WATCHGUARD-IPSEC-SA-MON-MIB-EXT: View SNMP OID List / Download MIB
VENDOR: WATCHGUARD TECHNOLOGIES INC.
| Home | MIB: WATCHGUARD-IPSEC-SA-MON-MIB-EXT | |||
|---|---|---|---|---|
| Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
| Object Name | OID | Type | Access | Info |
| wgIpsecSaMonModule | 1.3.6.1.4.1.3097.3 |
The MIB module describes generic IPSec objects defined in IETF working draft 'draft-ieft-ipsec-monitor-mib-01' and WatchGuard's extension. |
||
| wgIpsecSaMonitorMIB | 1.3.6.1.4.1.3097.3.1 |
This is the base object identifier for all IPSec branches. |
||
| wgSaTables | 1.3.6.1.4.1.3097.3.1.1 |
This is the base object identifier for all SA tables. |
||
| wgIpsecSaEspInTable | 1.3.6.1.4.1.3097.3.1.1.1 | no-access |
The (conceptual) table containing information on IPSec inbound ESP SAs. There should be one row for every inbound ESP security association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.1.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec inbound ESP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaEspInAddress | 1.3.6.1.4.1.3097.3.1.1.1.1.1 | ipaddress | read-only |
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaEspInSpi | 1.3.6.1.4.1.3097.3.1.1.1.1.2 | integer32 | read-only |
The security parameters index of the SA. |
| wgIpsecSaEspInDestId | 1.3.6.1.4.1.3097.3.1.1.1.1.3 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchanged during SA creation negotiation. |
| wgIpsecSaEspInDestIdType | 1.3.6.1.4.1.3097.3.1.1.1.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaEspInDestId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaEspInSourceId | 1.3.6.1.4.1.3097.3.1.1.1.1.5 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation. |
| wgIpsecSaEspInSourceIdType | 1.3.6.1.4.1.3097.3.1.1.1.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaEspInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaEspInProtocol | 1.3.6.1.4.1.3097.3.1.1.1.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaEspInDestPort | 1.3.6.1.4.1.3097.3.1.1.1.1.8 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaEspInSourcePort | 1.3.6.1.4.1.3097.3.1.1.1.1.9 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaEspInCreator | 1.3.6.1.4.1.3097.3.1.1.1.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaEspInEncapsulation | 1.3.6.1.4.1.3097.3.1.1.1.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaEspInEncAlg | 1.3.6.1.4.1.3097.3.1.1.1.1.12 | ipsecdoiesptransform | read-only |
A unique value representing the encryption algorithm applied to traffic or 0 if there is no encryption used. |
| wgIpsecSaEspInEncKeyLength | 1.3.6.1.4.1.3097.3.1.1.1.1.13 | integer32 | read-only |
The length of the encryption key in bits used for the algorithm specified in the 'wgIpsecSaEspInEncAlg' object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified. |
| wgIpsecSaEspInAuthAlg | 1.3.6.1.4.1.3097.3.1.1.1.1.14 | ipsecdoiauthalgorithm | read-only |
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used. |
| wgIpsecSaEspInLimitSeconds | 1.3.6.1.4.1.3097.3.1.1.1.1.15 | integer32 | read-only |
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated. |
| wgIpsecSaEspInLimitKbytes | 1.3.6.1.4.1.3097.3.1.1.1.1.16 | integer32 | read-only |
The maximum traffic in kilobytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated. |
| wgIpsecSaEspInAccSeconds | 1.3.6.1.4.1.3097.3.1.1.1.1.17 | counter32 | read-only |
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed. |
| wgIpsecSaEspInAccKbytes | 1.3.6.1.4.1.3097.3.1.1.1.1.18 | counter32 | read-only |
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic. |
| wgIpsecSaEspInUserOctets | 1.3.6.1.4.1.3097.3.1.1.1.1.19 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit. |
| wgIpsecSaEspInPackets | 1.3.6.1.4.1.3097.3.1.1.1.1.20 | counter32 | read-only |
The number of packets handled by the SA. |
| wgIpsecSaEspInDecryptErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.21 | counter32 | read-only |
The number of packets discarded by the SA due to decryption errors. |
| wgIpsecSaEspInAuthErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.22 | counter32 | read-only |
The number of packets discarded by the SA due to authentication errors. |
| wgIpsecSaEspInReplayErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.23 | counter32 | read-only |
The number of packets discarded by the SA due to replay errors. |
| wgIpsecSaEspInPolicyErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.24 | counter32 | read-only |
The number of packets discarded by the SA due to policy errors. This includes packets where the next protocol is invalid. |
| wgIpsecSaEspInPadErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.25 | counter32 | read-only |
The number of packets discarded by the SA due to pad value errors. Implementations that do not check this must not support this object. |
| wgIpsecSaEspInOtherReceiveErrors | 1.3.6.1.4.1.3097.3.1.1.1.1.26 | counter32 | read-only |
The number of packets discarded by the SA due to errors other than decryption, authentication or replay errors. This may include packets dropped due to a lack of receive buffers, and may include packets dropped due to congestion at the decryption element. |
| wgIpsecSaAhInTable | 1.3.6.1.4.1.3097.3.1.1.2 | no-access |
The (conceptual) table containing information on IPSec inbound AH SAs. There should be one row for every inbound AH security association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.2.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec inbound AH SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaAhInAddress | 1.3.6.1.4.1.3097.3.1.1.2.1.1 | ipaddress | read-only |
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaAhInSpi | 1.3.6.1.4.1.3097.3.1.1.2.1.2 | integer32 | read-only |
The security parameters index of the SA. |
| wgIpsecSaAhInDestId | 1.3.6.1.4.1.3097.3.1.1.2.1.3 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation. |
| wgIpsecSaAhInDestIdType | 1.3.6.1.4.1.3097.3.1.1.2.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaAhInDestId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaAhInSourceId | 1.3.6.1.4.1.3097.3.1.1.2.1.5 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation. |
| wgIpsecSaAhInSourceIdType | 1.3.6.1.4.1.3097.3.1.1.2.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaAhInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaAhInProtocol | 1.3.6.1.4.1.3097.3.1.1.2.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaAhInDestPort | 1.3.6.1.4.1.3097.3.1.1.2.1.8 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaAhInSourcePort | 1.3.6.1.4.1.3097.3.1.1.2.1.9 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaAhInCreator | 1.3.6.1.4.1.3097.3.1.1.2.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaAhInEncapsulation | 1.3.6.1.4.1.3097.3.1.1.2.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaAhInAuthAlg | 1.3.6.1.4.1.3097.3.1.1.2.1.12 | ipsecdoiahtransform | read-only |
A unique value representing the hash algorithm applied to traffic carried by this SA if it uses ESP or 0 if there is no authentication applied by ESP. |
| wgIpsecSaAhInLimitSeconds | 1.3.6.1.4.1.3097.3.1.1.2.1.13 | integer32 | read-only |
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated. |
| wgIpsecSaAhInLimitKbytes | 1.3.6.1.4.1.3097.3.1.1.2.1.14 | integer32 | read-only |
The maximum traffic in Kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated. |
| wgIpsecSaAhInAccSeconds | 1.3.6.1.4.1.3097.3.1.1.2.1.15 | counter32 | read-only |
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed. |
| wgIpsecSaAhInAccKbytes | 1.3.6.1.4.1.3097.3.1.1.2.1.16 | counter32 | read-only |
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic. |
| wgIpsecSaAhInUserOctets | 1.3.6.1.4.1.3097.3.1.1.2.1.17 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit. |
| wgIpsecSaAhInPackets | 1.3.6.1.4.1.3097.3.1.1.2.1.18 | counter32 | read-only |
The number of packets handled by the SA. |
| wgIpsecSaAhInAuthErrors | 1.3.6.1.4.1.3097.3.1.1.2.1.19 | counter32 | read-only |
The number of packets discarded by the SA due to authentication errors. |
| wgIpsecSaAhInReplayErrors | 1.3.6.1.4.1.3097.3.1.1.2.1.20 | counter32 | read-only |
The number of packets discarded by the SA due to replay errors. |
| wgIpsecSaAhInPolicyErrors | 1.3.6.1.4.1.3097.3.1.1.2.1.21 | counter32 | read-only |
The number of packets discarded by the SA due to policy errors. This includes packets where the next protocol is invalid. |
| wgIpsecSaAhInOtherReceiveErrors | 1.3.6.1.4.1.3097.3.1.1.2.1.22 | counter32 | read-only |
The number of packets discarded by the SA due to errors other than decryption, authentication or replay errors. This may include packets dropped due to a lack of receive buffers, and may include packets dropped due to congestion at the authentication element. |
| wgIpsecSaIpcompInTable | 1.3.6.1.4.1.3097.3.1.1.3 | no-access |
The (conceptual) table containing information on IPSec inbound IPCOMP SAs. There should be one row for every inbound IPCOMP (security) association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.3.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec inbound IPCOMP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaIpcompInAddress | 1.3.6.1.4.1.3097.3.1.1.3.1.1 | ipaddress | read-only |
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaIpcompInCpi | 1.3.6.1.4.1.3097.3.1.1.3.1.2 | ipsecdoiipcomptransform | read-only |
The CPI of the SA. Since the lower values of CPIs are reserved to be the same as the algorithm, the syntax for this object is the same as the transform. |
| wgIpsecSaIpcompInDestId | 1.3.6.1.4.1.3097.3.1.1.3.1.3 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during SA creation negotiation. |
| wgIpsecSaIpcompInDestIdType | 1.3.6.1.4.1.3097.3.1.1.3.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaIpcompInDestId', or 0 if unknown or if the SA uses transport mode, or 0 if this SA is used with multiple SAs in protection suites. |
| wgIpsecSaIpcompInSourceId | 1.3.6.1.4.1.3097.3.1.1.3.1.5 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during SA creation negotiation. |
| wgIpsecSaIpcompInSourceIdType | 1.3.6.1.4.1.3097.3.1.1.3.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaIpcompInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. |
| wgIpsecSaIpcompInProtocol | 1.3.6.1.4.1.3097.3.1.1.3.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaIpcompInDestPort | 1.3.6.1.4.1.3097.3.1.1.3.1.8 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaIpcompInSourcePort | 1.3.6.1.4.1.3097.3.1.1.3.1.9 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaIpcompInCreator | 1.3.6.1.4.1.3097.3.1.1.3.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaIpcompInEncapsulation | 1.3.6.1.4.1.3097.3.1.1.3.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaIpcompInDecompAlg | 1.3.6.1.4.1.3097.3.1.1.3.1.12 | ipsecdoiipcomptransform | read-only |
A unique value representing the decompression algorithm applied to traffic. |
| wgIpsecSaIpcompInSeconds | 1.3.6.1.4.1.3097.3.1.1.3.1.13 | counter32 | read-only |
The number of seconds that the SA has existed. |
| wgIpsecSaIpcompInUserOctets | 1.3.6.1.4.1.3097.3.1.1.3.1.14 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. |
| wgIpsecSaIpcompInPackets | 1.3.6.1.4.1.3097.3.1.1.3.1.15 | counter32 | read-only |
The number of packets handled by the SA. |
| wgIpsecSaIpcompInDecompErrors | 1.3.6.1.4.1.3097.3.1.1.3.1.16 | counter32 | read-only |
The number of packets discarded by the SA due to decompression errors. |
| wgIpsecSaIpcompInOtherReceiveErrors | 1.3.6.1.4.1.3097.3.1.1.3.1.17 | counter32 | read-only |
The number of packets discarded by the SA due to errors other than decompression errors. This may include packets dropped due to a lack of receive buffers, and packets dropped due to congestion at the decompression element. |
| wgIpsecSaEspOutTable | 1.3.6.1.4.1.3097.3.1.1.4 | no-access |
The (conceptual) table containing information on IPSec Outbound ESP SAs. There should be one row for every outbound ESP security association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.4.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec Outbound ESP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaEspOutAddress | 1.3.6.1.4.1.3097.3.1.1.4.1.1 | ipaddress | read-only |
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaEspOutSpi | 1.3.6.1.4.1.3097.3.1.1.4.1.2 | integer32 | read-only |
The security parameters index of the SA. |
| wgIpsecSaEspOutSourceId | 1.3.6.1.4.1.3097.3.1.1.4.1.3 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaEspOutSourceIdType | 1.3.6.1.4.1.3097.3.1.1.4.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaEspOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaEspOutDestId | 1.3.6.1.4.1.3097.3.1.1.4.1.5 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaEspOutDestIdType | 1.3.6.1.4.1.3097.3.1.1.4.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaEspOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaEspOutProtocol | 1.3.6.1.4.1.3097.3.1.1.4.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaEspOutSourcePort | 1.3.6.1.4.1.3097.3.1.1.4.1.8 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaEspOutDestPort | 1.3.6.1.4.1.3097.3.1.1.4.1.9 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaEspOutCreator | 1.3.6.1.4.1.3097.3.1.1.4.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaEspOutEncapsulation | 1.3.6.1.4.1.3097.3.1.1.4.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaEspOutEncAlg | 1.3.6.1.4.1.3097.3.1.1.4.1.12 | ipsecdoiesptransform | read-only |
A unique value representing the encryption algorithm applied to traffic or 0 if there is no encryption used. |
| wgIpsecSaEspOutEncKeyLength | 1.3.6.1.4.1.3097.3.1.1.4.1.13 | integer32 | read-only |
The length of the encryption key in bits used for the algorithm specified in the 'wgIpsecSaEspOutEncAlg' object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified. |
| wgIpsecSaEspOutAuthAlg | 1.3.6.1.4.1.3097.3.1.1.4.1.14 | ipsecdoiauthalgorithm | read-only |
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used. |
| wgIpsecSaEspOutLimitSeconds | 1.3.6.1.4.1.3097.3.1.1.4.1.15 | integer32 | read-only |
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated. |
| wgIpsecSaEspOutLimitKbytes | 1.3.6.1.4.1.3097.3.1.1.4.1.16 | integer32 | read-only |
The maximum traffic in kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated. |
| wgIpsecSaEspOutAccSeconds | 1.3.6.1.4.1.3097.3.1.1.4.1.17 | counter32 | read-only |
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed. |
| wgIpsecSaEspOutAccKbytes | 1.3.6.1.4.1.3097.3.1.1.4.1.18 | counter32 | read-only |
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic. |
| wgIpsecSaEspOutUserOctets | 1.3.6.1.4.1.3097.3.1.1.4.1.19 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit. |
| wgIpsecSaEspOutPackets | 1.3.6.1.4.1.3097.3.1.1.4.1.20 | counter32 | read-only |
The number of packets handled by the SA. |
| wgIpsecSaEspOutSendErrors | 1.3.6.1.4.1.3097.3.1.1.4.1.21 | counter32 | read-only |
The number of packets discarded by the SA due to any error. This may include errors due to a lack of transmit buffers. |
| wgIpsecSaAhOutTable | 1.3.6.1.4.1.3097.3.1.1.5 | no-access |
The (conceptual) table containing information on IPSec Outbound AH SAs. There should be one row for every outbound AH security association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.5.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec Outbound AH SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaAhOutAddress | 1.3.6.1.4.1.3097.3.1.1.5.1.1 | ipaddress | read-only |
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaAhOutSpi | 1.3.6.1.4.1.3097.3.1.1.5.1.2 | integer32 | read-only |
The security parameters index of the SA. |
| wgIpsecSaAhOutSourceId | 1.3.6.1.4.1.3097.3.1.1.5.1.3 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaAhOutSourceIdType | 1.3.6.1.4.1.3097.3.1.1.5.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaAhOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaAhOutDestId | 1.3.6.1.4.1.3097.3.1.1.5.1.5 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaAhOutDestIdType | 1.3.6.1.4.1.3097.3.1.1.5.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaAhOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation. |
| wgIpsecSaAhOutProtocol | 1.3.6.1.4.1.3097.3.1.1.5.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaAhOutSourcePort | 1.3.6.1.4.1.3097.3.1.1.5.1.8 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaAhOutDestPort | 1.3.6.1.4.1.3097.3.1.1.5.1.9 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaAhOutCreator | 1.3.6.1.4.1.3097.3.1.1.5.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaAhOutEncapsulation | 1.3.6.1.4.1.3097.3.1.1.5.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaAhOutAuthAlg | 1.3.6.1.4.1.3097.3.1.1.5.1.12 | ipsecdoiahtransform | read-only |
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used. |
| wgIpsecSaAhOutLimitSeconds | 1.3.6.1.4.1.3097.3.1.1.5.1.13 | integer32 | read-only |
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated. |
| wgIpsecSaAhOutLimitKbytes | 1.3.6.1.4.1.3097.3.1.1.5.1.14 | integer32 | read-only |
The maximum traffic in Kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated. |
| wgIpsecSaAhOutAccSeconds | 1.3.6.1.4.1.3097.3.1.1.5.1.15 | counter32 | read-only |
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed. |
| wgIpsecSaAhOutAccKbytes | 1.3.6.1.4.1.3097.3.1.1.5.1.16 | counter32 | read-only |
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic. |
| wgIpsecSaAhOutUserOctets | 1.3.6.1.4.1.3097.3.1.1.5.1.17 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit. |
| wgIpsecSaAhOutPackets | 1.3.6.1.4.1.3097.3.1.1.5.1.18 | counter32 | read-only |
The number of packets handled by the SA. |
| wgIpsecSaAhOutSendErrors | 1.3.6.1.4.1.3097.3.1.1.5.1.19 | counter32 | read-only |
The number of packets discarded by the SA due to any error. This may include errors due to a lack of transmit buffers. |
| wgIpsecSaIpcompOutTable | 1.3.6.1.4.1.3097.3.1.1.6 | no-access |
The (conceptual) table containing information on IPSec Outbound IPCOMP SAs. There should be one row for every outbound IPCOMP (security) association that exists in the entity. The maximum number of rows is implementation dependent. |
|
| 1.3.6.1.4.1.3097.3.1.1.6.1 | no-access |
An entry (conceptual row) containing the information on a particular IPSec Outbound IPCOMP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table. |
||
| wgIpsecSaIpcompOutAddress | 1.3.6.1.4.1.3097.3.1.1.6.1.1 | ipaddress | read-only |
The destination address of the SA. If the IPCOMP SA is shared across multiple SAs in protection suites, this value may be 0. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes. |
| wgIpsecSaIpcompOutCpi | 1.3.6.1.4.1.3097.3.1.1.6.1.2 | ipsecdoiipcomptransform | read-only |
The CPI of the SA. Since the lower values of CPIs are reserved to be the same as the algorithm, the syntax for this object is the same as the transform. |
| wgIpsecSaIpcompOutSourceId | 1.3.6.1.4.1.3097.3.1.1.6.1.3 | octet string | read-only |
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaIpcompOutSourceIdType | 1.3.6.1.4.1.3097.3.1.1.6.1.4 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaIpcompOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. |
| wgIpsecSaIpcompOutDestId | 1.3.6.1.4.1.3097.3.1.1.6.1.5 | octet string | read-only |
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during phase 2 negotiations. |
| wgIpsecSaIpcompOutDestIdType | 1.3.6.1.4.1.3097.3.1.1.6.1.6 | ipsecdoiidenttype | read-only |
The type of identifier presented by 'wgIpsecSaIpcompOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. |
| wgIpsecSaIpcompOutProtocol | 1.3.6.1.4.1.3097.3.1.1.6.1.7 | integer32 | read-only |
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol. |
| wgIpsecSaIpcompOutSourcePort | 1.3.6.1.4.1.3097.3.1.1.6.1.8 | integer32 | read-only |
The source port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaIpcompOutDestPort | 1.3.6.1.4.1.3097.3.1.1.6.1.9 | integer32 | read-only |
The destination port number of the protocol that this SA carries, or 0 if it carries any port number. |
| wgIpsecSaIpcompOutCreator | 1.3.6.1.4.1.3097.3.1.1.6.1.10 | ipsecsacreatorident | read-only |
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method. |
| wgIpsecSaIpcompOutEncapsulation | 1.3.6.1.4.1.3097.3.1.1.6.1.11 | ipsecdoiencapsulationmode | read-only |
The type of encapsulation used by this SA. |
| wgIpsecSaIpcompOutCompAlg | 1.3.6.1.4.1.3097.3.1.1.6.1.12 | ipsecdoiipcomptransform | read-only |
A unique value representing the compression algorithm applied to traffic. |
| wgIpsecSaIpcompOutSeconds | 1.3.6.1.4.1.3097.3.1.1.6.1.13 | counter32 | read-only |
The number of seconds that the SA has existed. |
| wgIpsecSaIpcompOutUserOctets | 1.3.6.1.4.1.3097.3.1.1.6.1.14 | counter32 | read-only |
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit. |
| wgIpsecSaIpcompOutPackets | 1.3.6.1.4.1.3097.3.1.1.6.1.15 | counter32 | read-only |
The number of packets handled by the SA. |
| wgSaStatistics | 1.3.6.1.4.1.3097.3.1.2 |
This is the base object identifier for all objects which are global counters for IPSec security associations. |
||
| wgIpsecEspCurrentInboundSAs | 1.3.6.1.4.1.3097.3.1.2.1 | gauge32 | read-only |
The current number of inbound ESP SAs in the entity. |
| wgIpsecEspTotalInboundSAs | 1.3.6.1.4.1.3097.3.1.2.2 | counter32 | read-only |
The total number of inbound ESP SAs created in the entity since boot time. |
| wgIpsecEspCurrentOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.3 | gauge32 | read-only |
The current number of outbound ESP SAs in the entity. |
| wgIpsecEspTotalOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.4 | counter32 | read-only |
The total number of outbound ESP SAs created in the entity since boot time. |
| wgIpsecAhCurrentInboundSAs | 1.3.6.1.4.1.3097.3.1.2.5 | gauge32 | read-only |
The current number of inbound AH SAs in the entity. |
| wgIpsecAhTotalInboundSAs | 1.3.6.1.4.1.3097.3.1.2.6 | counter32 | read-only |
The total number of inbound AH SAs created in the entity since boot time. |
| wgIpsecAhCurrentOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.7 | gauge32 | read-only |
The current number of outbound AH SAs in the entity. |
| wgIpsecAhTotalOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.8 | counter32 | read-only |
The total number of outbound AH SAs created in the entity since boot time. |
| wgIpsecIpcompCurrentInboundSAs | 1.3.6.1.4.1.3097.3.1.2.9 | gauge32 | read-only |
The current number of inbound IPCOMP SAs in the entity. |
| wgIpsecIpcompTotalInboundSAs | 1.3.6.1.4.1.3097.3.1.2.10 | counter32 | read-only |
The total number of inbound IPCOMP SAs created in the entity since boot time. |
| wgIpsecIpcompCurrentOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.11 | gauge32 | read-only |
The current number of outbound IPCOMP SAs in the entity. |
| wgIpsecIpcompTotalOutboundSAs | 1.3.6.1.4.1.3097.3.1.2.12 | counter32 | read-only |
The total number of outbound IPCOMP SAs created in the entity since boot time. |
| wgSaErrors | 1.3.6.1.4.1.3097.3.1.3 |
This is the base object identifier for all objects which are global error counters for IPSec security associations. |
||
| wgIpsecDecryptionErrors | 1.3.6.1.4.1.3097.3.1.3.1 | counter32 | read-only |
The total number of packets received by the entity in SAs since boot time with decryption errors. |
| wgIpsecAuthenticationErrors | 1.3.6.1.4.1.3097.3.1.3.2 | counter32 | read-only |
The total number of packets received by the entity in SAs since boot time with authentication errors. This includes all packets in which the hash value is determined to be invalid, for both ESP and AH SAs. |
| wgIpsecReplayErrors | 1.3.6.1.4.1.3097.3.1.3.3 | counter32 | read-only |
The total number of packets received by the entity in SAs since boot time with replay errors. |
| wgIpsecPolicyErrors | 1.3.6.1.4.1.3097.3.1.3.4 | counter32 | read-only |
The total number of packets received by the entity in SAs since boot time and discarded due to policy errors. This includes packets that had selectors that were invalid for the SA that carried them. |
| wgIpsecOtherReceiveErrors | 1.3.6.1.4.1.3097.3.1.3.5 | counter32 | read-only |
The total number of packets received by the entity in SAs since boot time and discarded due to errors not due to decryption, authentication, replay or policy. |
| wgIpsecSendErrors | 1.3.6.1.4.1.3097.3.1.3.6 | counter32 | read-only |
The total number of packets to be sent by the entity in SAs since boot time and discarded due to errors. |
| wgIpsecUnknownSpiErrors | 1.3.6.1.4.1.3097.3.1.3.7 | counter32 | read-only |
The total number of packets received by the entity since boot time with SPIs or CPIs that were not valid. |