-- ***************************************************************************** -- Juniper-IKE-MIB -- -- Juniper Networks Enterprise MIB -- Extensions for Internet Key Exchange management -- -- Copyright (c) 2004 Juniper Networks, Inc. All Rights Reserved. -- ***************************************************************************** Juniper-IKE-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, IpAddress, Unsigned32, Integer32 FROM SNMPv2-SMI TEXTUAL-CONVENTION, RowStatus, DisplayString FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF juniMibs FROM Juniper-MIBs; juniIkeMIB MODULE-IDENTITY LAST-UPDATED "200404062226Z" -- 06-Apr-04 06:26 PM EDT ORGANIZATION "Juniper Networks, Inc." CONTACT-INFO " Juniper Networks, Inc. Postal: 10 Technology Park Drive Westford, MA 01886-3146 USA Tel: +1 978 589 5800 Email: mib@Juniper.net" DESCRIPTION "The Internet Key Exchange (IKE) MIB for the Juniper Networks enterprise." -- Revision History REVISION "200511221615Z" -- 22-Nov-05 11:15 AM EST - JUNOSe 7.3 DESCRIPTION "Replaced the juniIkePolicyRuleTable with the juniIkePolicyRuleV2Table. Added ip address and router index. Added more options to the agressive mode." REVISION "200401231512Z" -- 23-Jan-04 10:12 AM EST - JUNOSe 6.0 DESCRIPTION "Replaced the juniIkeSaTable with the juniIkeSa2Table. Added local and remote IKE cookies to the IKE SA2 table. Added local port, remote port, and ikeSaNegotiationDone flag to the IKE SA2 table." REVISION "200404062226Z" -- 06-Apr-04 06:26 PM EDT - JUNOSe 5.3 DESCRIPTION "Initial version of this MIB module." ::= { juniMibs 71 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Textual conventions -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ JuniIkeAuthenticationMethod ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The authentication method for the IKE policy rule." SYNTAX INTEGER { rsaSignature(0), preSharedKeys(3) } JuniIkeEncryptionMethod ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The encryption method for the IKE policy rule." SYNTAX INTEGER { des(0), tripleDes(1) } JuniIkeGroup ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The PFS group for the IKE policy rule." SYNTAX INTEGER { group1(0), group2(1), group5(4) } JuniIkeHashMethod ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The hash method for the IKE policy rule." SYNTAX INTEGER { md5(0), sha(1) } JuniIkeNegotiationMode ::= TEXTUAL-CONVENTION STATUS obsolete DESCRIPTION "The mode that IKE uses to negotiate its SA." SYNTAX INTEGER { aggressive(0), main(1) } JuniIkeNegotiationV2Mode ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The aggressive mode that IKE uses to negotiate its SA." SYNTAX INTEGER { aggressiveAccepted(0), aggressiveRequested(1), aggressiveRequired(2), aggressiveNotAllowed(3) } JuniIpsecPhase1SaState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The state for the IKE security association." SYNTAX INTEGER { reserved(0), startSaNegotiationI(1), startSaNegotiationR(2), mmSaI(3), mmSaR(4), mmKeI(5), mmKeR(6), mmFinalI(7), mmFinalR(8), mmDoneI(9), amSaI(10), amSaR(11), amFinalI(12), amDoneR(13), startQmI(14), startQmR(15), qmHashSaI(16), qmHashSaR(17), qmHashI(18), qmDoneR(19), startNgmI(20), startNgmR(21), ngmHashSaI(22), ngmHashSaR(23), ngmDoneI(24), done(25), deleted(26) } JuniIpsecPhase1SaDirection ::= TEXTUAL-CONVENTION STATUS obsolete DESCRIPTION "The direction for the IPsec phase 1 security association." SYNTAX INTEGER { initiator(0), responder(1) } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Managed objects -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniIkeObjects OBJECT IDENTIFIER ::= { juniIkeMIB 1 } -- -- Major subtrees -- juniIke OBJECT IDENTIFIER ::= { juniIkeObjects 1 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- IPSEC IKE group -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- -- Obsolete IKE policy rule table -- juniIkePolicyRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkePolicyRuleEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "Obsolete IKE policy rule table that stores the IKE policy rule. This table has been replaced by the juniIkePolicyRuleV2Table" ::= { juniIke 1 } juniIkePolicyRuleEntry OBJECT-TYPE SYNTAX JuniIkePolicyRuleEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "Describes the IKE policy rule." INDEX { juniIkePolicyRulePriority } ::= { juniIkePolicyRuleTable 1 } JuniIkePolicyRuleEntry ::= SEQUENCE { juniIkePolicyRulePriority Integer32, juniIkePolicyRuleAuthMethod JuniIkeAuthenticationMethod, juniIkePolicyRuleEncryptMethod JuniIkeEncryptionMethod, juniIkePolicyRulePfsGroup JuniIkeGroup, juniIkePolicyRuleHashMethod JuniIkeHashMethod, juniIkePolicyRuleLifetime Integer32, juniIkePolicyRuleNegotiationMode JuniIkeNegotiationMode, juniIkePolicyRuleRowStatus RowStatus } juniIkePolicyRulePriority OBJECT-TYPE SYNTAX Integer32 (1..10000) MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The priority of the IKE policy rule." ::= { juniIkePolicyRuleEntry 1 } juniIkePolicyRuleAuthMethod OBJECT-TYPE SYNTAX JuniIkeAuthenticationMethod MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The authentication method for the IKE policy rule." DEFVAL { preSharedKeys } ::= { juniIkePolicyRuleEntry 2 } juniIkePolicyRuleEncryptMethod OBJECT-TYPE SYNTAX JuniIkeEncryptionMethod MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The encryption method for the IKE policy rule." DEFVAL { tripleDes } ::= { juniIkePolicyRuleEntry 3 } juniIkePolicyRulePfsGroup OBJECT-TYPE SYNTAX JuniIkeGroup MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The PFS group for the IKE policy rule." DEFVAL { group2 } ::= { juniIkePolicyRuleEntry 4 } juniIkePolicyRuleHashMethod OBJECT-TYPE SYNTAX JuniIkeHashMethod MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The hash method for the IKE policy rule." DEFVAL { sha } ::= { juniIkePolicyRuleEntry 5 } juniIkePolicyRuleLifetime OBJECT-TYPE SYNTAX Integer32 (60..86400) MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The lifetime in seconds for the IKE policy rule." DEFVAL { 28800 } ::= { juniIkePolicyRuleEntry 6 } juniIkePolicyRuleNegotiationMode OBJECT-TYPE SYNTAX JuniIkeNegotiationMode MAX-ACCESS read-create STATUS obsolete DESCRIPTION "The negotiation mode for the IKE policy rule." DEFVAL { aggressive } ::= { juniIkePolicyRuleEntry 7 } juniIkePolicyRuleRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS obsolete DESCRIPTION "Controls creation/deletion of entries in this table according to the RowStatus textual convention, constrained to support the following values only: createAndGo destroy To create an entry in this table, the following entry objects MUST be explicitly configured: juniIkePolicyRulePriority " ::= { juniIkePolicyRuleEntry 8 } -- -- IKE policy rule table -- juniIkePolicyRuleV2Table OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkePolicyRuleV2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IKE policy rule table that stores the IKE policy rule." ::= { juniIke 6 } juniIkePolicyRuleV2Entry OBJECT-TYPE SYNTAX JuniIkePolicyRuleV2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes the IKE policy rule." INDEX { juniIkePolicyRuleV2Priority } ::= { juniIkePolicyRuleV2Table 1 } JuniIkePolicyRuleV2Entry ::= SEQUENCE { juniIkePolicyRuleV2Priority Integer32, juniIkePolicyRuleV2AuthMethod JuniIkeAuthenticationMethod, juniIkePolicyRuleV2EncryptMethod JuniIkeEncryptionMethod, juniIkePolicyRuleV2PfsGroup JuniIkeGroup, juniIkePolicyRuleV2HashMethod JuniIkeHashMethod, juniIkePolicyRuleV2Lifetime Integer32, juniIkePolicyRuleV2NegotiationMode JuniIkeNegotiationV2Mode, juniIkePolicyRuleV2IpAddress IpAddress, juniIkePolicyRuleV2RouterIndex Unsigned32, juniIkePolicyRuleV2RowStatus RowStatus } juniIkePolicyRuleV2Priority OBJECT-TYPE SYNTAX Integer32 (1..10000) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The priority of the IKE policy rule." ::= { juniIkePolicyRuleV2Entry 1 } juniIkePolicyRuleV2AuthMethod OBJECT-TYPE SYNTAX JuniIkeAuthenticationMethod MAX-ACCESS read-create STATUS current DESCRIPTION "The authentication method for the IKE policy rule." DEFVAL { preSharedKeys } ::= { juniIkePolicyRuleV2Entry 2 } juniIkePolicyRuleV2EncryptMethod OBJECT-TYPE SYNTAX JuniIkeEncryptionMethod MAX-ACCESS read-create STATUS current DESCRIPTION "The encryption method for the IKE policy rule." DEFVAL { tripleDes } ::= { juniIkePolicyRuleV2Entry 3 } juniIkePolicyRuleV2PfsGroup OBJECT-TYPE SYNTAX JuniIkeGroup MAX-ACCESS read-create STATUS current DESCRIPTION "The PFS group for the IKE policy rule." DEFVAL { group2 } ::= { juniIkePolicyRuleV2Entry 4 } juniIkePolicyRuleV2HashMethod OBJECT-TYPE SYNTAX JuniIkeHashMethod MAX-ACCESS read-create STATUS current DESCRIPTION "The hash method for the IKE policy rule." DEFVAL { sha } ::= { juniIkePolicyRuleV2Entry 5 } juniIkePolicyRuleV2Lifetime OBJECT-TYPE SYNTAX Integer32 (60..86400) MAX-ACCESS read-create STATUS current DESCRIPTION "The lifetime in seconds for the IKE policy rule." DEFVAL { 28800 } ::= { juniIkePolicyRuleV2Entry 6 } juniIkePolicyRuleV2NegotiationMode OBJECT-TYPE SYNTAX JuniIkeNegotiationV2Mode MAX-ACCESS read-create STATUS current DESCRIPTION "The negotiation mode for the IKE policy rule." DEFVAL { aggressiveNotAllowed } ::= { juniIkePolicyRuleV2Entry 7 } juniIkePolicyRuleV2IpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The ip address for the IKE policy rule." ::= { juniIkePolicyRuleV2Entry 8 } juniIkePolicyRuleV2RouterIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The virtual router for the IKE policy rule." ::= { juniIkePolicyRuleV2Entry 9 } juniIkePolicyRuleV2RowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Controls creation/deletion of entries in this table according to the RowStatus textual convention, constrained to support the following values only: createAndGo destroy To create an entry in this table, the following entry objects MUST be explicitly configured: juniIkePolicyRuleV2Priority " ::= { juniIkePolicyRuleV2Entry 10 } -- -- IKE IPv4 based preshared key table -- juniIkeIpv4PresharedKeyTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkeIpv4PresharedKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IKE preshared key table that stores the IKE pre-share keys indexed by the IP address." ::= { juniIke 2 } juniIkeIpv4PresharedKeyEntry OBJECT-TYPE SYNTAX JuniIkeIpv4PresharedKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes the IKE preshared key." INDEX { juniIkeIpv4PresharedRemoteIpAddr, juniIkeIpv4PresharedRouterIdx } ::= { juniIkeIpv4PresharedKeyTable 1 } JuniIkeIpv4PresharedKeyEntry ::= SEQUENCE { juniIkeIpv4PresharedRemoteIpAddr IpAddress, juniIkeIpv4PresharedRouterIdx Unsigned32, juniIkeIpv4PresharedKeyStr DisplayString, juniIkeIpv4PresharedMaskedKeyStr OCTET STRING, juniIkeIpv4PresharedKeyRowStatus RowStatus } juniIkeIpv4PresharedRemoteIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address of the remote endpoint for the preshared key." ::= { juniIkeIpv4PresharedKeyEntry 1 } juniIkeIpv4PresharedRouterIdx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The router index of the virtual router. The value of this object can be used to retrieve additional information in the router MIB." REFERENCE "Juniper-ROUTER-MIB" ::= { juniIkeIpv4PresharedKeyEntry 2 } juniIkeIpv4PresharedKeyStr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..200)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IKE preshared key string." ::= { juniIkeIpv4PresharedKeyEntry 3 } juniIkeIpv4PresharedMaskedKeyStr OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..300)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IKE masked preshared key string." ::= { juniIkeIpv4PresharedKeyEntry 4 } juniIkeIpv4PresharedKeyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Controls creation/deletion of entries in this table according to the RowStatus textual convention, constrained to support the following values only: createAndGo destroy To create an entry in this table, the following entry objects MUST be explicitly configured: juniIkeIpv4PresharedKeyRowStatus juniIkeIpv4PresharedRemoteIpAddr juniIkeIpv4PresharedKeyStr Once created, the following objects may not be modified: juniIkeIpv4PresharedRemoteIpAddr juniIkeIpv4PresharedMaskedKeyStr " ::= { juniIkeIpv4PresharedKeyEntry 5 } -- -- IKE FQDN based preshared key table -- juniIkeFqdnPresharedKeyTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkeFqdnPresharedKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IPSEC preshared key table that stores the IKE pre-share keys indexed by FQDN or userFQDN string." ::= { juniIke 3 } juniIkeFqdnPresharedKeyEntry OBJECT-TYPE SYNTAX JuniIkeFqdnPresharedKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes the IKE phase preshared key." INDEX { juniIkeFqdnPresharedRemote, juniIkeFqdnPresharedRouterIndex } ::= { juniIkeFqdnPresharedKeyTable 1 } JuniIkeFqdnPresharedKeyEntry ::= SEQUENCE { juniIkeFqdnPresharedRemote DisplayString, juniIkeFqdnPresharedRouterIndex Unsigned32, juniIkeFqdnPresharedKeyStr DisplayString, juniIkeFqdnPresharedMaskedKeyStr OCTET STRING, juniIkeFqdnPresharedKeyRowStatus RowStatus } juniIkeFqdnPresharedRemote OBJECT-TYPE SYNTAX DisplayString (SIZE(0..80)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote FQDN endpoint of the IKE preshared key." ::= { juniIkeFqdnPresharedKeyEntry 1 } juniIkeFqdnPresharedRouterIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The router index of the virtual router. The value of this object can be used to retrieve additional information in the router MIB." ::= { juniIkeFqdnPresharedKeyEntry 2 } juniIkeFqdnPresharedKeyStr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..200)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IKE preshared key string." ::= { juniIkeFqdnPresharedKeyEntry 3 } juniIkeFqdnPresharedMaskedKeyStr OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..300)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IKE masked preshared key string." ::= { juniIkeFqdnPresharedKeyEntry 4 } juniIkeFqdnPresharedKeyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Controls creation/deletion of entries in this table according to the RowStatus textual convention, constrained to support the following values only: createAndGo destroy To create an entry in this table, the following entry objects MUST be explicitly configured: juniIpsecIkePresharedKeyRowStatus juniIkeFqdnPresharedRemote juniIkeFqdnPresharedVirtualRouter juniIkeFqdnPresharedKeyStr Once created, the following objects may not be modified: juniIkeFqdnPresharedRemote juniIkeFqdnPresharedVirtualRouter juniIkeFqdnPresharedMaskedKeyStr " ::= { juniIkeFqdnPresharedKeyEntry 5 } -- -- Obsolete IKE SA table. -- juniIkeSaTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkeSaEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "Obsolete IKE security assoication table. This table has been replaced by the version 2 IKE SA table (juniIkeSa2Table)." ::= { juniIke 4 } juniIkeSaEntry OBJECT-TYPE SYNTAX JuniIkeSaEntry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "Describes the IPsec IKE SA." INDEX { juniIkeSaRemoteIpAddr, juniIkeSaLocalIpAddr, juniIkeSaRouterIndex, juniIkeSaDirection } ::= { juniIkeSaTable 1 } JuniIkeSaEntry ::= SEQUENCE { juniIkeSaRemoteIpAddr IpAddress, juniIkeSaLocalIpAddr IpAddress, juniIkeSaRouterIndex Unsigned32, juniIkeSaDirection JuniIpsecPhase1SaDirection, juniIkeSaState JuniIpsecPhase1SaState, juniIkeSaRemaining Unsigned32 } juniIkeSaRemoteIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The remote IP address of the IKE security association." ::= { juniIkeSaEntry 1 } juniIkeSaLocalIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The local IP address of the IKE security association." ::= { juniIkeSaEntry 2 } juniIkeSaRouterIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The router index of the virtual router. The value of this object can be used to retrieve additional information in the router MIB." ::= { juniIkeSaEntry 3 } juniIkeSaDirection OBJECT-TYPE SYNTAX JuniIpsecPhase1SaDirection MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "The value represents if the IKE SA is for initiator or responder. Initiator donates the value of 0, and responder denotes the value of 1." ::= { juniIkeSaEntry 4 } juniIkeSaState OBJECT-TYPE SYNTAX JuniIpsecPhase1SaState MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The state of the IKE secruity association." ::= { juniIkeSaEntry 5 } juniIkeSaRemaining OBJECT-TYPE SYNTAX Unsigned32 (0..86400) UNITS "seconds" MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The remaining time of the IKE security association." ::= { juniIkeSaEntry 6 } -- -- The IKE SA (vesion 2) table. Replaces the obsolete juniIkeSaTable. -- juniIkeSa2Table OBJECT-TYPE SYNTAX SEQUENCE OF JuniIkeSa2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IKE security assoication table." ::= { juniIke 5 } juniIkeSa2Entry OBJECT-TYPE SYNTAX JuniIkeSa2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes the IPsec IKE SA." INDEX { juniIkeSa2RemoteIpAddr, juniIkeSaRemotePort, juniIkeSa2LocalIpAddr, juniIkeSaLocalPort, juniIkeSa2RouterIndex, juniIkeSa2Direction, juniIkeSaNegotiationDone } ::= { juniIkeSa2Table 1 } JuniIkeSa2Entry ::= SEQUENCE { juniIkeSa2RemoteIpAddr IpAddress, juniIkeSaRemotePort Unsigned32, juniIkeSa2LocalIpAddr IpAddress, juniIkeSaLocalPort Unsigned32, juniIkeSa2RouterIndex Unsigned32, juniIkeSa2Direction INTEGER, juniIkeSaNegotiationDone INTEGER, juniIkeSa2State JuniIpsecPhase1SaState, juniIkeSa2Remaining Unsigned32, juniLocalCookie OCTET STRING, juniRemoteCookie OCTET STRING } juniIkeSa2RemoteIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote IP address of the IKE security association." ::= { juniIkeSa2Entry 1 } juniIkeSaRemotePort OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote UDP port the IKE security association." ::= { juniIkeSa2Entry 2 } juniIkeSa2LocalIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local IP address of the IKE security association." ::= { juniIkeSa2Entry 3 } juniIkeSaLocalPort OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local UDP port the IKE security association." ::= { juniIkeSa2Entry 4 } juniIkeSa2RouterIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The router index of the virtual router. The value of this object can be used to retrieve additional information in the router MIB." ::= { juniIkeSa2Entry 5 } juniIkeSa2Direction OBJECT-TYPE SYNTAX INTEGER { responder(0), initiator(1) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "This IKE SA is for an initiator or a responder." ::= { juniIkeSa2Entry 6 } juniIkeSaNegotiationDone OBJECT-TYPE SYNTAX INTEGER { negotiationNotDone(0), negotiationDone(1) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The phase 1 negotiation is done or not." ::= { juniIkeSa2Entry 7 } juniIkeSa2State OBJECT-TYPE SYNTAX JuniIpsecPhase1SaState MAX-ACCESS read-only STATUS current DESCRIPTION "The state of the IKE secruity association." ::= { juniIkeSa2Entry 8 } juniIkeSa2Remaining OBJECT-TYPE SYNTAX Unsigned32 (0..86400) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The remaining time of the IKE security association." ::= { juniIkeSa2Entry 9 } juniRemoteCookie OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..8)) MAX-ACCESS read-only STATUS current DESCRIPTION "The remote IKE cookie." ::= { juniIkeSa2Entry 10 } juniLocalCookie OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..8)) MAX-ACCESS read-only STATUS current DESCRIPTION "The local IKE cookie." ::= { juniIkeSa2Entry 11 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Conformance information -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniIkeMIBConformance OBJECT IDENTIFIER ::= { juniIkeMIB 2 } juniIkeMIBCompliances OBJECT IDENTIFIER ::= { juniIkeMIBConformance 1 } juniIkeMIBGroups OBJECT IDENTIFIER ::= { juniIkeMIBConformance 2 } -- -- compliance statements -- juniIkeCompliance MODULE-COMPLIANCE STATUS obsolete DESCRIPTION "Obsolete compliance statement for SNMPv2 entities which implement the IKE MIB. This statement became obsolete when the juniIkeSaTable was replaced with the juniIkeSa2Table." MODULE -- this module MANDATORY-GROUPS { juniIkePolicyRuleGroup, juniIkeIpv4PreSharedKeyGroup, juniIkeFqdnPreSharedKeyGroup, juniIkeSaGroup } ::= { juniIkeMIBCompliances 1 } -- JUNOSe 5.3 juniIkeCompliance2 MODULE-COMPLIANCE STATUS obsolete DESCRIPTION "Obsolete compliance statement for SNMPv2 entities which implement the IKE MIB. This statement became obsolete when the juniIkePolicyRuleGroup was replaced with the juniIkePolicyRuleV2Group" MODULE -- this module MANDATORY-GROUPS { juniIkePolicyRuleGroup, juniIkeIpv4PreSharedKeyGroup, juniIkeFqdnPreSharedKeyGroup, juniIkeSa2Group } ::= { juniIkeMIBCompliances 2 } -- JUNOSe 5.3 juniIkeCompliance3 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMPv2 entities which implement the IKE MIB." MODULE -- this module MANDATORY-GROUPS { juniIkePolicyRuleV2Group, juniIkeIpv4PreSharedKeyGroup, juniIkeFqdnPreSharedKeyGroup, juniIkeSa2Group } ::= { juniIkeMIBCompliances 3 } -- JUNOSe 7.3 -- -- units of conformance -- juniIkePolicyRuleGroup OBJECT-GROUP OBJECTS { juniIkePolicyRuleAuthMethod, juniIkePolicyRuleEncryptMethod, juniIkePolicyRulePfsGroup, juniIkePolicyRuleHashMethod, juniIkePolicyRuleLifetime, juniIkePolicyRuleNegotiationMode, juniIkePolicyRuleRowStatus } STATUS obsolete DESCRIPTION "Obsolete collection of objects providing configuration information of the IKE policy rule. This group became obsolete when the juniIkePolicyRuleGroup was replaced with the juniIkePolicyRuleV2Group" ::= { juniIkeMIBGroups 1 } -- JUNOSe 5.3 juniIkeIpv4PreSharedKeyGroup OBJECT-GROUP OBJECTS { juniIkeIpv4PresharedKeyStr, juniIkeIpv4PresharedMaskedKeyStr, juniIkeIpv4PresharedKeyRowStatus } STATUS current DESCRIPTION "A collection of objects providing configuration information of the IKE preshared key in IPv4 format." ::= { juniIkeMIBGroups 2 } -- JUNOSe 5.3 juniIkeFqdnPreSharedKeyGroup OBJECT-GROUP OBJECTS { juniIkeFqdnPresharedKeyStr, juniIkeFqdnPresharedMaskedKeyStr, juniIkeFqdnPresharedKeyRowStatus } STATUS current DESCRIPTION "A collection of objects providing configuration information of the IKE preshared key in FQDN format." ::= { juniIkeMIBGroups 3 } -- JUNOSe 5.3 juniIkeSaGroup OBJECT-GROUP OBJECTS { juniIkeSaState, juniIkeSaRemaining } STATUS obsolete DESCRIPTION "Obsolete collection of objects providing IKE SA state information. This group became obsolete when the juniIkeSaTable was replaced with the juniIkeSa2Table." ::= { juniIkeMIBGroups 4 } -- JUNOSe 5.3 juniIkeSa2Group OBJECT-GROUP OBJECTS { juniIkeSa2State, juniIkeSa2Remaining, juniRemoteCookie, juniLocalCookie } STATUS current DESCRIPTION "A collection of objects providing IKE SA state information." ::= { juniIkeMIBGroups 5 } -- JUNOSe 6.0 juniIkePolicyRuleV2Group OBJECT-GROUP OBJECTS { juniIkePolicyRuleV2AuthMethod, juniIkePolicyRuleV2EncryptMethod, juniIkePolicyRuleV2PfsGroup, juniIkePolicyRuleV2HashMethod, juniIkePolicyRuleV2Lifetime, juniIkePolicyRuleV2NegotiationMode, juniIkePolicyRuleV2IpAddress, juniIkePolicyRuleV2RouterIndex, juniIkePolicyRuleV2RowStatus } STATUS current DESCRIPTION "A collection of objects providing configuration information of the IKE policy rule." ::= { juniIkeMIBGroups 6 } -- JUNOSe 7.3 END