ALCATEL-IND1-IPSEC-MIB

File: ALCATEL-IND1-IPSEC-MIB.mib (47960 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMP-FRAMEWORK-MIB
SNMPv2-CONF INET-ADDRESS-MIB ALCATEL-IND1-BASE

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Integer32
Unsigned32 Counter32 TEXTUAL-CONVENTION
RowStatus TruthValue SnmpAdminString
MODULE-COMPLIANCE OBJECT-GROUP InetAddressType
InetAddress softentIND1IPsec

Defined Types

IPsecDescription  
Optional description of a table entry.
TEXTUAL-CONVENTION    
  OCTET STRING Size(0..200)  

IPsecPortNumber  
A port number value. 0 is the wildcard value to match any port.
TEXTUAL-CONVENTION    
  Integer32 0..65535  

IPsecPrefixLength  
Significant bits in an IPv6 address prefix. 0..32 is the valid range for IPv4 addresses. 0..128 is valid for IPv6 addresses
TEXTUAL-CONVENTION    
  Integer32 0..128  

IPsecULProtocol  
An upper-layer protocol number. 255 is the wildcard value to match any protocol.
TEXTUAL-CONVENTION    
  Integer32 0..255  

IPsecAdminState  
Administrative state.
TEXTUAL-CONVENTION    
  INTEGER enabled(1), disabled(2)  

IPsecSAType  
SA type.
TEXTUAL-CONVENTION    
  INTEGER ah(2), esp(3)  

IPsecESPAlgorithm  
ESP algorithms.
TEXTUAL-CONVENTION    
  INTEGER none(0), descbc(2), des3cbc(3), null(11), aescbc(12), aesctr(13)  

IPsecAHAlgorithm  
AH algorithms.
TEXTUAL-CONVENTION    
  INTEGER none(0), hmacmd5(2), hmacsha1(3), aesxcbcmac(9)  

IPsecOperationalState  
Operational state. enabled(1) - The entry is enabled. disabled(2) - The entry is administratively disabled or DNS resolution has experienced a permanent failure. dnspending(3) - Awaiting DNS resolution before making the entry active.
TEXTUAL-CONVENTION    
  INTEGER enabled(1), disabled(2), dnspending(3)  

AlaIPsecSecurityKeyEntry  
SEQUENCE    
  alaIPsecSecurityKeyID Unsigned32
  alaIPsecSecurityKeyCurrent OCTET STRING
  alaIPsecSecurityKeyNew OCTET STRING

AlaIPsecStatisticsEntry  
SEQUENCE    
  alaIPsecStatisticsProtocol INTEGER
  alaIPsecStatisticsInSuccessful Counter32
  alaIPsecStatisticsInPolicyViolation Counter32
  alaIPsecStatisticsInNoSA Counter32
  alaIPsecStatisticsInUnknownSPI Counter32
  alaIPsecStatisticsInAHReplay Counter32
  alaIPsecStatisticsInESPReplay Counter32
  alaIPsecStatisticsInAHAuthenticationSuccess Counter32
  alaIPsecStatisticsInAHAuthenticationFail Counter32
  alaIPsecStatisticsInESPAuthenticationSuccess Counter32
  alaIPsecStatisticsInESPAuthenticationFail Counter32
  alaIPsecStatisticsInBadPacket Counter32
  alaIPsecStatisticsInNoMemory Counter32
  alaIPsecStatisticsOutSuccessful Counter32
  alaIPsecStatisticsOutPolicyViolation Counter32
  alaIPsecStatisticsOutNoSA Counter32
  alaIPsecStatisticsOutBadPacket Counter32
  alaIPsecStatisticsOutNoMemory Counter32
  alaIPsecStatisticsInDiscarded Counter32
  alaIPsecStatisticsOutDiscarded Counter32

AlaIPsecSecurityPolicyEntry  
SEQUENCE    
  alaIPsecSecurityPolicyID Unsigned32
  alaIPsecSecurityPolicySourceType InetAddressType
  alaIPsecSecurityPolicySource InetAddress
  alaIPsecSecurityPolicySourcePrefixLength IPsecPrefixLength
  alaIPsecSecurityPolicySourcePort IPsecPortNumber
  alaIPsecSecurityPolicyDestinationType InetAddressType
  alaIPsecSecurityPolicyDestination InetAddress
  alaIPsecSecurityPolicyDestinationPrefixLength IPsecPrefixLength
  alaIPsecSecurityPolicyDestinationPort IPsecPortNumber
  alaIPsecSecurityPolicyULProtocol IPsecULProtocol
  alaIPsecSecurityPolicyICMPv6Type Integer32
  alaIPsecSecurityPolicyDirection INTEGER
  alaIPsecSecurityPolicyName SnmpAdminString
  alaIPsecSecurityPolicyDescription IPsecDescription
  alaIPsecSecurityPolicyAction INTEGER
  alaIPsecSecurityPolicyAdminState IPsecAdminState
  alaIPsecSecurityPolicyOperationalState IPsecOperationalState
  alaIPsecSecurityPolicyPriority Integer32
  alaIPsecSecurityPolicyRowStatus RowStatus

AlaIPsecSecurityPolicyRuleEntry  
SEQUENCE    
  alaIPsecSecurityPolicyRuleIndex Unsigned32
  alaIPsecSecurityPolicyRuleProtocol INTEGER
  alaIPsecSecurityPolicyRuleMode INTEGER
  alaIPsecSecurityPolicyRuleRowStatus RowStatus

AlaIPsecSAConfigEntry  
SEQUENCE    
  alaIPsecSAConfigID Unsigned32
  alaIPsecSAConfigType IPsecSAType
  alaIPsecSAConfigSourceType InetAddressType
  alaIPsecSAConfigSource InetAddress
  alaIPsecSAConfigDestinationType InetAddressType
  alaIPsecSAConfigDestination InetAddress
  alaIPsecSAConfigSPI Unsigned32
  alaIPsecSAConfigName SnmpAdminString
  alaIPsecSAConfigDescription IPsecDescription
  alaIPsecSAConfigEncryptionAlgorithm IPsecESPAlgorithm
  alaIPsecSAConfigEncryptionKeyLength Unsigned32
  alaIPsecSAConfigAuthenticationAlgorithm IPsecAHAlgorithm
  alaIPsecSAConfigAdminState IPsecAdminState
  alaIPsecSAConfigOperationalState IPsecOperationalState
  alaIPsecSAConfigRowStatus RowStatus

AlaIPsecKeyEntry  
SEQUENCE    
  alaIPsecKeyID Unsigned32
  alaIPsecKeyType INTEGER
  alaIPsecKeyName OCTET STRING
  alaIPsecKey OCTET STRING
  alaIPsecKeyEncrypted TruthValue
  alaIPsecKeyRowStatus RowStatus

AlaIPsecErrorsEntry  
SEQUENCE    
  alaIPsecErrorsProtocol INTEGER
  alaIPsecErrorsInPolicyViolation Counter32
  alaIPsecErrorsInNoSA Counter32
  alaIPsecErrorsInReplay Counter32
  alaIPsecErrorsInAuthenticationFail Counter32
  alaIPsecErrorsInDiscarded Counter32
  alaIPsecErrorsInOther Counter32
  alaIPsecErrorsOutNoSA Counter32
  alaIPsecErrorsOutDiscarded Counter32
  alaIPsecErrorsOutOther Counter32

Defined Values

alcatelIND1IPsecMIB 1.3.6.1.4.1.6486.801.1.2.1.43.1
This module describes an authoritative enterprise-specific Simple Network Management Protocol (SNMP) Management Information Base (MIB): Proprietary IPsec MIB definitions The right to make changes in specification and other information contained in this document without prior notice is reserved. No liability shall be assumed for any incidental, indirect, special, or consequential damages whatsoever arising from or related to this document or the information contained herein. Vendors, end-users, and other interested parties are granted non-exclusive license to use this specification in connection with management of the products for which it is intended to be used. Copyright (C) 1995-2010 Alcatel-Lucent ALL RIGHTS RESERVED WORLDWIDE
MODULE-IDENTITY    

alcatelIND1IPsecMIBObjects 1.3.6.1.4.1.6486.801.1.2.1.43.1.1
OBJECT IDENTIFIER    

alaIPsecConfig 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1
OBJECT IDENTIFIER    

alaIPsecSecurityKeyTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.1
Table allowing the configuration of the switch's IPsec security key. The security key is used to encrypt and IPsec related information retained in permanent storage. There is always a single row in this table with an index value of 1.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecSecurityKeyEntry

alaIPsecSecurityKeyEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.1.1
The security key entry.
OBJECT-TYPE    
  AlaIPsecSecurityKeyEntry  

alaIPsecSecurityKeyID 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.1.1.1
The row's identifier. Only one entry is ever present, with an ID value of 1.
OBJECT-TYPE    
  Unsigned32  

alaIPsecSecurityKeyCurrent 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.1.1.2
The current value of the 16-byte IPsec security key. If an attempt is made to read the value of this object, a zero-length octet string will be returned.
OBJECT-TYPE    
  OCTET STRING Size(0..16)  

alaIPsecSecurityKeyNew 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.1.1.3
Used to set a new 16-byte value for the IPsec security key. Both alaIPsecSecurityKeyCurrent (with its correct value) and alaIPsecSecurityKeyNew must be specified in the same SNMP SET message. If alaIPsecSecurityKeyCurrent is not present, or if its value is incorrect, the attempt to set a new key will fail. If an attempt is made to read the value of this object, a zero-length octet string will be returned.
OBJECT-TYPE    
  OCTET STRING Size(0..16)  

alaIPsecStatisticsTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2
Table allowing the IPv6 statistics to be retrieved.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecStatisticsEntry

alaIPsecStatisticsEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1
The statistics entry.
OBJECT-TYPE    
  AlaIPsecStatisticsEntry  

alaIPsecStatisticsProtocol 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.1
IP protocol version covered by the IPsec statistics.
OBJECT-TYPE    
  INTEGER ipv6(6)  

alaIPsecStatisticsInSuccessful 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.2
Number of incoming packets requiring IPsec processing that were successfully handled.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInPolicyViolation 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.3
Number of incoming packets that were dropped because of policy violations.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInNoSA 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.4
Number of incoming packets dropped because no matching SA was found.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInUnknownSPI 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.5
Number of incoming packets dropped because the SPI was unknown.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInAHReplay 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.6
Number of incoming packets that failed the AH replay check.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInESPReplay 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.7
Number of incoming packets taht failed the ESP replay check.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInAHAuthenticationSuccess 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.8
Number of incoming packets that successfully passed AH authentication.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInAHAuthenticationFail 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.9
Number of incoming packets that failed AH authentication.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInESPAuthenticationSuccess 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.10
Number of incoming packets that successfully passed ESP authentication.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInESPAuthenticationFail 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.11
Number of incoming packets that failed ESP authentication.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInBadPacket 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.12
Number of incoming packets requiring IPsec processing that were not valid.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInNoMemory 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.13
Number of incoming IPsec packets dropped because no memory was available.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutSuccessful 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.14
Number of outgoing packets requiring IPsec processing that were successfully handled.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutPolicyViolation 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.15
Number of outgoing packets dropped because of a policy violation.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutNoSA 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.16
Number of outgoing packets dropped because no matching SA was found.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutBadPacket 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.17
Number of outgoing packets requiring IPsec processing that were not valid.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutNoMemory 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.18
Number of outgoing IPsec packets dropped because no memory was available.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsInDiscarded 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.19
Number of incoming packets dropped because they matched a discard policy.
OBJECT-TYPE    
  Counter32  

alaIPsecStatisticsOutDiscarded 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.1.2.1.20
Number of outgoing packets dropped because they matched a discard policy.
OBJECT-TYPE    
  Counter32  

alaIPsecSecurityPolicyTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2
Table allowing the configuration of IPsec security policies.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecSecurityPolicyEntry

alaIPsecSecurityPolicyEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1
A security policy entry.
OBJECT-TYPE    
  AlaIPsecSecurityPolicyEntry  

alaIPsecSecurityPolicyID 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.1
A unique identifier for this security policy. When creating a new policy, a zero value must be specified. An available policy ID will then be automatically assigned to the policy.
OBJECT-TYPE    
  Unsigned32  

alaIPsecSecurityPolicySourceType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.2
The type of source address specified. Currently only ipv6(2) is allowed.
OBJECT-TYPE    
  InetAddressType  

alaIPsecSecurityPolicySource 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.3
The source of packets covered by this policy.
OBJECT-TYPE    
  InetAddress  

alaIPsecSecurityPolicySourcePrefixLength 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.4
The number of bits of the source address used to determine which packets are covered by this policy. The default value varies depending upon the type of source address specified: IPv4 - 32 IPv6 - 128 DNS name - 0 (any other value is ignored)
OBJECT-TYPE    
  IPsecPrefixLength  

alaIPsecSecurityPolicySourcePort 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.5
The source port of packets covered by this policy. To match packets from any port, specify the 0 wildcard value. A wildcard policy will only be used when there is no exact match to a destination port in another entry.
OBJECT-TYPE    
  IPsecPortNumber  

alaIPsecSecurityPolicyDestinationType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.6
The type of destination address specified. Currently only ipv6(2) is allowed.
OBJECT-TYPE    
  InetAddressType  

alaIPsecSecurityPolicyDestination 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.7
The destination of packets covered by this policy.
OBJECT-TYPE    
  InetAddress  

alaIPsecSecurityPolicyDestinationPrefixLength 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.8
The number of bits of the destination prefix used to determine which packets are covered by this policy. The default value varies depending upon the type of destination address specified: IPv4 - 32 IPv6 - 128 DNS name - 0 (any other value is ignored)
OBJECT-TYPE    
  IPsecPrefixLength  

alaIPsecSecurityPolicyDestinationPort 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.9
The destination port of packets covered by this policy. To match packets from any port, specify the 0 wildcard value. A wildcard policy will only be used when there is no exact match to a destination port in another entry.
OBJECT-TYPE    
  IPsecPortNumber  

alaIPsecSecurityPolicyULProtocol 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.10
The upper-layer protocol of packets covered by this policy. To match all protocols, specify the 255 wildcard value. A wildcard policy will only be used when there is no exact match to the protocol value specified in another entry.
OBJECT-TYPE    
  IPsecULProtocol  

alaIPsecSecurityPolicyICMPv6Type 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.11
If the upper-layer protocol is ICMPv6, an ICMPv6 type value may be specified to restrict the policy to a specific packet type. To match all ICMPv6 packets, the 0 wildcard value should be specified.
OBJECT-TYPE    
  Integer32 0..255  

alaIPsecSecurityPolicyDirection 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.12
The direction of traffic covered by this policy.
OBJECT-TYPE    
  INTEGER in(1), out(2)  

alaIPsecSecurityPolicyName 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.13
A name for this policy.
OBJECT-TYPE    
  SnmpAdminString Size(1..20)  

alaIPsecSecurityPolicyDescription 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.14
A detailed description of this policy.
OBJECT-TYPE    
  IPsecDescription  

alaIPsecSecurityPolicyAction 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.15
The action to take on traffic covered by this policy. discard(0) means that all traffic covered by the policy will be discarded. none(1) means that no IPsec processing will be done on the traffic covered by this policy. ipsec(2) means that IPsec processing will take place on the traffic. One or more rules should be defined in the IPsec Rule Table. If no rules are defined processing is identical to none(0) being specified.
OBJECT-TYPE    
  INTEGER discard(0), none(1), ipsec(2)  

alaIPsecSecurityPolicyAdminState 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.16
Allows a policy to be administratively enabled or disabled.
OBJECT-TYPE    
  IPsecAdminState  

alaIPsecSecurityPolicyOperationalState 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.17
The operational state of this policy.
OBJECT-TYPE    
  IPsecOperationalState  

alaIPsecSecurityPolicyPriority 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.18
The priority for this policy. When traffic would be covered by multiple policies the policy with the highest priority value is used. If two policies have the same priority, the one configured first has precedence.
OBJECT-TYPE    
  Integer32 1..1000  

alaIPsecSecurityPolicyRowStatus 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.2.1.19
Used to control the addition and removal of security policy entries.
OBJECT-TYPE    
  RowStatus  

alaIPsecSecurityPolicyRuleTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3
Table allowing the configuration of the IPsec rules for a security policy.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecSecurityPolicyRuleEntry

alaIPsecSecurityPolicyRuleEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3.1
A security policy entry.
OBJECT-TYPE    
  AlaIPsecSecurityPolicyRuleEntry  

alaIPsecSecurityPolicyRuleIndex 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3.1.1
Index specifying the order in which multiple rules for the same security policy will be applied. Rules are indexed by the order in which they are applied to the original payload. For example, for a security policy where an IPv6 payload should be protected by an ESP header, which should be protected by an AH header, there would be two Rule Table entries. The ESP entry would have an index of 1 (first rule applied to the payload). The AH entry would have an index of 2 (second rule applied).
OBJECT-TYPE    
  Unsigned32 1..10  

alaIPsecSecurityPolicyRuleProtocol 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3.1.2
Indicates the type of header required by the rule.
OBJECT-TYPE    
  INTEGER ah(1), esp(2)  

alaIPsecSecurityPolicyRuleMode 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3.1.3
The mode in which the rule's protocol is running. At present, only transport(1) is allowed. Until tunnel mode is supported, transport(1) will be treated as the default value.
OBJECT-TYPE    
  INTEGER transport(1)  

alaIPsecSecurityPolicyRuleRowStatus 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.3.1.4
Used to control the addition and removal of security policy IPsec rule entries.
OBJECT-TYPE    
  RowStatus  

alaIPsecSAConfigTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4
Table allowing the manual configuration of Security Associations in the Security Association Database (SAD).
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecSAConfigEntry

alaIPsecSAConfigEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1
Manually configured security association (SA) parameters.
OBJECT-TYPE    
  AlaIPsecSAConfigEntry  

alaIPsecSAConfigID 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.1
A unique identifier for this manually configured SA. When creating a new SA, a zero value must be specified. An available ID will then be automatically assigned to the SA.
OBJECT-TYPE    
  Unsigned32  

alaIPsecSAConfigType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.2
The type of this SA: AH or ESP. Once set, the type may not be changed.
OBJECT-TYPE    
  IPsecSAType  

alaIPsecSAConfigSourceType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.3
The type of source address specified. Currently only ipv6(2) is allowed.
OBJECT-TYPE    
  InetAddressType  

alaIPsecSAConfigSource 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.4
The source of packets covered by this SA.
OBJECT-TYPE    
  InetAddress  

alaIPsecSAConfigDestinationType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.5
The type of destination address specified. Currently only ipv6(2) is allowed.
OBJECT-TYPE    
  InetAddressType  

alaIPsecSAConfigDestination 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.6
The destination of packets covered by this SA.
OBJECT-TYPE    
  InetAddress  

alaIPsecSAConfigSPI 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.7
The Security Parameters Index (SPI) of this SA.
OBJECT-TYPE    
  Unsigned32  

alaIPsecSAConfigName 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.8
The name of this manually configured SA.
OBJECT-TYPE    
  SnmpAdminString Size(1..20)  

alaIPsecSAConfigDescription 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.9
A detailed description for the manually created IPsec SA.
OBJECT-TYPE    
  IPsecDescription  

alaIPsecSAConfigEncryptionAlgorithm 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.10
For an ESP SA, defines the encryption algorithm to be used. null(11) should be specified if ESP is being used for integrity only. If null(11) is specified, alaIPsecSAConfigAuthenticationAlgorithm may not be none(0). aesctr(13) is not valid for manually configured SAs. The value of this object is none(0) for AH SAs.
OBJECT-TYPE    
  IPsecESPAlgorithm  

alaIPsecSAConfigEncryptionKeyLength 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.11
For those algorithms where multiple key lengths are supported, specifies the key length to be used. Zero may be specified to use the default key length.
OBJECT-TYPE    
  Unsigned32  

alaIPsecSAConfigAuthenticationAlgorithm 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.12
Defines the authentication algorithm to be used. For ESP SAs, none(0) may be specified for encryption-only ESP. For ESP integrity-only, ESP integrity and encryption, or for AH SAs, hmacmd5(2), hmacsha1(3), or aesxcbcmac(9) must be specified.
OBJECT-TYPE    
  IPsecAHAlgorithm  

alaIPsecSAConfigAdminState 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.13
Allows a manually configured SA to be administratively enabled or disabled.
OBJECT-TYPE    
  IPsecAdminState  

alaIPsecSAConfigOperationalState 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.14
The operational state of the manually configured SA.
OBJECT-TYPE    
  IPsecOperationalState  

alaIPsecSAConfigRowStatus 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.4.1.15
Used to control the addition and removal of manually configured IPsec SAs.
OBJECT-TYPE    
  RowStatus  

alaIPsecKeyTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5
Table used to configure the keys used by manually configured Security Associations in the IPsec Security Association Configuration table.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecKeyEntry

alaIPsecKeyEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1
An IPsec key. Keys in the table must be uniquely identified by the combination of key type and key name. However, since the key name can be up to 255 characters, beyond the 128-element size limit for SNMP index objects, the key ID is used to uniquely identify a key for SNMP access.
OBJECT-TYPE    
  AlaIPsecKeyEntry  

alaIPsecKeyID 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.1
A unique identifier for this key. When creating a new key, a zero value must be specified. An available ID will then be automatically assigned to the key.
OBJECT-TYPE    
  Unsigned32  

alaIPsecKeyType 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.2
Indicates if the key is to be used for encryption or authentication by a SA. Once a key is created, its type may not be changed.
OBJECT-TYPE    
  INTEGER saAuthentication(1), saEncryption(2)  

alaIPsecKeyName 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.3
The name of the key. For manually-configured SA keys, the name is limited to a maximum length of 20 characters and should correspond to an entry in the alaIPsecSAConfigTable. The key name may not be changed once a key is created.
OBJECT-TYPE    
  OCTET STRING Size(1..255)  

alaIPsecKey 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.4
The key value. The value specified must match the required key length for the algorithm using the key. If an attempt is made to read the value of this object a zero-length octet string will be returned.
OBJECT-TYPE    
  OCTET STRING  

alaIPsecKeyEncrypted 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.5
If true, the key value is specified in AOS encrypted form. For example, keys being restored from the configuration file.
OBJECT-TYPE    
  TruthValue  

alaIPsecKeyRowStatus 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.5.1.6
Used to control the addition and removal of keys.
OBJECT-TYPE    
  RowStatus  

alaIPsecErrorsTable 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6
Table allowing retrieval of the IPsec error counters.
OBJECT-TYPE    
  SEQUENCE OF  
    AlaIPsecErrorsEntry

alaIPsecErrorsEntry 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1
The error counters entry.
OBJECT-TYPE    
  AlaIPsecErrorsEntry  

alaIPsecErrorsProtocol 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.1
IP protocol version covered by the IPsec error counters.
OBJECT-TYPE    
  INTEGER ipv6(6)  

alaIPsecErrorsInPolicyViolation 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.2
Number of incoming packets that were dropped because of policy violations.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsInNoSA 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.3
Number of incoming packets dropped because no matching SA was found.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsInReplay 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.4
Number of incoming packets that failed a replay check.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsInAuthenticationFail 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.5
Number of incoming packets that failed authentication.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsInDiscarded 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.6
Number of incoming packets dropped because they matched a discard policy.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsInOther 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.7
Number of incoming packets dropped for a reason not otherwise counted.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsOutNoSA 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.8
Number of outgoing packets dropped because no matching SA was found.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsOutDiscarded 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.9
Number of outgoing packets dropped because they matched a discard policy.
OBJECT-TYPE    
  Counter32  

alaIPsecErrorsOutOther 1.3.6.1.4.1.6486.801.1.2.1.43.1.1.6.1.10
Number of outgoing packets dropped for a reason not otherwise counted.
OBJECT-TYPE    
  Counter32  

alcatelIND1IPsecMIBConformance 1.3.6.1.4.1.6486.801.1.2.1.43.1.2
OBJECT IDENTIFIER    

alcatelIND1IPsecMIBCompliances 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.1
OBJECT IDENTIFIER    

alcatelIND1IPsecMIBGroups 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2
OBJECT IDENTIFIER    

alaIPsecCompliance 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.1.1
The compliance statement for Alcatel switches implementing ALCATEL-IND1-IPSEC-MIB.
MODULE-COMPLIANCE    

alaIPsecConfigGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.1
A collection of objects to support global configuration of IPsec.
OBJECT-GROUP    

alaIPsecSecurityPolicyGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.2
A collection of objects to support management of IPsec security policies.
OBJECT-GROUP    

alaIPsecSAConfigGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.3
A collection of objects to support management of manually configured IPsec SAs.
OBJECT-GROUP    

alaIPsecKeyGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.4
A collection of objects to support management of keys.
OBJECT-GROUP    

alaIPsecCountersGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.5
A collection of objects to support management of IPsec counters.
OBJECT-GROUP    

alaIPsecStatisticsGroup 1.3.6.1.4.1.6486.801.1.2.1.43.1.2.2.6
A collection of objects to support management of IPsec statistics.
OBJECT-GROUP