1906 lines
74 KiB
Plaintext
1906 lines
74 KiB
Plaintext
-- ====================================================================
|
|
-- Copyright (c) 2004-2021 New H3C Tech. Co., Ltd. All rights reserved.
|
|
--
|
|
-- Description: The MIB is designed to get IKE tunnels' statistic information.
|
|
--
|
|
-- Reference:
|
|
-- Version: 1.5
|
|
-- History:
|
|
-- V1.0: The initial version created by Caixiansen, Renweichun and Maoyu.
|
|
-- V1.1: modified by liguanmin.2005.1.19
|
|
-- In order to describe DPD work parameters if a tunnel enable
|
|
-- DPD function, two nodes have added in Hh3cIKETunnelEntry .those nodes are
|
|
-- hh3cIKETunDpdIntervalTime and hh3cIKETunDpdTimeOut.
|
|
-- V1.2: Modified by Caixiansen Mar.3 2005
|
|
-- Two values 'modp1536(5)' and 'modp2048(14)'are added for data type
|
|
-- 'Hh3cDiffHellmanGrp' .
|
|
-- V1.3: Modified by Liukan Dec.8 2008
|
|
-- Three values 'aesCbc128(8)', 'aesCbc192(9)' and 'aesCbc256(10)' are added
|
|
-- to data type 'Hh3cEncryptAlgo'.
|
|
-- Value description of data type 'Hh3cIKENegoMode' is changed from 'aggressive(4)' to
|
|
-- 'aggressiveMode(4)'.
|
|
-- V1.4: Modified by Weiyanheng Jun.28 2012
|
|
-- 1) 'dsaSignatures(2)' is added to data type 'Hh3cIKEAuthMethod'.
|
|
-- 2) 'none(0)' 'invalidGroup(2147483647)' and 'dhGroup24(24)' are added
|
|
-- to data type 'Hh3cDiffHellmanGrp'.
|
|
-- 3) Value description of data type 'Hh3cDiffHellmanGrp' is changed
|
|
-- from 'modp768(1)' 'modp1024(2)' 'modp1536(5)' 'modp2048(14)'
|
|
-- to 'dhGroup1(1)' 'dhGroup2(2)' 'dhGroup5(5)' 'dhGroup14(14)'.
|
|
-- 4) 'aesCtr(11)', 'aesCamelliaCbc(12)', 'rc4(13)' and 'invalidAlg(2147483647)'
|
|
-- are added to data type 'Hh3cEncryptAlgo'.
|
|
-- 5) Value description of data type 'Hh3cAuthAlgo' is changed from
|
|
-- 'sha(2)' to 'sha1(2)'.
|
|
-- 6) 'sha256(3)', 'sha384(4)', 'sha512(5)' and 'invalidAlg(2147483647)'
|
|
-- are added to data type 'Hh3cAuthAlgo'.
|
|
-- 7) In order to describe the IPV4 and IPV6 address of a tunnel, four
|
|
-- nodes have added in Hh3cIKETunnelEntry.
|
|
-- These nodes are hh3cIKETunLocalInetAddrType, hh3cIKETunLocalInetAddr,
|
|
-- hh3cIKETunRemoteInetAddrType and hh3cIKETunRemoteInetAddr.
|
|
-- 8) 'hh3cIKETunLocalAddr' and 'hh3cIKETunRemoteAddr' are deprecated.
|
|
-- V1.5: Modified by Yangbaotao and Zhaoming Apr.25 2021
|
|
-- 1) One value 'gmMainMode(128)' is added to data type 'Hh3cIKENegoMode'.
|
|
-- 2) Two values 'rsaDigitalEnvelope(5)' and 'sm2DigitalEnvelope(6)' are added
|
|
-- to data type 'Hh3cIKEAuthMethod'.
|
|
-- 3) Four values 'sm1Cbc128(128)','sm1Cbc192(129)','sm1Cbc256(130)' and 'sm4Cbc(131)'
|
|
-- are added to data type 'Hh3cEncryptAlgo'.
|
|
-- 4) One value 'sm3(128)' is added to data type 'Hh3cAuthAlgo'.
|
|
-- Deprecated hh3cIKETunLocalValue1 and hh3cIKETunRemoteValue1,
|
|
-- added hh3cIKETunLocalValue3 and hh3cIKETunRemoteValue3.
|
|
-- =====================================================================
|
|
HH3C-IKE-MONITOR-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
DisplayString,TEXTUAL-CONVENTION
|
|
FROM SNMPv2-TC
|
|
IpAddress, Integer32, Counter32, Counter64, OBJECT-TYPE, MODULE-IDENTITY,
|
|
Gauge32, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
InetAddressType, InetAddress
|
|
FROM INET-ADDRESS-MIB
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
hh3cCommon
|
|
FROM HH3C-OID-MIB;
|
|
|
|
hh3cIKEMonitor MODULE-IDENTITY
|
|
LAST-UPDATED "202104241858Z" -- Apr. 25, 2021 GMT
|
|
ORGANIZATION
|
|
"New H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team New H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085"
|
|
DESCRIPTION
|
|
"The MIB is designed to get statistic information of
|
|
IKE tunnels. With this MIB, we can get information of a certain IKE tunnel
|
|
or all IKE tunnels"
|
|
REVISION "202104241858Z"
|
|
DESCRIPTION
|
|
"Data type Hh3cIKENegoMode,Hh3cIKEAuthMethod,Hh3cEncryptAlgo and Hh3cAuthAlgo are added.
|
|
Deprecate hh3cIKETunLocalValue1 and hh3cIKETunRemoteValue1,
|
|
add hh3cIKETunLocalValue3 and hh3cIKETunRemoteValue3."
|
|
::= { hh3cCommon 30 }
|
|
|
|
Hh3cIKENegoMode ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IKE negotiation mode."
|
|
SYNTAX INTEGER {
|
|
mainMode(2),
|
|
aggressiveMode(4),
|
|
quickMode(32),
|
|
gmMainMode(128)
|
|
|
|
}
|
|
|
|
Hh3cIKEAuthMethod ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication method used in IKE negotiations."
|
|
SYNTAX INTEGER {
|
|
preSharedKey(1),
|
|
dsaSignatures(2),
|
|
rsaSignatures(3),
|
|
rsaDigitalEnvelope(5),
|
|
sm2DigitalEnvelope(6)
|
|
}
|
|
|
|
Hh3cDiffHellmanGrp ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Diffie Hellman Group used in IKE and IPsec negotiations."
|
|
SYNTAX INTEGER {
|
|
none(0),
|
|
dhGroup1(1),
|
|
dhGroup2(2),
|
|
dhGroup5(5),
|
|
dhGroup14(14),
|
|
dhGroup24(24),
|
|
invalidGroup(2147483647)
|
|
}
|
|
|
|
Hh3cEncryptAlgo ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encryption algorithm used in IKE and IPsec negotiations."
|
|
SYNTAX INTEGER {
|
|
none(0),
|
|
desCbc(1),
|
|
ideaCbc(2),
|
|
blowfishCbc(3),
|
|
rc5R16B64Cbc(4),
|
|
tripleDesCbc(5),
|
|
castCbc(6),
|
|
aesCbc(7),
|
|
aesCbc128(8),
|
|
aesCbc192(9),
|
|
aesCbc256(10),
|
|
aesCtr(11),
|
|
aesCamelliaCbc(12),
|
|
rc4(13),
|
|
sm1Cbc128(128),
|
|
sm1Cbc192(129),
|
|
sm1Cbc256(130),
|
|
sm4Cbc(131),
|
|
invalidAlg(2147483647)
|
|
}
|
|
|
|
Hh3cAuthAlgo ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication algorithm used in IKE negotiations."
|
|
SYNTAX INTEGER {
|
|
none(0),
|
|
md5(1),
|
|
sha1(2),
|
|
sha256(3),
|
|
sha384(4),
|
|
sha512(5),
|
|
sm3(128),
|
|
invalidAlg(2147483647)
|
|
}
|
|
|
|
Hh3cTrapStatus ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The switch which determines whether send a trap or not."
|
|
SYNTAX INTEGER {
|
|
enabled(1),
|
|
disabled(2)
|
|
}
|
|
|
|
Hh3cIKEIDType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of IKE Identity."
|
|
SYNTAX INTEGER {
|
|
reserved(0),
|
|
ipv4Addr(1),
|
|
fqdn(2), -- fully-qualified domain name
|
|
userFqdn(3), -- fully-qualified username
|
|
ipv4AddrSubnet(4),
|
|
ipv6Addr(5),
|
|
ipv6AddrSubnet(6),
|
|
ipv4AddrRange(7),
|
|
ipv6AddrRange(8),
|
|
derAsn1Dn(9), -- the binary DER encoding of an ASN.1 X.500 Distinguished Name
|
|
-- [X.501] of the principal whose certificates are being exchanged
|
|
-- to establish the SA.
|
|
|
|
derAsn1Gn(10), -- the binary DER encoding of an ASN.1 X.500 GeneralName [X.509]
|
|
-- of the principal whose certificates are being exchanged to
|
|
-- establish the SA.
|
|
|
|
keyId(11) -- specifies an opaque byte stream which may be used to pass
|
|
-- vendor-specific information necessary to identify which
|
|
-- pre-shared key should be used to authenticate Aggressive
|
|
-- mode negotiations.
|
|
}
|
|
|
|
Hh3cIKETunnelState ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The state of the IKE tunnel."
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
timeout(2)
|
|
}
|
|
|
|
|
|
-- ========================================================================
|
|
-- Node definitions
|
|
-- ========================================================================
|
|
--Begin the node of hh3cIKEObjects.
|
|
|
|
hh3cIKEObjects OBJECT IDENTIFIER ::= { hh3cIKEMonitor 1 }
|
|
-- ================================================
|
|
-- Begin the table of hh3cIKETunnelTable.
|
|
-- ================================================
|
|
|
|
hh3cIKETunnelTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cIKETunnelEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPsec Phase-1 Internet Key Exchange Tunnel Table.
|
|
There is one entry in this table for each active IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKEObjects 1 }
|
|
|
|
hh3cIKETunnelEntry OBJECT-TYPE
|
|
SYNTAX Hh3cIKETunnelEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry contains the information about hh3cIKETunnelTable, such as negotiate mode,
|
|
encryption algorithm and authentication algorithm, etc."
|
|
INDEX { hh3cIKETunIndex }
|
|
::= { hh3cIKETunnelTable 1 }
|
|
|
|
Hh3cIKETunnelEntry ::=
|
|
SEQUENCE {
|
|
hh3cIKETunIndex
|
|
Integer32,
|
|
hh3cIKETunLocalType
|
|
Hh3cIKEIDType,
|
|
hh3cIKETunLocalValue1
|
|
DisplayString,
|
|
hh3cIKETunLocalValue2
|
|
DisplayString,
|
|
hh3cIKETunLocalAddr
|
|
IpAddress,
|
|
hh3cIKETunRemoteType
|
|
Hh3cIKEIDType,
|
|
hh3cIKETunRemoteValue1
|
|
DisplayString,
|
|
hh3cIKETunRemoteValue2
|
|
DisplayString,
|
|
hh3cIKETunRemoteAddr
|
|
IpAddress,
|
|
hh3cIKETunInitiator
|
|
INTEGER,
|
|
hh3cIKETunNegoMode
|
|
Hh3cIKENegoMode,
|
|
hh3cIKETunDiffHellmanGrp
|
|
Hh3cDiffHellmanGrp,
|
|
hh3cIKETunEncryptAlgo
|
|
Hh3cEncryptAlgo,
|
|
hh3cIKETunHashAlgo
|
|
Hh3cAuthAlgo,
|
|
hh3cIKETunAuthMethod
|
|
Hh3cIKEAuthMethod,
|
|
hh3cIKETunLifeTime
|
|
Integer32,
|
|
hh3cIKETunActiveTime
|
|
Integer32,
|
|
hh3cIKETunRemainTime
|
|
Integer32,
|
|
hh3cIKETunTotalRefreshes
|
|
Counter32,
|
|
hh3cIKETunState
|
|
Hh3cIKETunnelState,
|
|
hh3cIKETunDpdIntervalTime
|
|
Integer32,
|
|
hh3cIKETunDpdTimeOut
|
|
Integer32,
|
|
hh3cIKETunLocalInetAddrType
|
|
InetAddressType,
|
|
hh3cIKETunLocalInetAddr
|
|
InetAddress,
|
|
hh3cIKETunRemoteInetAddrType
|
|
InetAddressType,
|
|
hh3cIKETunRemoteInetAddr
|
|
InetAddress,
|
|
hh3cIKETunLocalValue3
|
|
OCTET STRING,
|
|
hh3cIKETunRemoteValue3
|
|
OCTET STRING
|
|
}
|
|
|
|
hh3cIKETunIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the IPsec Phase-1 IKE Tunnel Table.
|
|
The value of the index is a number which begins
|
|
at one and is incremented with each tunnel that
|
|
is created. The value of this object will wrap
|
|
at 2147483647."
|
|
::= { hh3cIKETunnelEntry 1 }
|
|
|
|
hh3cIKETunLocalType OBJECT-TYPE
|
|
SYNTAX Hh3cIKEIDType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of local peer identity."
|
|
::= { hh3cIKETunnelEntry 2 }
|
|
|
|
hh3cIKETunLocalValue1 OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The value of the local peer identity.
|
|
|
|
If the local peer type is ipv4Addr/ipv6Addr, this is the IP address
|
|
used to identify the local peer.
|
|
|
|
If the local peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
|
|
the subnet address.
|
|
|
|
If the local peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the beginning IP address of the range.
|
|
|
|
If the local peer type is fqdn/userFqdn, this is the host name
|
|
used to identify the local peer.
|
|
|
|
If the local peer type is derAsn1Dn, this is the binary DER
|
|
encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
|
|
principal whose certificates are being exchanged to establish
|
|
the SA.
|
|
|
|
If the local peer type is derAsn1Gn, this is the binary DER
|
|
encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
|
|
whose certificates are being exchanged to establish the SA.
|
|
|
|
If the local peer type is keyId, this is an opaque byte
|
|
stream which may be used to pass vendor-specific information
|
|
necessary to identify which pre-shared key should be used to
|
|
authenticate Aggressive mode negotiations.
|
|
|
|
The local peer identity may not exceed 255 characters in length.
|
|
The complete value will be displayed by hh3cIKETunLocalValue3"
|
|
::= { hh3cIKETunnelEntry 3 }
|
|
|
|
hh3cIKETunLocalValue2 OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The second specification of the local peer's IP address.
|
|
|
|
If the local peer type is ipv4AddrSubnet/ipv6AddrSubnet, this
|
|
is the subnet mask.
|
|
|
|
If the local peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the ending IP address of the range.
|
|
|
|
If the local peer type are others, this is a zero-length string."
|
|
::= { hh3cIKETunnelEntry 4 }
|
|
|
|
hh3cIKETunLocalAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The IP address of the local endpoint for the IPsec
|
|
Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 5 }
|
|
|
|
hh3cIKETunRemoteType OBJECT-TYPE
|
|
SYNTAX Hh3cIKEIDType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of remote peer identity."
|
|
::= { hh3cIKETunnelEntry 6 }
|
|
|
|
hh3cIKETunRemoteValue1 OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The value of the remote peer identity.
|
|
|
|
If the remote peer type is ipv4Addr/ipv6Addr, this is the IP address
|
|
used to identify the remote peer.
|
|
|
|
If the remote peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
|
|
the subnet address.
|
|
|
|
If the remote peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the beginning IP address of the range.
|
|
|
|
If the remote peer type is fqdn/userFqdn, this is the host name
|
|
used to identify the remote peer.
|
|
|
|
If the remote peer type is derAsn1Dn, this is the binary DER
|
|
encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
|
|
principal whose certificates are being exchanged to establish
|
|
the SA.
|
|
|
|
If the remote peer type is derAsn1Gn, this is the binary DER
|
|
encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
|
|
whose certificates are being exchanged to establish the SA.
|
|
|
|
If the remote peer type is keyId, this is an opaque byte
|
|
stream which may be used to pass vendor-specific information
|
|
necessary to identify which pre-shared key should be used to
|
|
authenticate Aggressive mode negotiations.
|
|
|
|
The remote peer identity may not exceed 255 characters in length.
|
|
The complete value will be displayed by hh3cIKETunRemoteValue3"
|
|
::= { hh3cIKETunnelEntry 7 }
|
|
|
|
hh3cIKETunRemoteValue2 OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The second specification of the remote peer's IP address.
|
|
|
|
If the remote peer type is ipv4AddrSubnet/ipv6AddrSubnet, this
|
|
is the subnet mask.
|
|
|
|
If the remote peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the ending IP address of the range.
|
|
|
|
If the remote peer type are others, this is a zero-length string."
|
|
::= { hh3cIKETunnelEntry 8 }
|
|
|
|
hh3cIKETunRemoteAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The IP address of the remote peer for the IPsec
|
|
Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 9 }
|
|
|
|
hh3cIKETunInitiator OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
local(1),
|
|
remote(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The initiator of this tunnel."
|
|
::= { hh3cIKETunnelEntry 10 }
|
|
|
|
hh3cIKETunNegoMode OBJECT-TYPE
|
|
SYNTAX Hh3cIKENegoMode
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The negotiation mode of the IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 11 }
|
|
|
|
hh3cIKETunDiffHellmanGrp OBJECT-TYPE
|
|
SYNTAX Hh3cDiffHellmanGrp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Diffie Hellman Group used in the IPsec Phase-1 IKE
|
|
negotiations."
|
|
::= { hh3cIKETunnelEntry 12 }
|
|
|
|
hh3cIKETunEncryptAlgo OBJECT-TYPE
|
|
SYNTAX Hh3cEncryptAlgo
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encryption algorithm used in the IPsec Phase-1 IKE
|
|
negotiations."
|
|
::= { hh3cIKETunnelEntry 13 }
|
|
|
|
hh3cIKETunHashAlgo OBJECT-TYPE
|
|
SYNTAX Hh3cAuthAlgo
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The hash algorithm used in the IPsec Phase-1 IKE
|
|
negotiations."
|
|
::= { hh3cIKETunnelEntry 14 }
|
|
|
|
hh3cIKETunAuthMethod OBJECT-TYPE
|
|
SYNTAX Hh3cIKEAuthMethod
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication method used in the IPsec Phase-1
|
|
IKE negotiations."
|
|
::= { hh3cIKETunnelEntry 15 }
|
|
|
|
hh3cIKETunLifeTime OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The negotiated LifeTime of the IPsec Phase-1
|
|
IKE Tunnel in seconds."
|
|
::= { hh3cIKETunnelEntry 16 }
|
|
|
|
hh3cIKETunActiveTime OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The duration the IPsec Phase-1 IKE tunnel
|
|
has been active in seconds."
|
|
::= { hh3cIKETunnelEntry 17 }
|
|
|
|
hh3cIKETunRemainTime OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The security association remaining time in
|
|
seconds."
|
|
::= { hh3cIKETunnelEntry 18 }
|
|
|
|
hh3cIKETunTotalRefreshes OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of security association
|
|
refreshing performed."
|
|
::= { hh3cIKETunnelEntry 19 }
|
|
|
|
hh3cIKETunState OBJECT-TYPE
|
|
SYNTAX Hh3cIKETunnelState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The State of IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 20 }
|
|
|
|
hh3cIKETunDpdIntervalTime OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "second"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time that trigger DPD request.
|
|
If ipsec message is expected to be sent out
|
|
and the interval time between current time
|
|
and the last time receiving peer's IPsec
|
|
message is bigger than this time, DPD request
|
|
would be triggered."
|
|
DEFVAL { 10 }
|
|
::= { hh3cIKETunnelEntry 21 }
|
|
|
|
hh3cIKETunDpdTimeOut OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "second"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The overtime of single DPD request.
|
|
If DPD requests are refused three times, all
|
|
security associations related would be deleted."
|
|
DEFVAL { 5 }
|
|
::= { hh3cIKETunnelEntry 22 }
|
|
|
|
hh3cIKETunLocalInetAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of the local peer's IP address."
|
|
::= { hh3cIKETunnelEntry 23 }
|
|
|
|
hh3cIKETunLocalInetAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the local peer for the IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 24 }
|
|
|
|
hh3cIKETunRemoteInetAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of the remote peer's IP address."
|
|
::= { hh3cIKETunnelEntry 25 }
|
|
|
|
hh3cIKETunRemoteInetAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the remote peer for the IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelEntry 26 }
|
|
|
|
hh3cIKETunLocalValue3 OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..2047))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the local peer identity.
|
|
|
|
If the local peer type is ipv4Addr/ipv6Addr, this is the IP address
|
|
used to identify the local peer.
|
|
|
|
If the local peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
|
|
the subnet address.
|
|
|
|
If the local peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the beginning IP address of the range.
|
|
|
|
If the local peer type is fqdn/userFqdn, this is the host name
|
|
used to identify the local peer.
|
|
|
|
If the local peer type is derAsn1Dn, this is the binary DER
|
|
encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
|
|
principal whose certificates are being exchanged to establish
|
|
the SA.
|
|
|
|
If the local peer type is derAsn1Gn, this is the binary DER
|
|
encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
|
|
whose certificates are being exchanged to establish the SA.
|
|
|
|
If the local peer type is keyId, this is an opaque byte
|
|
stream which may be used to pass vendor-specific information
|
|
necessary to identify which pre-shared key should be used to
|
|
authenticate Aggressive mode negotiations."
|
|
::= { hh3cIKETunnelEntry 27 }
|
|
|
|
hh3cIKETunRemoteValue3 OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..2047))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the remote peer identity.
|
|
|
|
If the remote peer type is ipv4Addr/ipv6Addr, this is the IP address
|
|
used to identify the remote peer.
|
|
|
|
If the remote peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
|
|
the subnet address.
|
|
|
|
If the remote peer type is ipv4AddrRange/ipv6AddrRange, this is
|
|
the beginning IP address of the range.
|
|
|
|
If the remote peer type is fqdn/userFqdn, this is the host name
|
|
used to identify the remote peer.
|
|
|
|
If the remote peer type is derAsn1Dn, this is the binary DER
|
|
encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
|
|
principal whose certificates are being exchanged to establish
|
|
the SA.
|
|
|
|
If the remote peer type is derAsn1Gn, this is the binary DER
|
|
encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
|
|
whose certificates are being exchanged to establish the SA.
|
|
|
|
If the remote peer type is keyId, this is an opaque byte
|
|
stream which may be used to pass vendor-specific information
|
|
necessary to identify which pre-shared key should be used to
|
|
authenticate Aggressive mode negotiations."
|
|
::= { hh3cIKETunnelEntry 28 }
|
|
-- =======================================
|
|
-- begin the table of hh3cIKETunnelStatTable.
|
|
-- =======================================
|
|
|
|
hh3cIKETunnelStatTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cIKETunnelStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPsec Phase-1 IKE Tunnel Statistic Table."
|
|
::= { hh3cIKEObjects 2 }
|
|
|
|
|
|
hh3cIKETunnelStatEntry OBJECT-TYPE
|
|
SYNTAX Hh3cIKETunnelStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry contains the information of hh3cIKETunnelStatTable,
|
|
such as the number of packets sent and received by the
|
|
IKE tunnel, etc."
|
|
INDEX { hh3cIKETunIndex }
|
|
::= { hh3cIKETunnelStatTable 1 }
|
|
|
|
Hh3cIKETunnelStatEntry ::=
|
|
SEQUENCE {
|
|
hh3cIKETunInOctets
|
|
Counter64,
|
|
hh3cIKETunInPkts
|
|
Counter64,
|
|
hh3cIKETunInDropPkts
|
|
Counter64,
|
|
hh3cIKETunInP2Exchgs
|
|
Counter64,
|
|
hh3cIKETunInP2ExchgRejets
|
|
Counter64,
|
|
hh3cIKETunInP2SaDelRequests
|
|
Counter64,
|
|
hh3cIKETunInP1SaDelRequests
|
|
Counter64,
|
|
hh3cIKETunInNotifys
|
|
Counter32,
|
|
hh3cIKETunOutOctets
|
|
Counter64,
|
|
hh3cIKETunOutPkts
|
|
Counter64,
|
|
hh3cIKETunOutDropPkts
|
|
Counter64,
|
|
hh3cIKETunOutP2Exchgs
|
|
Counter64,
|
|
hh3cIKETunOutP2ExchgRejects
|
|
Counter64,
|
|
hh3cIKETunOutP2SaDelRequests
|
|
Counter64,
|
|
hh3cIKETunOutP1SaDelRequests
|
|
Counter64,
|
|
hh3cIKETunOutNotifys
|
|
Counter32
|
|
}
|
|
|
|
hh3cIKETunInOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of octets received by
|
|
this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 1 }
|
|
|
|
hh3cIKETunInPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets received by
|
|
this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 2 }
|
|
|
|
hh3cIKETunInDropPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets dropped by this
|
|
IPsec Phase-1 IKE Tunnel during receiving process."
|
|
::= { hh3cIKETunnelStatEntry 3 }
|
|
|
|
hh3cIKETunInP2Exchgs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges
|
|
received by this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 4 }
|
|
|
|
hh3cIKETunInP2ExchgRejets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges
|
|
received and rejected by this IPsec Phase-1 Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 5 }
|
|
|
|
hh3cIKETunInP2SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 security association
|
|
deleting requests received by this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 6 }
|
|
|
|
hh3cIKETunInP1SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1
|
|
security association deleting requests."
|
|
::= { hh3cIKETunnelStatEntry 7 }
|
|
|
|
hh3cIKETunInNotifys OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of notifications received by this
|
|
IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 8 }
|
|
|
|
hh3cIKETunOutOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of octets sent by this IPsec
|
|
Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 9 }
|
|
|
|
hh3cIKETunOutPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets sent by this IPsec
|
|
Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 10 }
|
|
|
|
hh3cIKETunOutDropPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets dropped by this
|
|
IPsec Phase-1 IKE Tunnel during sending process."
|
|
::= { hh3cIKETunnelStatEntry 11 }
|
|
|
|
hh3cIKETunOutP2Exchgs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges sent
|
|
by this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 12 }
|
|
|
|
hh3cIKETunOutP2ExchgRejects OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges sent
|
|
and rejected by this IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 13 }
|
|
|
|
hh3cIKETunOutP2SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 security
|
|
association deleting requests sent by this
|
|
IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 14 }
|
|
|
|
hh3cIKETunOutP1SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1 security
|
|
association deleting requests sent by this
|
|
IPsec Phase-1 IKE Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 15 }
|
|
|
|
hh3cIKETunOutNotifys OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of notifications sent by this IPsec
|
|
Phase-1 Tunnel."
|
|
::= { hh3cIKETunnelStatEntry 16 }
|
|
|
|
-- =======================================
|
|
-- Begin the hh3cIKEGlobalStats.
|
|
-- =======================================
|
|
|
|
hh3cIKEGlobalStats OBJECT IDENTIFIER ::= { hh3cIKEObjects 3 }
|
|
|
|
hh3cIKEGlobalActiveTunnels OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of currently active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 1 }
|
|
|
|
hh3cIKEGlobalInOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of octets received by all currently and
|
|
previously active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 2 }
|
|
|
|
hh3cIKEGlobalInPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets received by all
|
|
currently and previously active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 3 }
|
|
|
|
hh3cIKEGlobalInDropPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets which were dropped during receiving
|
|
process by all currently and previously active IPsec Phase-1
|
|
IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 4 }
|
|
|
|
hh3cIKEGlobalInP2Exchgs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges received by all
|
|
currently and previously active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 5 }
|
|
|
|
hh3cIKEGlobalInP2ExchgRejects OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges which were
|
|
received and rejected by all currently and previously
|
|
active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 6 }
|
|
|
|
hh3cIKEGlobalInP2SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 security association
|
|
deleting requests received by all currently and previously
|
|
active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 7 }
|
|
|
|
hh3cIKEGlobalInNotifys OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of notifications received by all IPsec
|
|
Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 8 }
|
|
|
|
hh3cIKEGlobalOutOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of octets sent by all currently
|
|
and previously active and IPsec Phase-1 IKE Tunnels. "
|
|
::= { hh3cIKEGlobalStats 9 }
|
|
|
|
hh3cIKEGlobalOutPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets sent by all currently
|
|
and previously active and IPsec Phase-1 Tunnels."
|
|
::= { hh3cIKEGlobalStats 10 }
|
|
|
|
hh3cIKEGlobalOutDropPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets which were dropped during
|
|
sending process by all currently and previously active
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 11 }
|
|
|
|
hh3cIKEGlobalOutP2Exchgs OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges which were
|
|
sent by all currently and previously active IPsec
|
|
Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 12 }
|
|
|
|
hh3cIKEGlobalOutP2ExchgRejects OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 exchanges which
|
|
were sent and rejected by all currently and previously
|
|
active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 13 }
|
|
|
|
hh3cIKEGlobalOutP2SaDelRequests OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-2 SA deleting requests sent
|
|
by all currently and previously active IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 14 }
|
|
|
|
hh3cIKEGlobalOutNotifys OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of notifications sent by all active IPsec
|
|
Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 15 }
|
|
|
|
hh3cIKEGlobalInitTunnels OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1 IKE Tunnels which
|
|
were locally initiated."
|
|
::= { hh3cIKEGlobalStats 16 }
|
|
|
|
hh3cIKEGlobalInitTunnelFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1 IKE Tunnels which
|
|
were locally initiated and failed to activate."
|
|
::= { hh3cIKEGlobalStats 17 }
|
|
|
|
hh3cIKEGlobalRespTunnels OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1 IKE Tunnels which
|
|
were remotely initiated."
|
|
::= { hh3cIKEGlobalStats 18 }
|
|
|
|
hh3cIKEGlobalRespTunnelFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of IPsec Phase-1 IKE Tunnels which
|
|
were remotely initiated and failed to activate."
|
|
::= { hh3cIKEGlobalStats 19 }
|
|
|
|
hh3cIKEGlobalAuthFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of authentications which ended in
|
|
failure by all current and previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 20 }
|
|
|
|
hh3cIKEGlobalNoSaFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of non-existent Security Association
|
|
in failures which occurred during processing of all
|
|
current and previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 21 }
|
|
|
|
hh3cIKEGlobalInvalidCookieFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of invalid cookie in failures which
|
|
occurred during processing of all current and previous
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 22 }
|
|
|
|
hh3cIKEGlobalAttrNotSuppFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of attributes not supported in failures
|
|
which occurred during processing of all current and previous
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 23 }
|
|
|
|
hh3cIKEGlobalNoProposalChosenFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of no proposal chosen in failures which
|
|
occurred during processing of all current and previous
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 24 }
|
|
|
|
hh3cIKEGlobalUnsportExchTypeFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of unsupported exchange type in failures
|
|
which occurred during processing of all current and
|
|
previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 25 }
|
|
|
|
hh3cIKEGlobalInvalidIdFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of invalid id Information in failures
|
|
which occurred during processing of all current and
|
|
previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 26 }
|
|
|
|
hh3cIKEGlobalInvalidProFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of invalid protocol id in failures which
|
|
occurred during processing of all current and previous
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 27 }
|
|
|
|
hh3cIKEGlobalCertTypeUnsuppFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of certificate type unsupported in failures
|
|
which occurred during processing of all current and
|
|
previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 28 }
|
|
|
|
hh3cIKEGlobalInvalidCertAuthFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of failures because of invalid certificate authority
|
|
which occurred during processing of all current and
|
|
previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 29 }
|
|
|
|
hh3cIKEGlobalInvalidSignFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of failures because of the invalid signature which
|
|
occurred during processing of all current and previous
|
|
IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 30 }
|
|
|
|
hh3cIKEGlobalCertUnavailableFails OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of certificate unavailable in failures
|
|
which occurred during processing of all current and
|
|
previous IPsec Phase-1 IKE Tunnels."
|
|
::= { hh3cIKEGlobalStats 31 }
|
|
|
|
-- =======================================
|
|
-- Begin the hh3cIKETrapObject.
|
|
-- =======================================
|
|
|
|
hh3cIKETrapObject OBJECT IDENTIFIER ::= { hh3cIKEObjects 4 }
|
|
|
|
hh3cIKEProposalNumber OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IKE proposal's number with a trap."
|
|
::= { hh3cIKETrapObject 1 }
|
|
|
|
hh3cIKEProposalSize OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of IKE proposals with a trap."
|
|
::= { hh3cIKETrapObject 2 }
|
|
|
|
hh3cIKEIdInformation OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The id information with a trap."
|
|
::= { hh3cIKETrapObject 3 }
|
|
|
|
hh3cIKEProtocolNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol number with a trap"
|
|
::= { hh3cIKETrapObject 4 }
|
|
|
|
hh3cIKECertInformation OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The certificate information with a trap."
|
|
::= { hh3cIKETrapObject 5 }
|
|
|
|
|
|
-- =======================================
|
|
-- Begin the hh3cIKETrapCntl.
|
|
-- =======================================
|
|
|
|
hh3cIKETrapCntl OBJECT IDENTIFIER ::= { hh3cIKEObjects 5 }
|
|
|
|
hh3cIKETrapGlobalCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether all IKE traps should be generated."
|
|
::= { hh3cIKETrapCntl 1 }
|
|
|
|
|
|
hh3cIKETunnelStartTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKETunnelStart traps should be generated."
|
|
::= { hh3cIKETrapCntl 2 }
|
|
|
|
hh3cIKETunnelStopTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKETunnelStop traps should be generated."
|
|
::= { hh3cIKETrapCntl 3 }
|
|
|
|
hh3cIKENoSaTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKENoSaFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 4 }
|
|
|
|
hh3cIKEEncryFailureTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEEncryFailFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 5 }
|
|
|
|
hh3cIKEDecryFailureTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEDecryFailFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 6 }
|
|
|
|
hh3cIKEInvalidProposalTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidProposalFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 7 }
|
|
|
|
hh3cIKEAuthFailTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEAuthFailFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 8 }
|
|
|
|
hh3cIKEInvalidCookieTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidCookieFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 9 }
|
|
|
|
hh3cIKEInvalidSpiTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidSpiFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 10 }
|
|
|
|
hh3cIKEAttrNotSuppTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEAttrNotSuppFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 11 }
|
|
|
|
hh3cIKEUnsportExchTypeTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEUnsportExchTypeFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 12 }
|
|
|
|
hh3cIKEInvalidIdTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidIdFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 13 }
|
|
|
|
hh3cIKEInvalidProtocolTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidProtocolFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 14 }
|
|
|
|
hh3cIKECertTypeUnsuppTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKECertTypeUnsuppFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 15 }
|
|
|
|
hh3cIKEInvalidCertAuthTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidCertAuthFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 16 }
|
|
|
|
hh3cIKEInvalidSignTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEInvalidSignFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 17 }
|
|
|
|
hh3cIKECertUnavailableTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKECertUnavailableFailure traps should be generated."
|
|
::= { hh3cIKETrapCntl 18 }
|
|
|
|
hh3cIKEProposalAddTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEProposalAdd traps should be generated."
|
|
::= { hh3cIKETrapCntl 19 }
|
|
|
|
hh3cIKEProposalDelTrapCntl OBJECT-TYPE
|
|
SYNTAX Hh3cTrapStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cIKEProposalDel traps should be generated."
|
|
::= { hh3cIKETrapCntl 20 }
|
|
|
|
-- ================================================
|
|
-- definition of traps.
|
|
-- ================================================
|
|
|
|
hh3cIKETrap OBJECT IDENTIFIER ::= { hh3cIKEObjects 6 }
|
|
hh3cIKENotifications OBJECT IDENTIFIER ::= { hh3cIKETrap 1 }
|
|
|
|
hh3cIKETunnelStart NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunLifeTime,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when an IPsec Phase-1
|
|
IKE Tunnel is created."
|
|
::= { hh3cIKENotifications 1 }
|
|
|
|
hh3cIKETunnelStop NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunActiveTime,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when an IPsec Phase-1
|
|
IKE Tunnel is deleted."
|
|
::= { hh3cIKENotifications 2 }
|
|
|
|
hh3cIKENoSaFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IKE tunnel
|
|
has a non-existent SA error."
|
|
::= { hh3cIKENotifications 3 }
|
|
|
|
hh3cIKEEncryFailFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IKE tunnel
|
|
has an encrypting failure."
|
|
::= { hh3cIKENotifications 4 }
|
|
|
|
hh3cIKEDecryFailFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IKE tunnel
|
|
has a decrypting failure."
|
|
::= { hh3cIKENotifications 5 }
|
|
|
|
hh3cIKEInvalidProposalFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
invalid proposal occurs."
|
|
::= { hh3cIKENotifications 6 }
|
|
|
|
hh3cIKEAuthFailFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
authentication failure occurs."
|
|
::= { hh3cIKENotifications 7 }
|
|
|
|
hh3cIKEInvalidCookieFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
invalid cookie failure occurs."
|
|
::= { hh3cIKENotifications 8 }
|
|
|
|
hh3cIKEAttrNotSuppFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1 unsupported
|
|
attribute failure occurs."
|
|
::= { hh3cIKENotifications 9 }
|
|
|
|
hh3cIKEUnsportExchTypeFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
unsupported exchange type failure occurs."
|
|
::= { hh3cIKENotifications 10 }
|
|
|
|
hh3cIKEInvalidIdFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKEIdInformation,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
invalid id failure occurs."
|
|
::= { hh3cIKENotifications 11 }
|
|
|
|
hh3cIKEInvalidProtocolFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKEProtocolNum,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the processing for
|
|
an IPsec Phase-1 IKE Tunnel has a protocol related errors."
|
|
::= { hh3cIKENotifications 12 }
|
|
|
|
hh3cIKECertTypeUnsuppFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKECertInformation,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
unsupported certificate type failure occurs."
|
|
::= { hh3cIKENotifications 13 }
|
|
|
|
hh3cIKEInvalidCertAuthFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKECertInformation,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
invalid certificate authorization failure occurs."
|
|
::= { hh3cIKENotifications 14 }
|
|
|
|
hh3cIKElInvalidSignFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKECertInformation,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
invalid signature failure occurs."
|
|
::= { hh3cIKENotifications 15 }
|
|
|
|
hh3cIKECertUnavailableFailure NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKECertInformation,
|
|
hh3cIKETunIndex,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the IPsec phase-1
|
|
certificate unavailable failure occurs."
|
|
::= { hh3cIKENotifications 16 }
|
|
|
|
hh3cIKEProposalAdd NOTIFICATION-TYPE
|
|
OBJECTS { hh3cIKEProposalNumber,
|
|
hh3cIKEProposalSize
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when an IKE proposal is added."
|
|
::= { hh3cIKENotifications 17 }
|
|
|
|
hh3cIKEProposalDel NOTIFICATION-TYPE
|
|
OBJECTS { hh3cIKEProposalNumber,
|
|
hh3cIKEProposalSize
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when an IKE proposal is deleted."
|
|
::= { hh3cIKENotifications 18 }
|
|
|
|
-- =======================================
|
|
-- Begin the hh3cIKEScalarObjects.
|
|
-- =======================================
|
|
hh3cIKEScalarObjects OBJECT IDENTIFIER ::= { hh3cIKEObjects 7 }
|
|
|
|
hh3cIKEMIBVersion OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Version string of this MIB."
|
|
::= { hh3cIKEScalarObjects 1 }
|
|
|
|
-- =======================================
|
|
-- Conformance Information
|
|
-- =======================================
|
|
hh3cIKEConformance OBJECT IDENTIFIER
|
|
::= { hh3cIKEMonitor 2 }
|
|
hh3cIKECompliances OBJECT IDENTIFIER
|
|
::= { hh3cIKEConformance 1 }
|
|
hh3cIKEGroups OBJECT IDENTIFIER
|
|
::= { hh3cIKEConformance 2 }
|
|
|
|
-- =======================================
|
|
-- Compliance Statements
|
|
-- =======================================
|
|
hh3cIKECompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
" "
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS
|
|
{
|
|
hh3cIKETunnelTableGroup,
|
|
hh3cIKETunnelStatTableGroup,
|
|
hh3cIKEGlobalStatsGroup,
|
|
hh3cIKETrapObjectGroup,
|
|
hh3cIKETrapCntlGroup,
|
|
hh3cIKETrapGroup,
|
|
hh3cIKEScalarObjectsGroup
|
|
}
|
|
::= { hh3cIKECompliances 1 }
|
|
|
|
hh3cIKETunnelTableGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKETunLocalType,
|
|
hh3cIKETunLocalValue1,
|
|
hh3cIKETunLocalValue2,
|
|
hh3cIKETunLocalAddr,
|
|
hh3cIKETunRemoteType,
|
|
hh3cIKETunRemoteValue1,
|
|
hh3cIKETunRemoteValue2,
|
|
hh3cIKETunRemoteAddr,
|
|
hh3cIKETunInitiator,
|
|
hh3cIKETunNegoMode,
|
|
hh3cIKETunDiffHellmanGrp,
|
|
hh3cIKETunEncryptAlgo,
|
|
hh3cIKETunHashAlgo,
|
|
hh3cIKETunAuthMethod,
|
|
hh3cIKETunLifeTime,
|
|
hh3cIKETunActiveTime,
|
|
hh3cIKETunRemainTime,
|
|
hh3cIKETunTotalRefreshes,
|
|
hh3cIKETunState,
|
|
hh3cIKETunDpdIntervalTime,
|
|
hh3cIKETunDpdTimeOut,
|
|
hh3cIKETunLocalInetAddrType,
|
|
hh3cIKETunLocalInetAddr,
|
|
hh3cIKETunRemoteInetAddrType,
|
|
hh3cIKETunRemoteInetAddr,
|
|
hh3cIKETunLocalValue3,
|
|
hh3cIKETunRemoteValue3
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains the IKE tunnel's property information."
|
|
::= { hh3cIKEGroups 1 }
|
|
|
|
|
|
hh3cIKETunnelStatTableGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKETunInOctets ,
|
|
hh3cIKETunInPkts,
|
|
hh3cIKETunInDropPkts,
|
|
hh3cIKETunInP2Exchgs,
|
|
hh3cIKETunInP2ExchgRejets,
|
|
hh3cIKETunInP2SaDelRequests,
|
|
hh3cIKETunInP1SaDelRequests,
|
|
hh3cIKETunInNotifys,
|
|
hh3cIKETunOutOctets,
|
|
hh3cIKETunOutPkts,
|
|
hh3cIKETunOutDropPkts,
|
|
hh3cIKETunOutP2Exchgs,
|
|
hh3cIKETunOutP2ExchgRejects,
|
|
hh3cIKETunOutP2SaDelRequests,
|
|
hh3cIKETunOutP1SaDelRequests,
|
|
hh3cIKETunOutNotifys
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains the IKE tunnel's statistic information."
|
|
::= { hh3cIKEGroups 2 }
|
|
|
|
hh3cIKEGlobalStatsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKEGlobalActiveTunnels,
|
|
hh3cIKEGlobalInOctets,
|
|
hh3cIKEGlobalInPkts,
|
|
hh3cIKEGlobalInDropPkts,
|
|
hh3cIKEGlobalInP2Exchgs,
|
|
hh3cIKEGlobalInP2ExchgRejects,
|
|
hh3cIKEGlobalInP2SaDelRequests,
|
|
hh3cIKEGlobalInNotifys,
|
|
hh3cIKEGlobalOutOctets,
|
|
hh3cIKEGlobalOutPkts,
|
|
hh3cIKEGlobalOutDropPkts,
|
|
hh3cIKEGlobalOutP2Exchgs,
|
|
hh3cIKEGlobalOutP2ExchgRejects,
|
|
hh3cIKEGlobalOutP2SaDelRequests,
|
|
hh3cIKEGlobalOutNotifys,
|
|
hh3cIKEGlobalInitTunnels,
|
|
hh3cIKEGlobalInitTunnelFails,
|
|
hh3cIKEGlobalRespTunnels,
|
|
hh3cIKEGlobalRespTunnelFails,
|
|
hh3cIKEGlobalAuthFails,
|
|
hh3cIKEGlobalNoSaFails,
|
|
hh3cIKEGlobalInvalidCookieFails,
|
|
hh3cIKEGlobalAttrNotSuppFails,
|
|
hh3cIKEGlobalNoProposalChosenFails,
|
|
hh3cIKEGlobalUnsportExchTypeFails,
|
|
hh3cIKEGlobalInvalidIdFails,
|
|
hh3cIKEGlobalInvalidProFails,
|
|
hh3cIKEGlobalCertTypeUnsuppFails,
|
|
hh3cIKEGlobalInvalidCertAuthFails,
|
|
hh3cIKEGlobalInvalidSignFails,
|
|
hh3cIKEGlobalCertUnavailableFails
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of the IKE tunnel's statistic information."
|
|
::= { hh3cIKEGroups 3 }
|
|
|
|
hh3cIKETrapObjectGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKEProposalNumber,
|
|
hh3cIKEProposalSize,
|
|
hh3cIKEIdInformation,
|
|
hh3cIKEProtocolNum,
|
|
hh3cIKECertInformation
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap objects of IKE tunnels."
|
|
::= { hh3cIKEGroups 4 }
|
|
|
|
hh3cIKETrapCntlGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKETrapGlobalCntl,
|
|
hh3cIKETunnelStartTrapCntl,
|
|
hh3cIKETunnelStopTrapCntl,
|
|
hh3cIKENoSaTrapCntl,
|
|
hh3cIKEEncryFailureTrapCntl,
|
|
hh3cIKEDecryFailureTrapCntl,
|
|
hh3cIKEInvalidProposalTrapCntl,
|
|
hh3cIKEAuthFailTrapCntl,
|
|
hh3cIKEInvalidCookieTrapCntl,
|
|
hh3cIKEInvalidSpiTrapCntl,
|
|
hh3cIKEAttrNotSuppTrapCntl,
|
|
hh3cIKEUnsportExchTypeTrapCntl,
|
|
hh3cIKEInvalidIdTrapCntl,
|
|
hh3cIKEInvalidProtocolTrapCntl,
|
|
hh3cIKECertTypeUnsuppTrapCntl,
|
|
hh3cIKEInvalidCertAuthTrapCntl,
|
|
hh3cIKEInvalidSignTrapCntl,
|
|
hh3cIKECertUnavailableTrapCntl,
|
|
hh3cIKEProposalAddTrapCntl,
|
|
hh3cIKEProposalDelTrapCntl
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap switches of IKE tunnels."
|
|
::= { hh3cIKEGroups 5 }
|
|
|
|
hh3cIKETrapGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
hh3cIKETunnelStart,
|
|
hh3cIKETunnelStop,
|
|
hh3cIKENoSaFailure,
|
|
hh3cIKEEncryFailFailure,
|
|
hh3cIKEDecryFailFailure,
|
|
hh3cIKEInvalidProposalFailure,
|
|
hh3cIKEAuthFailFailure,
|
|
hh3cIKEInvalidCookieFailure,
|
|
hh3cIKEAttrNotSuppFailure,
|
|
hh3cIKEUnsportExchTypeFailure,
|
|
hh3cIKEInvalidIdFailure,
|
|
hh3cIKEInvalidProtocolFailure,
|
|
hh3cIKECertTypeUnsuppFailure,
|
|
hh3cIKEInvalidCertAuthFailure,
|
|
hh3cIKElInvalidSignFailure,
|
|
hh3cIKECertUnavailableFailure,
|
|
hh3cIKEProposalAdd,
|
|
hh3cIKEProposalDel
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap of IKE tunnels."
|
|
::= { hh3cIKEGroups 6 }
|
|
|
|
hh3cIKEScalarObjectsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cIKEMIBVersion
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of scalar objects of the MIB."
|
|
::= { hh3cIKEGroups 7 }
|
|
|
|
END
|