CISCO-IKE-CONFIGURATION-MIB

File: CISCO-IKE-CONFIGURATION-MIB.mib (53214 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
INET-ADDRESS-MIB CISCO-IPSEC-TC CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE NOTIFICATION-TYPE
Unsigned32 RowStatus TruthValue
TEXTUAL-CONVENTION MODULE-COMPLIANCE OBJECT-GROUP
NOTIFICATION-GROUP InetAddress InetAddressType
InetAddressPrefixLength CIPsecPhase1PeerIdentityType CIPsecIkeAuthMethod
CIPsecDiffHellmanGrp CIPsecIkeHashAlgorithm CIPsecEncryptAlgorithm
CIPsecIkePRFAlgorithm CIKEIsakmpDoi CIKELifetime
CIPsecControlProtocol CIKELifesize ciscoMgmt

Defined Types

CicIkeConfigPskIndex  
TEXTUAL-CONVENTION    
  current Unsigned32 1..65535

CicIkeConfigInitiatorIndex  
TEXTUAL-CONVENTION    
  current Unsigned32 1..65535

CicIkeCfgIdentityEntry  
SEQUENCE    
  cicIkeCfgIdentityDoi CIKEIsakmpDoi
  cicIkeCfgIdentityType CIPsecPhase1PeerIdentityType

CicIkeCfgInitiatorNextAvailEntry  
SEQUENCE    
  cicIkeCfgInitiatorNextAvailIndex CicIkeConfigInitiatorIndex

CicIkeCfgInitiatorEntry  
SEQUENCE    
  cicIkeCfgInitiatorIndex CicIkeConfigInitiatorIndex
  cicIkeCfgInitiatorPAddrType CIPsecPhase1PeerIdentityType
  cicIkeCfgInitiatorPAddr STRING
  cicIkeCfgInitiatorVer CIPsecControlProtocol
  cicIkeCfgInitiatorStatus RowStatus

CicIkeCfgFailureRecovConfigEntry  
SEQUENCE    
  cicIkeKeepAliveEnabled TruthValue
  cicIkeKeepAliveType INTEGER
  cicIkeKeepAliveInterval Unsigned32
  cicIkeKeepAliveRetryInterval Unsigned32
  cicIkeInvalidSpiNotify TruthValue

CicIkeCfgPskNextAvailEntry  
SEQUENCE    
  cicIkeCfgPskNextAvailIndex CicIkeConfigPskIndex

CicIkeCfgPskEntry  
SEQUENCE    
  cicIkeCfgPskIndex CicIkeConfigPskIndex
  cicIkeCfgPskKey STRING
  cicIkeCfgPskRemIdentType CIPsecPhase1PeerIdentityType
  cicIkeCfgPskRemIdentTypeStand InetAddressType
  cicIkeCfgPskRemIdentity STRING
  cicIkeCfgPskRemIdAddrOrRg1OrSn InetAddress
  cicIkeCfgPskRemIdAddrRange2 InetAddress
  cicIkeCfgPskRemIdSubnetMask InetAddressPrefixLength
  cicIkeCfgPskStatus RowStatus

CicIkeCfgPolicyEntry  
SEQUENCE    
  cicIkeCfgPolicyPriority Unsigned32
  cicIkeCfgPolicyEncr CIPsecEncryptAlgorithm
  cicIkeCfgPolicyHash CIPsecIkeHashAlgorithm
  cicIkeCfgPolicyPRF CIPsecIkePRFAlgorithm
  cicIkeCfgPolicyAuth CIPsecIkeAuthMethod
  cicIkeCfgPolicyDHGroup CIPsecDiffHellmanGrp
  cicIkeCfgPolicyLifetime CIKELifetime
  cicIkeCfgPolicyLifesize CIKELifesize
  cicIkeCfgPolicyStatus RowStatus

Defined Values

ciscoIkeConfigMIB 1.3.6.1.4.1.9.9.423
This is a MIB Module for configuring and viewing IKE parameters and policies. Acronyms The following acronyms are used in this document: IPsec: Secure IP Protocol VPN: Virtual Private Network ISAKMP: Internet Security Association and Key Exchange Protocol IKE: Internet Key Exchange Protocol DOI: Domain of Interpretation (of the attributes of IKE protocol in the context of a specific Phase-2 protocol). SA: Security Association (ref: rfc2408). SPI: Security Parameter Index is the pointer or identifier used in accessing SA attributes (ref: rfc2408). MM: Main Mode - the process of setting up a Phase 1 SA to secure the exchanges required to setup Phase 2 SAs Phase 1 Tunnel: An ISAKMP SA can be regarded as representing a flow of ISAKMP/IKE traffic. Hence an ISAKMP is referred to as a 'Phase 1 Tunnel' in this document. Phase 2 Tunnel: A Phase 2 Tunnel is an instance of a non-ISAKMP SA bundle in which all the SA share the same proxy identifiers (IDii,IDir) and protect the same stream of application traffic. Note that a Phase 2 tunnel may comprise one SA bundle at any given point of time, but the SA bundle changes with time due to key refresh. History of the MIB This MIB was originally written as CISCO-IPSEC-MIB which combined the configuration of IKE and IPsec protocols into a single MIB.
MODULE-IDENTITY    

cicIkeConfigMIBNotifs 1.3.6.1.4.1.9.9.423.0
OBJECT IDENTIFIER    

cicIkeConfigMIBObjects 1.3.6.1.4.1.9.9.423.1
OBJECT IDENTIFIER    

cicIkeConfigMIBConform 1.3.6.1.4.1.9.9.423.2
OBJECT IDENTIFIER    

cicIkeCfgOperations 1.3.6.1.4.1.9.9.423.1.1
OBJECT IDENTIFIER    

cicIkeCfgIdentities 1.3.6.1.4.1.9.9.423.1.2
OBJECT IDENTIFIER    

cicIkeCfgFailureRecovery 1.3.6.1.4.1.9.9.423.1.3
OBJECT IDENTIFIER    

cicIkeCfgPeerAuth 1.3.6.1.4.1.9.9.423.1.4
OBJECT IDENTIFIER    

cicIkeCfgPskAuthConfig 1.3.6.1.4.1.9.9.423.1.4.1
OBJECT IDENTIFIER    

cicIkeCfgNonceAuthConfig 1.3.6.1.4.1.9.9.423.1.4.2
OBJECT IDENTIFIER    

cicIkeCfgPkiAuthConfig 1.3.6.1.4.1.9.9.423.1.4.3
OBJECT IDENTIFIER    

cicIkeCfgPolicies 1.3.6.1.4.1.9.9.423.1.5
OBJECT IDENTIFIER    

cicIkeCfgServiceControl 1.3.6.1.4.1.9.9.423.1.6
OBJECT IDENTIFIER    

cicIkeCfgCallAdmssionnCtrl 1.3.6.1.4.1.9.9.423.1.6.1
OBJECT IDENTIFIER    

cicIkeCfgQoSControl 1.3.6.1.4.1.9.9.423.1.6.2
OBJECT IDENTIFIER    

cicIkeConfigMibNotifCntl 1.3.6.1.4.1.9.9.423.1.7
OBJECT IDENTIFIER    

cicIkeEnabled 1.3.6.1.4.1.9.9.423.1.1.1
This object reflects the operational status (enabled/ disabled) of the IKE entity on the managed device. 'true' - IKE is enabled. 'false' - IKE is disabled.
OBJECT-TYPE    
  TruthValue  

cicIkeAggressModeEnabled 1.3.6.1.4.1.9.9.423.1.1.2
This object reflects if the IKE entity on the managed device performs aggressive mode negotiations. 'true' - IKE entity performs aggressive mode negotiations. 'false' - IKE entity does not perform aggressive mode negotiations.
OBJECT-TYPE    
  TruthValue  

cicIkeCfgIdentityTable 1.3.6.1.4.1.9.9.423.1.2.1
The table containing the list of Phase-1 identities used by the IKE protocol for the different Phase-2 DOIs it operates in.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgIdentityEntry

cicIkeCfgIdentityEntry 1.3.6.1.4.1.9.9.423.1.2.1.1
Each entry represents a Phase-1 identity used by IKE for a specific Phase-2 DOI.
OBJECT-TYPE    
  CicIkeCfgIdentityEntry  

cicIkeCfgIdentityDoi 1.3.6.1.4.1.9.9.423.1.2.1.1.1
This is the DOI type that is supported by this IKE entity on the managed device and for which the Phase-1 identity corresponding to this conceptual row is being defined.
OBJECT-TYPE    
  CIKEIsakmpDoi  

cicIkeCfgIdentityType 1.3.6.1.4.1.9.9.423.1.2.1.1.2
The Phase I identity type used by the Phase-2 DOI corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cicIkeCfgInitiatorNextAvailTable 1.3.6.1.4.1.9.9.423.1.2.2
The table providing the next available index for the cicIkeCfgInitiatorTable, in a domain of interpretation(DOI), identified by cicIkeCfgIdentityDoi. This value is only a recommended value, but the user can choose to use a different value to create an entry in the cicIkeCfgInitiatorTable.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgInitiatorNextAvailEntry

cicIkeCfgInitiatorNextAvailEntry 1.3.6.1.4.1.9.9.423.1.2.2.1
Each entry represents a next available index for the cicIkeCfgInitiatorTable.
OBJECT-TYPE    
  CicIkeCfgInitiatorNextAvailEntry  

cicIkeCfgInitiatorNextAvailIndex 1.3.6.1.4.1.9.9.423.1.2.2.1.1
The object specifies the next available index for object cicIkeCfgInitiatorIndex which can be used for creating an entry in cicIkeCfgInitiatorTable.
OBJECT-TYPE    
  CicIkeConfigInitiatorIndex  

cicIkeCfgInitiatorTable 1.3.6.1.4.1.9.9.423.1.2.3
The table containing the IKE version initiators for peers.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgInitiatorEntry

cicIkeCfgInitiatorEntry 1.3.6.1.4.1.9.9.423.1.2.3.1
Each entry represents the IKE protocol version initiated when connecting to a remote peer.
OBJECT-TYPE    
  CicIkeCfgInitiatorEntry  

cicIkeCfgInitiatorIndex 1.3.6.1.4.1.9.9.423.1.2.3.1.1
An arbitrary value identifying the configured IKE version initiated for a peer in this domain of interpretation, identified by cicIkeCfgIdentityDoi, on a managed device. This object could have the same value as cicIkeCfgInitiatorNextAvailIndex.
OBJECT-TYPE    
  CicIkeConfigInitiatorIndex  

cicIkeCfgInitiatorPAddrType 1.3.6.1.4.1.9.9.423.1.2.3.1.2
The Phase 1 ID type of the remote peer for which this IKE protocol initiator is configured. This object cannot be modified while the corresponding value of cicIkeCfgInitiatorStatus is equal to 'active'.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cicIkeCfgInitiatorPAddr 1.3.6.1.4.1.9.9.423.1.2.3.1.3
This object represents the address of the remote peer corresponding to this conceptual row. This object cannot be modified while the corresponding value of cicIkeCfgInitiatorStatus is equal to 'active'.
OBJECT-TYPE    
  STRING Size(1..255)  

cicIkeCfgInitiatorVer 1.3.6.1.4.1.9.9.423.1.2.3.1.4
This object represents the IKE protocol version used when connecting to a remote peer specified in cicIkeCfgInitiatorPAddr. This object cannot be modified while the corresponding value of cicIkeCfgInitiatorStatus is equal to 'active'.
OBJECT-TYPE    
  CIPsecControlProtocol  

cicIkeCfgInitiatorStatus 1.3.6.1.4.1.9.9.423.1.2.3.1.5
The status of this conceptual row. To configure an IKE version initiator entry, the NMS must do a multivarbind set containing cicIkeCfgInitiatorPAddrType, cicIkeCfgInitiatorPAddr and cicIkeCfgInitiatorVer. Creation of row can only be done via 'createAndGo'. To remove a row, set this object value to 'destroy'.
OBJECT-TYPE    
  RowStatus  

cicIkeCfgFailureRecovConfigTable 1.3.6.1.4.1.9.9.423.1.3.1
The table containing the failure recovery configuration for IKE per supported DOI in the managed entity.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgFailureRecovConfigEntry

cicIkeCfgFailureRecovConfigEntry 1.3.6.1.4.1.9.9.423.1.3.1.1
Each entry represents a Phase I failure recovery configuration for the Phase 2 DOI corresponding to the conceptual row.
OBJECT-TYPE    
  CicIkeCfgFailureRecovConfigEntry  

cicIkeKeepAliveEnabled 1.3.6.1.4.1.9.9.423.1.3.1.1.1
This object reflects if the IKE entity in the managed device performs keepalives with all the peers for the DOI corresponding to this conceptual row. 'true' - keepalives are performed. 'false' - no keepalives are performed.
OBJECT-TYPE    
  TruthValue  

cicIkeKeepAliveType 1.3.6.1.4.1.9.9.423.1.3.1.1.2
This object reflects the type of keepalives to be used by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row.
OBJECT-TYPE    
  INTEGER none(1), periodic(2), ondemand(3)  

cicIkeKeepAliveInterval 1.3.6.1.4.1.9.9.423.1.3.1.1.3
This object reflects the keepalive interval in seconds used by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row.
OBJECT-TYPE    
  Unsigned32 1..86400  

cicIkeKeepAliveRetryInterval 1.3.6.1.4.1.9.9.423.1.3.1.1.4
This object reflects the keepalive retry interval in seconds used by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row.
OBJECT-TYPE    
  Unsigned32 1..600  

cicIkeInvalidSpiNotify 1.3.6.1.4.1.9.9.423.1.3.1.1.5
This object reflects if the IKE entity on the managed device notifies any peer when an IPsec Phase-1 or Phase-2 packet with an invalid SPI is received from that peer for the DOI corresponding to this conceptual row. 'true' - IKE entity notifies peer. 'false' - IKE entity does not notify peer.
OBJECT-TYPE    
  TruthValue  

cicIkeCfgPskNextAvailTable 1.3.6.1.4.1.9.9.423.1.4.1.1
The table providing the next available index for the cicIkeCfgPskTable, in a domain of interpretation(DOI), identified by cicIkeCfgIdentityDoi. This value is only a recommended value, but the user can choose to use a different value to create an entry in the cicIkeCfgPskTable.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgPskNextAvailEntry

cicIkeCfgPskNextAvailEntry 1.3.6.1.4.1.9.9.423.1.4.1.1.1
Each entry represents a next available index for the cicIkeCfgPskTable.
OBJECT-TYPE    
  CicIkeCfgPskNextAvailEntry  

cicIkeCfgPskNextAvailIndex 1.3.6.1.4.1.9.9.423.1.4.1.1.1.1
The object specifies the next available index for object cicIkeCfgPskIndex which can be used for creating an entry in cicIkeCfgPskTable.
OBJECT-TYPE    
  CicIkeConfigPskIndex  

cicIkeCfgPskTable 1.3.6.1.4.1.9.9.423.1.4.1.2
The table containing the list of pre shared authentication keys configured to be used by IKE protocol catalogued by the DOI and the peer identity. It is possible to have multiple peers per DOI.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgPskEntry

cicIkeCfgPskEntry 1.3.6.1.4.1.9.9.423.1.4.1.2.1
Each entry represents a configured pre-shared authentication key for a specific peer.
OBJECT-TYPE    
  CicIkeCfgPskEntry  

cicIkeCfgPskIndex 1.3.6.1.4.1.9.9.423.1.4.1.2.1.1
An arbitrary value identifying the configured pre-shared keys for IKE entity in this domain of interpretation, identified by cicIkeCfgIdentityDoi, on a managed device. This object could have the same value as cicIkeCfgPskNextAvailIndex.
OBJECT-TYPE    
  CicIkeConfigPskIndex  

cicIkeCfgPskKey 1.3.6.1.4.1.9.9.423.1.4.1.2.1.2
The pre-shared authorization key used in authenticating the peer corresponding to this conceptual row. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'active'.
OBJECT-TYPE    
  STRING Size(1..255)  

cicIkeCfgPskRemIdentType 1.3.6.1.4.1.9.9.423.1.4.1.2.1.3
The Phase 1 ID type of the remote peer identity for which this preshared key is configured. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'active'.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cicIkeCfgPskRemIdentTypeStand 1.3.6.1.4.1.9.9.423.1.4.1.2.1.4
If the object 'cicIkeCfgPskRemIdentType' is one of idIpv4Addr idIpv6Addr idIpv4AddrRange idIpv6AddrRange idIpv4AddrSubnet idIpv6AddrSubnet then this object contains the type of InetAddress for the corresponding value(s) of cicIkeCfgPskRemIdAddrOrRg1OrSn, cicIkeCfgPskRemIdAddrRange2 and/or cicIkeCfgPskRemIdSubnetMask. This object would have a value 'unknown', for other values of cicIkeCfgPskRemIdentType.
OBJECT-TYPE    
  InetAddressType  

cicIkeCfgPskRemIdentity 1.3.6.1.4.1.9.9.423.1.4.1.2.1.5
The Phase 1 ID identity of the peer for which this preshared key is configured on the local entity. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'active'.
OBJECT-TYPE    
  STRING Size(1..255)  

cicIkeCfgPskRemIdAddrOrRg1OrSn 1.3.6.1.4.1.9.9.423.1.4.1.2.1.6
If the object cicIkeCfgPskRemIdentType is one of idIpv4Addr idIpv6Addr idIpv4AddrRange idIpv6AddrRange idIpv4AddrSubnet idIpv6AddrSubnet then this object contains the first or only component of the Phase 1 identity. Otherwise, the value contained in this object will be a zero length string which should be disregarded.
OBJECT-TYPE    
  InetAddress  

cicIkeCfgPskRemIdAddrRange2 1.3.6.1.4.1.9.9.423.1.4.1.2.1.7
If the object cicIkeCfgPskRemIdentType is one of idIpv4AddrRange idIpv6AddrRange then this object contains the second component of the Phase 1 identity. Otherwise, the value contained in this object will be a zero length string which should be disregarded.
OBJECT-TYPE    
  InetAddress  

cicIkeCfgPskRemIdSubnetMask 1.3.6.1.4.1.9.9.423.1.4.1.2.1.8
If the object 'cicIkeCfgPskRemIdentType' is one of idIpv4AddrSubnet idIpv6AddrSubnet then this object contains the second component of the Phase 1 identity. Otherwise, the value contained in this object will be zero which should be disregarded.
OBJECT-TYPE    
  InetAddressPrefixLength  

cicIkeCfgPskStatus 1.3.6.1.4.1.9.9.423.1.4.1.2.1.9
The status of this conceptual row. To configure an pre shared authentication key entry, the NMS must do a multivarbind set containing cicIkeCfgPskKey, cicIkeCfgPskRemIdentType,cicIkeCfgPskRemIdentity. Creation of row can only be done via 'createAndGo'. To remove a row, set this object value to 'destroy'.
OBJECT-TYPE    
  RowStatus  

cicIkeCfgPolicyTable 1.3.6.1.4.1.9.9.423.1.5.1
The table containing the list of all ISAKMP policy entries configured by the operator.
OBJECT-TYPE    
  SEQUENCE OF  
    CicIkeCfgPolicyEntry

cicIkeCfgPolicyEntry 1.3.6.1.4.1.9.9.423.1.5.1.1
Each entry contains the attributes associated with a single ISAKMP Policy entry.
OBJECT-TYPE    
  CicIkeCfgPolicyEntry  

cicIkeCfgPolicyPriority 1.3.6.1.4.1.9.9.423.1.5.1.1.1
The priority of this ISAKMP Policy entry. The policy with lower value would take precedence over the policy with higher value in the same DOI.
OBJECT-TYPE    
  Unsigned32 1..65534  

cicIkeCfgPolicyEncr 1.3.6.1.4.1.9.9.423.1.5.1.1.2
The encryption transform specified by this ISAKMP policy specification. The Internet Key Exchange (IKE) tunnels setup using this policy item would use the specified encryption transform to protect the ISAKMP PDUs.
OBJECT-TYPE    
  CIPsecEncryptAlgorithm  

cicIkeCfgPolicyHash 1.3.6.1.4.1.9.9.423.1.5.1.1.3
The hash transform specified by this ISAKMP policy specification. The IKE tunnels setup using this policy item would use the specified hash transform to protect the ISAKMP PDUs.
OBJECT-TYPE    
  CIPsecIkeHashAlgorithm  

cicIkeCfgPolicyPRF 1.3.6.1.4.1.9.9.423.1.5.1.1.4
The Pseudo Random Function algorithm specified by this ISAKMP policy specification. The value of this object would only be used for IKEv2.
OBJECT-TYPE    
  CIPsecIkePRFAlgorithm  

cicIkeCfgPolicyAuth 1.3.6.1.4.1.9.9.423.1.5.1.1.5
The peer authentication method specified by this ISAKMP policy specification. If this policy entity is selected for negotiation with a peer, the local entity would authenticate the peer using the method specified by this object.
OBJECT-TYPE    
  CIPsecIkeAuthMethod  

cicIkeCfgPolicyDHGroup 1.3.6.1.4.1.9.9.423.1.5.1.1.6
This object specifies the Oakley group used for Diffie Hellman exchange in the Main Mode. If this policy item is selected to negotiate Main Mode with an IKE peer, the local entity chooses the group specified by this object to perform Diffie Hellman exchange with the peer.
OBJECT-TYPE    
  CIPsecDiffHellmanGrp  

cicIkeCfgPolicyLifetime 1.3.6.1.4.1.9.9.423.1.5.1.1.7
This object specifies the lifetime in seconds of the IKE tunnels generated using this policy specification.
OBJECT-TYPE    
  CIKELifetime  

cicIkeCfgPolicyLifesize 1.3.6.1.4.1.9.9.423.1.5.1.1.8
This object specifies the life size in Kbytes of the IKE tunnels generated using this policy specification.
OBJECT-TYPE    
  CIKELifesize  

cicIkeCfgPolicyStatus 1.3.6.1.4.1.9.9.423.1.5.1.1.9
This object specifies the status of the ISAKMP policy corresponding to this conceptual row. Creation of row can only be done via 'createAndGo'. To remove a row, set this object value to 'destroy'.
OBJECT-TYPE    
  RowStatus  

cicNotifCntlIkeAllNotifs 1.3.6.1.4.1.9.9.423.1.7.1
This value of this object must be 'true' to enable any notification in addition to the notification-specific control variables defined below. A notification defined in this module is enabled if and only if the expression (cicNotifCntlIkeAllNotifs && cicNotifCntlIke) evaluates to 'true'.
OBJECT-TYPE    
  TruthValue  

cicNotifCntlIkeOperStateChanged 1.3.6.1.4.1.9.9.423.1.7.2
When cicNotifCntlIkeAllNotifs has the value 'true', this variable controls the generation of the ciscoIkeConfigOperStateChanged notification. When this variable is set to 'true', generation of the notification is enabled. When this variable is set to 'false', generation of the notification is disabled.
OBJECT-TYPE    
  TruthValue  

cicNotifCntlIkePskAdded 1.3.6.1.4.1.9.9.423.1.7.3
When cicNotifCntlIkeAllNotifs has the value 'true', this variable controls the generation of cicNotifCntlIkePskAdded notification. When this variable is set to 'true', generation of the notification is enabled. When this variable is set to 'false', generation of the notification is disabled.
OBJECT-TYPE    
  TruthValue  

cicNotifCntlIkePskDeleted 1.3.6.1.4.1.9.9.423.1.7.4
When cicNotifCntlIkeAllNotifs has the value 'true', this variable controls the generation of cicNotifCntlIkePskDeleted notification. When this variable is set to 'true', generation of the notification is enabled. When this variable is set to 'false', generation of the notification is disabled.
OBJECT-TYPE    
  TruthValue  

cicNotifCntlIkePolicyAdded 1.3.6.1.4.1.9.9.423.1.7.5
When cicNotifCntlIkeAllNotifs has the value 'true', this variable controls the generation of cicNotifCntlIkePolicyAdded notification. When this variable is set to 'true', generation of the notification is enabled. When this variable is set to 'false', generation of the notification is disabled.
OBJECT-TYPE    
  TruthValue  

cicNotifCntlIkePolicyDeleted 1.3.6.1.4.1.9.9.423.1.7.6
When cicNotifCntlIkeAllNotifs has the value 'true', this variable controls the generation of cicNotifCntlIkePolicyDeleted notification. When this variable is set to 'true', generation of the notification is enabled. When this variable is set to 'false', generation of the notification is disabled.
OBJECT-TYPE    
  TruthValue  

ciscoIkeConfigOperStateChanged 1.3.6.1.4.1.9.9.423.0.1
The notification is generated when the operational state of IKE entity on the managed device has been changed.
NOTIFICATION-TYPE    

ciscoIkeConfigPskAdded 1.3.6.1.4.1.9.9.423.0.2
This notification is generated when a new preshared key is configured on the managed device.
NOTIFICATION-TYPE    

ciscoIkeConfigPskDeleted 1.3.6.1.4.1.9.9.423.0.3
This notification is generated when an existing preshared key is configured on the managed device is about to be deleted.
NOTIFICATION-TYPE    

ciscoIkeConfigPolicyAdded 1.3.6.1.4.1.9.9.423.0.4
This notification is generated when a new ISAKMP policy is configured on the managed device.
NOTIFICATION-TYPE    

ciscoIkeConfigPolicyDeleted 1.3.6.1.4.1.9.9.423.0.5
This notification is issued when an existing ISAKMP policy configured on the managed device is about to be deleted.
NOTIFICATION-TYPE    

cicIkeCfgMIBGroups 1.3.6.1.4.1.9.9.423.2.1
OBJECT IDENTIFIER    

cicIkeCfgMIBCompliances 1.3.6.1.4.1.9.9.423.2.2
OBJECT IDENTIFIER    

cicIkeCfgMIBCompliance 1.3.6.1.4.1.9.9.423.2.2.1
Write access is not required. Only three values 'createAndGo', 'destroy' and 'active' out of the six enumerated values need to be supported if write is supported.
MODULE-COMPLIANCE    
  cicIkeCfgPskStatus INTEGER active(1), createAndGo(4), destroy(6)
  cicIkeCfgPolicyStatus INTEGER active(1), createAndGo(4), destroy(6)
  cicIkeCfgInitiatorStatus INTEGER active(1), createAndGo(4), destroy(6)

cicIkeCfgOperGroup 1.3.6.1.4.1.9.9.423.2.1.1
This group consists of objects that reflect the operational state of the IKE entity on the managed device.
OBJECT-GROUP    

cicIkeCfgIdentitiesGroup 1.3.6.1.4.1.9.9.423.2.1.2
This group consists of objects that reflect the Phase 1 ID used by the IKE entity on the managed device.
OBJECT-GROUP    

cicIkeCfgFailureRecoveryGroup 1.3.6.1.4.1.9.9.423.2.1.3
This group consists of objects that define how the local IKE entity is configured to respond to common failures.
OBJECT-GROUP    

cicIkeCfgPskAuthGroup 1.3.6.1.4.1.9.9.423.2.1.4
This group consists of objects that are used to view and configure the preshared keys configured on the managed entity.
OBJECT-GROUP    

cicIkeCfgPolicyGroup 1.3.6.1.4.1.9.9.423.2.1.5
This group consists of objects that are used to view and configure the ISAKMP policies configured on the managed device.
OBJECT-GROUP    

cicIkeCfgOptionalPolicyGroup 1.3.6.1.4.1.9.9.423.2.1.6
This group consists of objects pertaining to ISAKMP policy management which are optional and may not be supported by every implementation of IKE.
OBJECT-GROUP    

cicIkeCfgNotifCntlGroup 1.3.6.1.4.1.9.9.423.2.1.7
This group of objects controls the sending of notifications to signal the state of Phase-1 IKE configuration on the managed device.
OBJECT-GROUP    

cicIkeCfgNotificationGroup 1.3.6.1.4.1.9.9.423.2.1.8
This group contains the notifications to signal the changes to IKE on the managed device.
NOTIFICATION-GROUP