. It is the sum of all occurrences in the 'ipsecNotifyCountTable'. |
ipsecNotifyCountTable | 1.3.6.1.4.1.1022.10.1.1.8.2 | no-access |
The (conceptual) table containing information on IPSec notify message counts. This table MAY be sparsely populated; that is, rows for which the count is 0 may be absent. |
|
1.3.6.1.4.1.1022.10.1.1.8.2.1 | no-access |
An entry (conceptual row) containing the total number of occurrences of a notify message. |
||
ipsecNotifyMessage | 1.3.6.1.4.1.1022.10.1.1.8.2.1.1 | integer | read-only |
The value representing a specific IPSec notify message, or 0 if unknown. Values are assigned from the set of notify message types as defined in Section 3.14.1 of [ISAKMP]. In addition, the value 0 may be used for this object when the object is used as a trap cause, and the cause is unknown. |
ipsecNotifyMessageCount | 1.3.6.1.4.1.1022.10.1.1.8.2.1.2 | counter32 | read-only |
The total number of times the specific notify message has been received or sent by the entity since system boot. |
ipsecErrorStats | 1.3.6.1.4.1.1022.10.1.1.9 | |||
ipsecUnknownSpiErrors | 1.3.6.1.4.1.1022.10.1.1.9.1 | counter32 | read-only |
The total number of packets received by the entity since boot time with SPIs or CPIs that were not valid. |
ipsecIkeProtocolErrors | 1.3.6.1.4.1.1022.10.1.1.9.2 | counter32 | read-only |
The total number of packets received by the entity since boot time with IKE protocol errors. This includes packets with invalid cookies, but does not include errors that could be associated with specific IKE SAs. |
ipsecIpsecAuthenticationErrors | 1.3.6.1.4.1.1022.10.1.1.9.3 | counter32 | read-only |
The total number of packets received by the entity since boot time with authentication errors in the IPSec SAs. This includes all packets in which the hash value is determined to be invalid. |
ipsecIpsecReplayErrors | 1.3.6.1.4.1.1022.10.1.1.9.4 | counter32 | read-only |
The total number of packets received by the entity since boot time with replay errors in the IPSec SAs. |
ipsecIpsecPolicyErrors | 1.3.6.1.4.1.1022.10.1.1.9.5 | counter32 | read-only |
The total number of packets received by the entity since boot time and discarded due to policy errors. This includes packets that had selectors that were invalid for the SA that carried them. |