mibs/MIBS/equallogic/EQLIPSEC-MIB

1063 lines
37 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
-- Mib files packaged on Tue Mar 17 11:28:59 EDT 2015 for Storage Array Firmware V7.1.5 (R408054)
EQLIPSEC-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, IpAddress, Counter64, Integer32,TimeTicks, enterprises
FROM SNMPv2-SMI
DateAndTime, RowPointer, TruthValue, RowStatus, DisplayString, TimeStamp, StorageType
FROM SNMPv2-TC
equalLogic
FROM EQUALLOGIC-SMI
eqlGroupId
FROM EQLGROUP-MIB
eqlMemberIndex
FROM EQLMEMBER-MIB
Unsigned64
FROM EQLSTORAGEPOOL-MIB
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB -- RFC2851
;
--
-- module identity
--
eqlIpsecModule MODULE-IDENTITY
LAST-UPDATED "201503171528Z"
ORGANIZATION "EqualLogic Inc."
CONTACT-INFO
"Contact: Customer Support
Postal: Dell Inc
300 Innovative Way, Suite 301, Nashua, NH 03062
Tel: +1 603-579-9762
E-mail: US-NH-CS-TechnicalSupport@dell.com
WEB: www.equallogic.com"
DESCRIPTION
"Equallogic Inc. group information
Copyright (c) 2002-2010 by Dell, Inc.
All rights reserved. This software may not be copied, disclosed,
transferred, or used except in accordance with a license granted
by Dell, Inc. This software embodies proprietary information
and trade secrets of Dell, Inc.
"
-- Revision history, in reverse chronological order
REVISION "201007190000Z" -- 19-Jul-10
DESCRIPTION "Initial revision"
::= { enterprises equalLogic(12740) 22 }
--
-- groups of related objects
--
eqlIpsecObjects OBJECT IDENTIFIER ::= { eqlIpsecModule 1 }
eqlIpsecNotifications OBJECT IDENTIFIER ::= { eqlIpsecModule 2 }
eqlIpsecConformance OBJECT IDENTIFIER ::= { eqlIpsecModule 3 }
--
-- Textual Conventions
--
SnmpAdminString ::= TEXTUAL-CONVENTION
DISPLAY-HINT "t"
STATUS current
DESCRIPTION "An octet string containing administrative
information, preferably in human-readable form."
SYNTAX OCTET STRING (SIZE (0..1024))
InetPortNumber ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"Represents a 16 bit port number of an Internet transport
layer protocol. Port numbers are assigned by IANA. A
current list of all assignments is available from
<http://www.iana.org/>.
The value zero is object-specific and must be defined as
part of the description of any object that uses this
syntax. Examples of the usage of zero might include
situations where a port number is unknown, or when the
value zero is used as a wildcard in a filter."
REFERENCE "STD 6 (RFC 768), STD 7 (RFC 793) and RFC 2960"
SYNTAX Unsigned32 (0..65535)
IpsecAuthType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"The IpsecAuthType is used to specify the authentication
type to be used with a particular peer."
SYNTAX INTEGER { presharedkey(1), certificates(2), manualkey(3) }
IpsecIdType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"The IpsecIdType is used to specify the type of identifier
for a peer to be used with the ID payload."
SYNTAX INTEGER { none(1), ipaddress(2), userfqdn(3), fqdn(4), asn1dn(5) }
IpsecEncType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"The IpsecEncType is used to specify the encryption
algorithm to be used when manual keying is used."
SYNTAX INTEGER { nullenc(1), aes-cbc(2), triple-des-cbc(3) }
--
-- IPSec global settings definition table
--
eqlIpsecTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Persistent Storage IPSec global settings
This table contains global IPSec settings."
::= { eqlIpsecObjects 1 }
eqlIpsecEntry OBJECT-TYPE
SYNTAX EqlIpsecEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (row) containing global IPSec settings."
INDEX { eqlIpsecInstanceId }
::= { eqlIpsecTable 1 }
EqlIpsecEntry ::=
SEQUENCE {
eqlIpsecInstanceId Integer32,
eqlIpsecEnable TruthValue,
eqlIpsecRowStatus RowStatus
}
eqlIpsecInstanceId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index identifies the IPSec instance. This index should always be 1."
::= { eqlIpsecEntry 1 }
eqlIpsecEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies if IPSec is enabled or disbaled.
True for enabled and False for disabled."
DEFVAL { false }
::= { eqlIpsecEntry 2 }
eqlIpsecRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the conceptual status of this row.
This object may not be set to active if the requirements
of the spdIpHeadFiltType object are not met. In other
words, if the associated value columns needed by a
particular test have not been set, then attempting to
change this row to an active state will result in an
inconsistentValue error. See the spdIpHeadFiltType
object description for further details."
::= { eqlIpsecEntry 3 }
--
-- Policy IPHeader filter definition table
--
eqlIpsecPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Persistent Storage IPSec Policy Table.
This table contains a list of filter definitions."
::= { eqlIpsecObjects 2 }
eqlIpsecPolicyEntry OBJECT-TYPE
SYNTAX EqlIpsecPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A definition of a particular filter."
INDEX { eqlIpsecPolicyInstanceId }
::= { eqlIpsecPolicyTable 1 }
EqlIpsecPolicyEntry ::= SEQUENCE {
eqlIpsecPolicyInstanceId Integer32,
eqlIpsecPolicyFilterName SnmpAdminString,
eqlIpsecPolicyFilterIPVersion InetAddressType,
eqlIpsecPolicyFilterAddress InetAddress,
eqlIpsecPolicyFilterNetmaskLen Integer32,
eqlIpsecPolicyFilterLocalAddress InetAddress,
eqlIpsecPolicyFilterPort Integer32,
eqlIpsecPolicyFilterLocalPort Integer32,
eqlIpsecPolicyFilterProtocol Integer32,
eqlIpsecPolicyFilterPeerName SnmpAdminString,
eqlIpsecPolicyFilterAction INTEGER,
eqlIpsecPolicyFilterRowStatus RowStatus
}
eqlIpsecPolicyInstanceId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index identifies the IPSec policy instance."
::= { eqlIpsecPolicyEntry 1 }
eqlIpsecPolicyFilterName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The administrative name for this filter."
::= { eqlIpsecPolicyEntry 2 }
eqlIpsecPolicyFilterIPVersion OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Internet Protocol version the addresses are to match
against. The value of this property determines the size
and format of the eqlIpsecPolicyFilterAddress and
eqlIpsecPolicyFilterLocalAddress."
DEFVAL { ipv6 }
::= { eqlIpsecPolicyEntry 3 }
eqlIpsecPolicyFilterAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The starting address of a source address range that the
packet must match against for this filter to be
considered TRUE.
This object is only used if sourceAddress is set in
spdIpHeadFiltType."
::= { eqlIpsecPolicyEntry 4 }
eqlIpsecPolicyFilterNetmaskLen OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The ending address of a source address range to check a
packet against, where the starting is specified by the
spdIpHeadFiltSrcAddressBegin object. Set this column to
the same value as the spdIpHeadFiltSrcAddressBegin
column to get an exact single address match.
This object is only used if sourceAddress is set in
spdIpHeadFiltType."
::= { eqlIpsecPolicyEntry 5 }
eqlIpsecPolicyFilterLocalAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Local IP Address on the array to bind a policy to.
This option is only used when the Peer is of type manual.
Can be either a IPv4 or IPV6 address."
::= { eqlIpsecPolicyEntry 6 }
eqlIpsecPolicyFilterPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The low port of the port range a packet's source must
match against. To match, the port number must be
greater than or equal to this value.
This object is only used if sourcePort is set in
spdIpHeadFiltType.
The value of 0 for this object is illegal."
::= { eqlIpsecPolicyEntry 7 }
eqlIpsecPolicyFilterLocalPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The low port of the port range a packet's source must
match against. To match, the port number must be
greater than or equal to this value.
This object is only used if sourcePort is set in
spdIpHeadFiltType.
The value of 0 for this object is illegal.
This object specifies the local port to be used."
::= { eqlIpsecPolicyEntry 8 }
eqlIpsecPolicyFilterProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol number the incoming packet must match
against for this filter to be evaluated as true.
This object is only used if protocol is set in
spdIpHeadFiltType."
::= { eqlIpsecPolicyEntry 9 }
eqlIpsecPolicyFilterPeerName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This specifies the name of the peer this policy must be associated with."
::= { eqlIpsecPolicyEntry 10 }
eqlIpsecPolicyFilterAction OBJECT-TYPE
SYNTAX INTEGER {
ipsec(1),
pass(2),
drop(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action to be taken on packets matching this rule."
::= { eqlIpsecPolicyEntry 11 }
eqlIpsecPolicyFilterRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the conceptual status of this row.
This object may not be set to active if the requirements
of the spdIpHeadFiltType object are not met. In other
words, if the associated value columns needed by a
particular test have not been set, then attempting to
change this row to an active state will result in an
inconsistentValue error. See the spdIpHeadFiltType
object description for further details."
::= { eqlIpsecPolicyEntry 12 }
--
-- IPSec certificate configuration table
--
eqlIpsecCertConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecCertConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Dynamic IPSec certificate configuration Table.
This table contains the list of certificates configured."
::= { eqlIpsecObjects 3 }
eqlIpsecCertConfigEntry OBJECT-TYPE
SYNTAX EqlIpsecCertConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A definition of a particular certificate."
INDEX { eqlIpsecCertInstanceId }
::= { eqlIpsecCertConfigTable 1 }
EqlIpsecCertConfigEntry ::= SEQUENCE {
eqlIpsecCertInstanceId Integer32,
eqlIpsecCertName SnmpAdminString,
eqlIpsecCertFileName SnmpAdminString,
eqlIpsecCertType INTEGER,
eqlIpsecPrivKeyFileName SnmpAdminString,
eqlIpsecCertPassword SnmpAdminString,
eqlIpsecCertRowStatus RowStatus
}
eqlIpsecCertInstanceId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index identifies the IPSec certificate instance."
::= { eqlIpsecCertConfigEntry 1 }
eqlIpsecCertName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The administrative name for this certificate."
::= { eqlIpsecCertConfigEntry 2 }
eqlIpsecCertFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The certificate file name."
::= { eqlIpsecCertConfigEntry 3 }
eqlIpsecCertType OBJECT-TYPE
SYNTAX INTEGER {
local-cert(1),
root-cert(2),
intermediate(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The certificate type. Local cert, Root CA cert or intermediate cert."
::= { eqlIpsecCertConfigEntry 4 }
eqlIpsecPrivKeyFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The private key file name."
::= { eqlIpsecCertConfigEntry 5 }
eqlIpsecCertPassword OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The password to use for decrypting certificate."
::= { eqlIpsecCertConfigEntry 6 }
eqlIpsecCertRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the conceptual status of this row.
This object may not be set to active if the requirements
of the spdIpHeadFiltType object are not met. In other
words, if the associated value columns needed by a
particular test have not been set, then attempting to
change this row to an active state will result in an
inconsistentValue error. See the spdIpHeadFiltType
object description for further details."
::= { eqlIpsecCertConfigEntry 7 }
--
-- IPSec peer configuration table
--
eqlIpsecPeerTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecPeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Persistent Storage IPSec peer Table.
This table contains the list of peers configured."
::= { eqlIpsecObjects 4 }
eqlIpsecPeerEntry OBJECT-TYPE
SYNTAX EqlIpsecPeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A definition of a particular certificate."
INDEX { eqlIpsecPeerInstanceId }
::= { eqlIpsecPeerTable 1 }
EqlIpsecPeerEntry ::= SEQUENCE {
eqlIpsecPeerInstanceId Integer32,
eqlIpsecPeerName SnmpAdminString,
eqlIpsecPeerAuthType INTEGER,
eqlIpsecPeerPreSharedKey DisplayString,
eqlIpsecPeerCertIdType INTEGER,
eqlIpsecPeerCertIdValue SnmpAdminString,
eqlIpsecPeerNullEnc TruthValue,
eqlIpsecPeerTunnelMode TruthValue,
eqlIpsecPeerTunnelAddressIPVersion InetAddressType,
eqlIpsecPeerTunnelAddress InetAddress,
eqlIpsecPeerIkeV2 TruthValue,
eqlIpsecPeerManualKeyEncAlg INTEGER,
eqlIpsecPeerManualKeyEncKeyOut SnmpAdminString,
eqlIpsecPeerManualKeyEncKeyIn SnmpAdminString,
eqlIpsecPeerManualKeyAuthAlg INTEGER,
eqlIpsecPeerManualKeyAuthKeyOut SnmpAdminString,
eqlIpsecPeerManualKeyAuthKeyIn SnmpAdminString,
eqlIpsecPeerManualKeySpiOut Integer32,
eqlIpsecPeerManualKeySpiIn Integer32,
eqlIpsecPeerRowStatus RowStatus
}
eqlIpsecPeerInstanceId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index identifies the IPSec policy instance."
::= { eqlIpsecPeerEntry 1 }
eqlIpsecPeerName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The administrative name for this peer."
::= { eqlIpsecPeerEntry 2 }
eqlIpsecPeerAuthType OBJECT-TYPE
SYNTAX INTEGER {
presharedkey(1),
certificates(2),
manualkey(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication method used with this peer.
Pre-shared keys, certificates and manual keys are the options."
::= { eqlIpsecPeerEntry 3 }
eqlIpsecPeerPreSharedKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(6..130))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The pre-shared key to be used during authentication.
It is mandatory that this only contain printable ASCII
ASCII characters, meaning each byte must be in the range
of 33 to 126."
::= { eqlIpsecPeerEntry 4 }
eqlIpsecPeerCertIdType OBJECT-TYPE
SYNTAX INTEGER { none(1), ipaddress(2), userfqdn(3), fqdn(4), asn1dn(5) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The identifier type to be used in ID payload.
Only applicable if the auth type is certificates."
::= { eqlIpsecPeerEntry 5 }
eqlIpsecPeerCertIdValue OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The pre-shared key to be used during authentication.
Only applicable if the auth type is certificates."
::= { eqlIpsecPeerEntry 6 }
eqlIpsecPeerNullEnc OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This specifies if null encryption is to be used.
Only applicable if the auth type is certificates or pre-shared keys."
::= { eqlIpsecPeerEntry 7 }
eqlIpsecPeerTunnelMode OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This specifies if tunnel mode is to be used with this peer."
DEFVAL {false}
::= { eqlIpsecPeerEntry 8 }
eqlIpsecPeerTunnelAddressIPVersion OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Internet Protocol version the addresses are to match
against. The value of this property determines the size
and format of the spdIpHeadFiltSrcAddressBegin,
spdIpHeadFiltSrcAddressEnd,
spdIpHeadFiltDstAddressBegin, and
spdIpHeadFiltDstAddressEnd objects.
Values of unknown, ipv4z, ipv6z and dns are not legal
values for this object."
DEFVAL { ipv6 }
::= { eqlIpsecPeerEntry 9 }
eqlIpsecPeerTunnelAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address of the tunnel remote end
This object is only used if tunnelMode is set to True."
::= { eqlIpsecPeerEntry 10 }
eqlIpsecPeerIkeV2 OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This specifies the IKE version to be used with this peer. If the peer talks
the other version, the IPSec session will not be established."
DEFVAL {false}
::= { eqlIpsecPeerEntry 11 }
eqlIpsecPeerManualKeyEncAlg OBJECT-TYPE
SYNTAX INTEGER { none(0), des-cbc(2), triple-des-cbc(3), cast128-cbc(6), blowfish-cbc(7), null-enc(11), aes(12), aes-ctr(13), skipjack(250) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encryption algorithm to be used.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 12 }
eqlIpsecPeerManualKeyEncKeyOut OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encryption key to be used in the outbound direction.
Specified as a hex string.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 13 }
eqlIpsecPeerManualKeyEncKeyIn OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encryption key to be used in the inbound direction.
Specified as a hex string.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 14 }
eqlIpsecPeerManualKeyAuthAlg OBJECT-TYPE
SYNTAX INTEGER { none(0), sha1(1), sha256(2) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication algorithm to be used.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 15 }
eqlIpsecPeerManualKeyAuthKeyOut OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication key to be used in the outbound direction.
Specified as a string.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 16 }
eqlIpsecPeerManualKeyAuthKeyIn OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication key to be used in the inbound direction.
Specified as a string.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 17 }
eqlIpsecPeerManualKeySpiOut OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The SPI to be used in the outbound direction.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 18 }
eqlIpsecPeerManualKeySpiIn OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The SPI to be used in the inbound direction.
Only applicable if the auth type is manual keys."
::= { eqlIpsecPeerEntry 19 }
eqlIpsecPeerRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the conceptual status of this row.
This object may not be set to active if the requirements
of the spdIpHeadFiltType object are not met. In other
words, if the associated value columns needed by a
particular test have not been set, then attempting to
change this row to an active state will result in an
inconsistentValue error. See the spdIpHeadFiltType
object description for further details."
::= { eqlIpsecPeerEntry 20 }
--
-- IPSec certificate display table
--
eqlIpsecCertDisplayTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecCertDisplayEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Dynamic IPSec certificate display Table.
This table is used to display certificate details."
::= { eqlIpsecObjects 5 }
eqlIpsecCertDisplayEntry OBJECT-TYPE
SYNTAX EqlIpsecCertDisplayEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contents of a particular certificate instance for display."
INDEX { eqlIpsecCertInstanceId }
::= { eqlIpsecCertDisplayTable 1 }
EqlIpsecCertDisplayEntry ::= SEQUENCE {
eqlIpsecCertDisplayName SnmpAdminString,
eqlIpsecCertDisplayIssuedToDName SnmpAdminString,
eqlIpsecCertDisplaySerialNumber SnmpAdminString,
eqlIpsecCertDisplayIssuedByDName SnmpAdminString,
eqlIpsecCertDisplayIssuedOn SnmpAdminString,
eqlIpsecCertDisplayExpiresOn SnmpAdminString,
eqlIpsecCertDisplaySha1Fingerprint SnmpAdminString,
eqlIpsecCertDisplayMd5Fingerprint SnmpAdminString,
eqlIpsecCertDisplayLocal INTEGER,
eqlIpsecCertDisplayFormat INTEGER,
eqlIpsecCertDisplaySubAltName SnmpAdminString
}
eqlIpsecCertDisplayName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The administrative name for this certificate."
::= { eqlIpsecCertDisplayEntry 1 }
eqlIpsecCertDisplayIssuedToDName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..256))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field issued to distinguished name."
::= { eqlIpsecCertDisplayEntry 2 }
eqlIpsecCertDisplaySerialNumber OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field serial number."
::= { eqlIpsecCertDisplayEntry 3 }
eqlIpsecCertDisplayIssuedByDName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..256))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field issued by distinguished name."
::= { eqlIpsecCertDisplayEntry 4 }
eqlIpsecCertDisplayIssuedOn OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field issued on."
::= { eqlIpsecCertDisplayEntry 5 }
eqlIpsecCertDisplayExpiresOn OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field expires on."
::= { eqlIpsecCertDisplayEntry 6 }
eqlIpsecCertDisplaySha1Fingerprint OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field SHA1 finger print."
::= { eqlIpsecCertDisplayEntry 7 }
eqlIpsecCertDisplayMd5Fingerprint OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field MD5 finger print."
::= { eqlIpsecCertDisplayEntry 8 }
eqlIpsecCertDisplayLocal OBJECT-TYPE
SYNTAX INTEGER {
local-cert(1),
root-cert(2),
intermediate(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Boolean that indicates if this is a localm certificate or not."
::= { eqlIpsecCertDisplayEntry 9 }
eqlIpsecCertDisplayFormat OBJECT-TYPE
SYNTAX INTEGER {
x509(1),
pkcs12(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The certificate format. x.509 or pkcs12."
::= { eqlIpsecCertDisplayEntry 10 }
eqlIpsecCertDisplaySubAltName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..256))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the field MD5 finger print."
::= { eqlIpsecCertDisplayEntry 11 }
--
-- IPSec SA display table
--
eqlIpsecSecAssocTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecSecAssocEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Dynamic IPSec security association Table.
This table is used to display the security association details."
::= { eqlIpsecObjects 6 }
eqlIpsecSecAssocEntry OBJECT-TYPE
SYNTAX EqlIpsecSecAssocEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contents of a particular SA instance for display."
INDEX { eqlGroupId, eqlMemberIndex,
eqlIpsecSecAssocInstanceIdHigh,
eqlIpsecSecAssocInstanceIdLow }
::= { eqlIpsecSecAssocTable 1 }
EqlIpsecSecAssocEntry ::= SEQUENCE {
eqlIpsecSecAssocInstanceIdHigh Unsigned32,
eqlIpsecSecAssocInstanceIdLow Unsigned32,
eqlIpsecSecAssocSrcAddressIPVersion InetAddressType,
eqlIpsecSecAssocSrcAddress InetAddress,
eqlIpsecSecAssocDstAddressIPVersion InetAddressType,
eqlIpsecSecAssocDstAddress InetAddress,
eqlIpsecSecAssocEncAlg INTEGER,
eqlIpsecSecAssocAuthAlg INTEGER,
eqlIpsecSecAssocSpi Integer32,
eqlIpsecSecAssocEncKey SnmpAdminString,
eqlIpsecSecAssocAuthKey SnmpAdminString,
eqlIpsecSecAssocManual TruthValue
}
eqlIpsecSecAssocInstanceIdHigh OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index carries the high-order 32-bit of the instance ID that identifies the IPSec security association."
::= { eqlIpsecSecAssocEntry 1 }
eqlIpsecSecAssocInstanceIdLow OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index carries the low-order 32-bit of the instance ID that identifies the IPSec security association."
::= { eqlIpsecSecAssocEntry 2 }
eqlIpsecSecAssocSrcAddressIPVersion OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP version of the source endpoint."
::= { eqlIpsecSecAssocEntry 3 }
eqlIpsecSecAssocSrcAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP address of the source endpoint."
::= { eqlIpsecSecAssocEntry 4 }
eqlIpsecSecAssocDstAddressIPVersion OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP version of the destination endpoint."
::= { eqlIpsecSecAssocEntry 5 }
eqlIpsecSecAssocDstAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP address of the destination endpoint."
::= { eqlIpsecSecAssocEntry 6 }
eqlIpsecSecAssocEncAlg OBJECT-TYPE
SYNTAX INTEGER { none(0), des-cbc(2), triple-des-cbc(3), cast128-cbc(6), blowfish-cbc(7), null-enc(11), aes(12), aes-ctr(13), skipjack(250) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encryption algorithm used."
::= { eqlIpsecSecAssocEntry 7 }
eqlIpsecSecAssocAuthAlg OBJECT-TYPE
SYNTAX INTEGER { none(0), md5-hmac(2), sha1-hmac(3), sha2-256(5), sha2-384(6), sha2-512(7), ripemd160-hmac(8), aes-xcbc-mac(9), md5(249), sha(250), null(251), tcp-md5(252) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The authentication algorithm used."
::= { eqlIpsecSecAssocEntry 8 }
eqlIpsecSecAssocSpi OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"SPI used in the security association."
::= { eqlIpsecSecAssocEntry 9 }
eqlIpsecSecAssocEncKey OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the encryption key used in the SA."
::= { eqlIpsecSecAssocEntry 10 }
eqlIpsecSecAssocAuthKey OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Display string for the authentication key used in the SA."
::= { eqlIpsecSecAssocEntry 11 }
eqlIpsecSecAssocManual OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"True means SA is from a manual key configured."
::= { eqlIpsecSecAssocEntry 12 }
--
-- IPSec stale SA delete table
--
eqlIpsecStaleSecAssocDeleteTable OBJECT-TYPE
SYNTAX SEQUENCE OF EqlIpsecStaleSecAssocDeleteEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"EqualLogic-Dynamic IPSec stale security association
delete Table. This table is used to indicate the
destination address and type of all security associations
to delete."
::= { eqlIpsecObjects 7 }
eqlIpsecStaleSecAssocDeleteEntry OBJECT-TYPE
SYNTAX EqlIpsecStaleSecAssocDeleteEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contents of a particular SA instance for delete."
INDEX { eqlGroupId, eqlMemberIndex, eqlIpsecStaleSecAssocDeleteInstanceId }
::= { eqlIpsecStaleSecAssocDeleteTable 1 }
EqlIpsecStaleSecAssocDeleteEntry ::= SEQUENCE {
eqlIpsecStaleSecAssocDeleteInstanceId Integer32,
eqlIpsecStaleSecAssocDeleteDestAddressIPVersion InetAddressType,
eqlIpsecStaleSecAssocDeleteDestAddress InetAddress,
eqlIpsecStaleSecAssocDeleteRowStatus RowStatus
}
eqlIpsecStaleSecAssocDeleteInstanceId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This index identifies the IPSec stale SA delete instance."
::= { eqlIpsecStaleSecAssocDeleteEntry 1 }
eqlIpsecStaleSecAssocDeleteDestAddressIPVersion OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP version of the destination address of the security
associations to delete."
::= { eqlIpsecStaleSecAssocDeleteEntry 2 }
eqlIpsecStaleSecAssocDeleteDestAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The destination address of the security associations to delete."
::= { eqlIpsecStaleSecAssocDeleteEntry 3 }
eqlIpsecStaleSecAssocDeleteRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the conceptual status of this row."
::= { eqlIpsecStaleSecAssocDeleteEntry 4 }
END