CISCO-IPSEC-SIGNALING-MIB

File: CISCO-IPSEC-SIGNALING-MIB.mib (71159 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
SNMP-FRAMEWORK-MIB CISCO-IPSEC-TC CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE NOTIFICATION-TYPE
Counter32 Counter64 Gauge32
Unsigned32 TimeStamp TimeInterval
TruthValue MODULE-COMPLIANCE OBJECT-GROUP
NOTIFICATION-GROUP SnmpAdminString CIPsecControlProtocol
CIPsecEncryptionKeySize CIPsecPhase1PeerIdentityType CIPsecIkeHashAlgorithm
CIPsecIkeAuthMethod CIPsecEncryptAlgorithm CIPsecPhase1TunnelIndex
CIPsecTunnelStatus ciscoMgmt

Defined Types

CisgIpsSgGlobalStatsEntry  
SEQUENCE    
  cisgIpsSgProtocol CIPsecControlProtocol
  cisgIpsSgGlobalActiveTunnels Gauge32
  cisgIpsSgGlobalPreviousTunnels Counter64
  cisgIpsSgGlobalInOctets Counter64
  cisgIpsSgGlobalInPkts Counter64
  cisgIpsSgGlobalInDropPkts Counter64
  cisgIpsSgGlobalInNotifys Counter64
  cisgIpsSgGlobalInP2SaDelReqs Counter64
  cisgIpsSgGlobalOutOctets Counter64
  cisgIpsSgGlobalOutPkts Counter64
  cisgIpsSgGlobalOutDropPkts Counter64
  cisgIpsSgGlobalOutNotifys Counter64
  cisgIpsSgGlobalOutP2SaDelReqs Counter64
  cisgIpsSgGlobalInitTunnels Counter64
  cisgIpsSgGlobalInitTunnelFails Counter64
  cisgIpsSgGlobalRespTunnels Counter64
  cisgIpsSgGlobalRespTunnelFails Counter64
  cisgIpsSgGlobalSysCapFails Counter64
  cisgIpsSgGlobalAuthFails Counter64
  cisgIpsSgGlobalDecryptFails Counter64
  cisgIpsSgGlobalHashValidFails Counter64
  cisgIpsSgGlobalBadTunnelRefs Counter64
  cisgIpsSgGlobalInP1SaDelReqs Counter64
  cisgIpsSgGlobalOutP1SaDelReqs Counter64

CisgIpsSgTunnelEntry  
SEQUENCE    
  cisgIpsSgTunIndex CIPsecPhase1TunnelIndex
  cisgIpsSgTunLocalType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunLocalValue SnmpAdminString
  cisgIpsSgTunLocalAddressType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunLocalAddress SnmpAdminString
  cisgIpsSgTunLocalName SnmpAdminString
  cisgIpsSgTunRemoteType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunRemoteValue SnmpAdminString
  cisgIpsSgTunRemoteAddressType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunRemoteAddress SnmpAdminString
  cisgIpsSgTunRemoteName SnmpAdminString
  cisgIpsSgTunEncryptAlgo CIPsecEncryptAlgorithm
  cisgIpsSgTunEncryptKeySize CIPsecEncryptionKeySize
  cisgIpsSgTunHashAlgo CIPsecIkeHashAlgorithm
  cisgIpsSgTunAuthMethod CIPsecIkeAuthMethod
  cisgIpsSgTunLifeTime Unsigned32
  cisgIpsSgTunActiveTime TimeInterval
  cisgIpsSgTunInOctets Counter32
  cisgIpsSgTunInPkts Counter32
  cisgIpsSgTunInDropPkts Counter32
  cisgIpsSgTunInNotifys Counter32
  cisgIpsSgTunOutOctets Counter32
  cisgIpsSgTunOutPkts Counter32
  cisgIpsSgTunOutDropPkts Counter32
  cisgIpsSgTunOutNotifys Counter32
  cisgIpsSgTunOutP2SaDelReqs Counter32
  cisgIpsSgTunStatus CIPsecTunnelStatus
  cisgIpsSgTunAction INTEGER

CisgIpsSgTunnelHistEntry  
SEQUENCE    
  cisgIpsSgTunHistIndex Unsigned32
  cisgIpsSgTunHistTermReason INTEGER
  cisgIpsSgTunHistActiveIndex CIPsecPhase1TunnelIndex
  cisgIpsSgTunHistPeerLocalType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunHistPeerLocalValue SnmpAdminString
  cisgIpsSgTunHistPeerIntIndex Unsigned32
  cisgIpsSgTunHistPeerRemoteType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunHistPeerRemoteValue SnmpAdminString
  cisgIpsSgTunHistLocalAddrType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunHistLocalAddr SnmpAdminString
  cisgIpsSgTunHistLocalName SnmpAdminString
  cisgIpsSgTunHistRemoteAddrType CIPsecPhase1PeerIdentityType
  cisgIpsSgTunHistRemoteAddr SnmpAdminString
  cisgIpsSgTunHistRemoteName SnmpAdminString
  cisgIpsSgTunHistEncryptAlgo CIPsecEncryptAlgorithm
  cisgIpsSgTunHistEncryptKeySize CIPsecEncryptionKeySize
  cisgIpsSgTunHistHashAlgo CIPsecIkeHashAlgorithm
  cisgIpsSgTunHistAuthMethod CIPsecIkeAuthMethod
  cisgIpsSgTunHistLifeTime Unsigned32
  cisgIpsSgTunHistStartTime TimeStamp
  cisgIpsSgTunHistActiveTime TimeInterval
  cisgIpsSgTunHistInOctets Counter64
  cisgIpsSgTunHistInPkts Counter64
  cisgIpsSgTunHistInDropPkts Counter64
  cisgIpsSgTunHistInNotifys Counter64
  cisgIpsSgTunHistInP2SaDelReqs Counter64
  cisgIpsSgTunHistOutOctets Counter64
  cisgIpsSgTunHistOutPkts Counter64
  cisgIpsSgTunHistOutDropPkts Counter64
  cisgIpsSgTunHistOutNotifys Counter64
  cisgIpsSgTunHistOutP2SaDelReqs Counter64

CisgIpsSgFailEntry  
SEQUENCE    
  cisgIpsSgFailIndex Unsigned32
  cisgIpsSgFailReason INTEGER
  cisgIpsSgFailTime TimeStamp
  cisgIpsSgFailLocalType CIPsecPhase1PeerIdentityType
  cisgIpsSgFailLocalValue SnmpAdminString
  cisgIpsSgFailRemoteType CIPsecPhase1PeerIdentityType
  cisgIpsSgFailRemoteValue SnmpAdminString
  cisgIpsSgFailLocalAddress SnmpAdminString
  cisgIpsSgFailRemoteAddress SnmpAdminString

Defined Values

ciscoIPsecSignalingMIB 1.3.6.1.4.1.9.9.438
This MIB Module models status, performance and failures of a protocol with the generic characteristics of signalling protocols used with IPsec and FC-SP protocols. Examples of such protocols include IKE, KINK, etc. This MIB views the common attributes of such protocols. Signaling protocols are also referred in this document as 'Control Protocols', since they perform session control. This MIB is an attempt to capture the generic aspects of the signaling activity. The protocol-specific aspects of a signaling protocol still need to be captured in a protocol-specific MIB (e.g., CISCO-IKE-FLOW-MIB, etc.). Acronyms The following acronyms are used in this document: IPsec: Secure IP Protocol VPN: Virtual Private Network ISAKMP: Internet Security Association and Key Exchange Protocol IKE: Internet Key Exchange Protocol SA: Security Association (ref: rfc2408). Phase 1 Tunnel: An ISAKMP SA can be regarded as representing a flow of ISAKMP/IKE traffic. Hence an ISAKMP is referred to as a 'Phase 1 Tunnel' in this document. Control Tunnel: Another term for a Phase 1 Tunnel. Phase 2 Tunnel: An instance of a non-ISAKMP SA bundle in which all the SA share the same proxy identifiers (IDii,IDir) protect the same stream of application traffic. Such an SA bundle is termed a 'Phase 2 Tunnel'. Note that a Phase 2 tunnel may comprise different SA bundles and different number of SA bundles at different times (due to key refresh). History of the MIB A precursor to this MIB was the IPsec Flow Monitor MIB, which combined the objects pertaining to IKE and IPsec (Phase-2) into a single MIB module. Furthermore, the MIB supported only one signaling protocol, IKEv1, in addition to manual keying. The MIB was written by Tivoli and implemented in IBM Nways routers in 1999. During late 1999, Cisco adopted the MIB and together with Tivoli publised the IPsec Flow Monitor MIB in IETF IPsec WG in draft-ietf-ipsec-flow-monitoring-mib-00.txt. In 2000, the MIB was Cisco-ized and implemented as CISCO-IPSEC-FLOW-MONITOR-MIB in IOS and VPN3000 platforms. With the evolution of IKEv2, the MIB was modified and presented to the IPsec WG again in May 2003 in draft-ietf-ipsec-flow-monitoring-mib-02.txt. With the emergence to multiple signaling protocols, it has further evolved to define separate set of MIB modules to instrument IPsec signaling alone. Thus, this MIB module is now the generic IPsec signaling MIB. Overview of MIB The MIB contains major groups of objects which are used to manage the generic aspects of IPsec signaling. These groups include a global statistics, control tunnel table, Peer association group, control tunnel history group, signaling failure group and notification group. The global statistics, tunnel table and peer association groups aid in the real-time monitoring of IPsec signaling activity. The History group is to aid applications that do trending analysis. The Failure group is to enable an operator to do troubleshooting and debugging. Further, counters are supported to aid detection of potential security violations. The notifications are modeled as generic IPsec control notifications and are parameterized by the identity of the specific signaling protocol which caused the notification to be issued.
MODULE-IDENTITY    

ciscoIPsecSigMIBNotifs 1.3.6.1.4.1.9.9.438.0
OBJECT IDENTIFIER    

ciscoIPsecSigMIBObjects 1.3.6.1.4.1.9.9.438.1
OBJECT IDENTIFIER    

ciscoIPsecSigMIBConform 1.3.6.1.4.1.9.9.438.2
OBJECT IDENTIFIER    

cisgIpsSgCurrentActivity 1.3.6.1.4.1.9.9.438.1.1
OBJECT IDENTIFIER    

cisgIpsSgPeerAssociations 1.3.6.1.4.1.9.9.438.1.2
OBJECT IDENTIFIER    

cisgIpsSgHistory 1.3.6.1.4.1.9.9.438.1.3
OBJECT IDENTIFIER    

cisgIpsSgFailures 1.3.6.1.4.1.9.9.438.1.4
OBJECT IDENTIFIER    

cisgIpsSgNotificationCntl 1.3.6.1.4.1.9.9.438.1.5
OBJECT IDENTIFIER    

cisgIpsSgGlobalStatsTable 1.3.6.1.4.1.9.9.438.1.1.1
This Signaling Protocol global statistics table. There is one row in the following table for each signaling protocol implemented by the managed entity. There is no row corresponding to the instance 'cpNone'. If the managed entity implements more than one signaling protocol, the aggregate statistics across all the supported signaling protocols must be computed by the network management station manually; in other words, there is no conceptual row in this table corresponding to 'all signaling protocols'.
OBJECT-TYPE    
  SEQUENCE OF  
    CisgIpsSgGlobalStatsEntry

cisgIpsSgGlobalStatsEntry 1.3.6.1.4.1.9.9.438.1.1.1.1
Each entry contains the global statistics pertaining to a specific signaling protocol.
OBJECT-TYPE    
  CisgIpsSgGlobalStatsEntry  

cisgIpsSgProtocol 1.3.6.1.4.1.9.9.438.1.1.1.1.1
The identity of the signaling protocol used by the control tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecControlProtocol  

cisgIpsSgGlobalActiveTunnels 1.3.6.1.4.1.9.9.438.1.1.1.1.2
The number of currently active Phase-1 control tunnels.
OBJECT-TYPE    
  Gauge32  

cisgIpsSgGlobalPreviousTunnels 1.3.6.1.4.1.9.9.438.1.1.1.1.3
High capacity counter to accumulate the total number of Phase-1 control tunnels that are no longer active.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInOctets 1.3.6.1.4.1.9.9.438.1.1.1.1.4
The total number of octets received by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInPkts 1.3.6.1.4.1.9.9.438.1.1.1.1.5
The total number of packets received by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInDropPkts 1.3.6.1.4.1.9.9.438.1.1.1.1.6
The total number of packets which were dropped during receive processing by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInNotifys 1.3.6.1.4.1.9.9.438.1.1.1.1.7
The total number of notification payloads received by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInP2SaDelReqs 1.3.6.1.4.1.9.9.438.1.1.1.1.8
The total number of Phase-2 security association delete requests received by all currently and previously active and Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutOctets 1.3.6.1.4.1.9.9.438.1.1.1.1.9
The total number of octets sent by all currently and previously active and Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutPkts 1.3.6.1.4.1.9.9.438.1.1.1.1.10
The total number of packets sent by all currently and previously active and Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutDropPkts 1.3.6.1.4.1.9.9.438.1.1.1.1.11
The total number of packets which were dropped during send processing by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutNotifys 1.3.6.1.4.1.9.9.438.1.1.1.1.12
The total number of notification payloads sent by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutP2SaDelReqs 1.3.6.1.4.1.9.9.438.1.1.1.1.13
The total number of Phase-2 tunnel delete requests sent by all currently and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInitTunnels 1.3.6.1.4.1.9.9.438.1.1.1.1.14
The total number of Phase-1 currently and previously active Control Tunnels which were locally initiated.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInitTunnelFails 1.3.6.1.4.1.9.9.438.1.1.1.1.15
The total number of Phase-1 currently and previously active Control Tunnels which were locally initiated and failed to activate.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalRespTunnels 1.3.6.1.4.1.9.9.438.1.1.1.1.16
The total number of Phase-1 currently and previously active Control Tunnels which were remotely initiated.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalRespTunnelFails 1.3.6.1.4.1.9.9.438.1.1.1.1.17
The total number of Phase-1 currently and previously active Control Tunnels which were remotely initiated and failed to activate.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalSysCapFails 1.3.6.1.4.1.9.9.438.1.1.1.1.18
The total number of system capacity failures which occurred during processing of all current and previously active Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalAuthFails 1.3.6.1.4.1.9.9.438.1.1.1.1.19
The total number of authentications which ended in failure by all current and previous Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalDecryptFails 1.3.6.1.4.1.9.9.438.1.1.1.1.20
The total number of decryption operations in all current and previous Phase-1 Control Tunnels which failed to yield the original payload.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalHashValidFails 1.3.6.1.4.1.9.9.438.1.1.1.1.21
The total number of hash validation operations in all current and previous Phase-1 Control Tunnels which resulted in failure.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalBadTunnelRefs 1.3.6.1.4.1.9.9.438.1.1.1.1.22
The total number of incoming packets that refer to non-existent Phase-1 control tunnels which occurred during processing of all current and previous Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalInP1SaDelReqs 1.3.6.1.4.1.9.9.438.1.1.1.1.23
The total number of Phase-1 security association delete requests received by all currently and previously active and Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgGlobalOutP1SaDelReqs 1.3.6.1.4.1.9.9.438.1.1.1.1.24
The total number of Phase-1 security association delete requests sent by all currently and previously active and Phase-1 Control Tunnels.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunnelTable 1.3.6.1.4.1.9.9.438.1.1.2
This table lists active Phase-1 control tunnels. There is one entry in this table for each active Control Tunnel.
OBJECT-TYPE    
  SEQUENCE OF  
    CisgIpsSgTunnelEntry

cisgIpsSgTunnelEntry 1.3.6.1.4.1.9.9.438.1.1.2.1
Each entry contains the attributes associated with an active Phase-1 control Tunnel.
OBJECT-TYPE    
  CisgIpsSgTunnelEntry  

cisgIpsSgTunIndex 1.3.6.1.4.1.9.9.438.1.1.2.1.1
The index of the Phase-1 Tunnel Table. The value of the index is a number which begins at 1 and is incremented with each tunnel that is created. The value of this object will wrap at 4,294,967,296.
OBJECT-TYPE    
  CIPsecPhase1TunnelIndex  

cisgIpsSgTunLocalType 1.3.6.1.4.1.9.9.438.1.1.2.1.2
The type of the identity used by the managed entity authenticating itself to the peer in the setup of the tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunLocalValue 1.3.6.1.4.1.9.9.438.1.1.2.1.3
The value of the local peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgTunLocalAddressType 1.3.6.1.4.1.9.9.438.1.1.2.1.4
The type of the address of the local endpoint of the Phase-1 Tunnel.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunLocalAddress 1.3.6.1.4.1.9.9.438.1.1.2.1.5
The address of the local endpoint for the Phase-1 Tunnel.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunLocalName 1.3.6.1.4.1.9.9.438.1.1.2.1.6
The DNS name of the local IP address for the Phase-1 Tunnel. If the DNS name associated with the local tunnel endpoint is not known, then the value of this object will be a zero-length string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunRemoteType 1.3.6.1.4.1.9.9.438.1.1.2.1.7
The type of the identity used by the remote peer in authenticating itself to the local peer in the setup of the tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunRemoteValue 1.3.6.1.4.1.9.9.438.1.1.2.1.8
The value of the remote peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgTunRemoteAddressType 1.3.6.1.4.1.9.9.438.1.1.2.1.9
The type of the address of the remote endpoint for the Phase-1 Tunnel.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunRemoteAddress 1.3.6.1.4.1.9.9.438.1.1.2.1.10
The address of the remote endpoint of the Phase-1 Tunnel.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunRemoteName 1.3.6.1.4.1.9.9.438.1.1.2.1.11
The DNS name of the remote address of Phase-1 Tunnel. If the DNS name associated with the remote tunnel endpoint is not known, then the value of this object will be a zero-length string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunEncryptAlgo 1.3.6.1.4.1.9.9.438.1.1.2.1.12
The encryption algorithm used in Phase-1 negotiations on the control tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecEncryptAlgorithm  

cisgIpsSgTunEncryptKeySize 1.3.6.1.4.1.9.9.438.1.1.2.1.13
The size in bits of the key used for encrypting payloads by the tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecEncryptionKeySize  

cisgIpsSgTunHashAlgo 1.3.6.1.4.1.9.9.438.1.1.2.1.14
The hash algorithm used in Phase-1 negotiations on the control tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecIkeHashAlgorithm  

cisgIpsSgTunAuthMethod 1.3.6.1.4.1.9.9.438.1.1.2.1.15
The authentication method used in Phase-1 negotiations on the control tunnel corresponding to this conceptual row.
OBJECT-TYPE    
  CIPsecIkeAuthMethod  

cisgIpsSgTunLifeTime 1.3.6.1.4.1.9.9.438.1.1.2.1.16
The negotiated LifeTime of the Phase-1 Tunnel in seconds.
OBJECT-TYPE    
  Unsigned32 1..2147483647  

cisgIpsSgTunActiveTime 1.3.6.1.4.1.9.9.438.1.1.2.1.17
The length of time the Phase-1 tunnel has been active in hundredths of seconds.
OBJECT-TYPE    
  TimeInterval  

cisgIpsSgTunInOctets 1.3.6.1.4.1.9.9.438.1.1.2.1.18
The total number of octets received by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunInPkts 1.3.6.1.4.1.9.9.438.1.1.2.1.19
The total number of packets received by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunInDropPkts 1.3.6.1.4.1.9.9.438.1.1.2.1.20
The total number of packets dropped by this Phase-1 Tunnel during receive processing.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunInNotifys 1.3.6.1.4.1.9.9.438.1.1.2.1.21
The total number of notification payloads received by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunOutOctets 1.3.6.1.4.1.9.9.438.1.1.2.1.22
The total number of octets sent by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunOutPkts 1.3.6.1.4.1.9.9.438.1.1.2.1.23
The total number of packets sent by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunOutDropPkts 1.3.6.1.4.1.9.9.438.1.1.2.1.24
The total number of packets dropped by this Phase-1 Tunnel during send processing.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunOutNotifys 1.3.6.1.4.1.9.9.438.1.1.2.1.25
The total number of notification payloads sent by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunOutP2SaDelReqs 1.3.6.1.4.1.9.9.438.1.1.2.1.26
The total number of Phase-2 security association delete requests sent by this Phase-1 Tunnel.
OBJECT-TYPE    
  Counter32  

cisgIpsSgTunStatus 1.3.6.1.4.1.9.9.438.1.1.2.1.27
The status of the MIB table row.
OBJECT-TYPE    
  CIPsecTunnelStatus  

cisgIpsSgTunAction 1.3.6.1.4.1.9.9.438.1.1.2.1.28
The action to be taken on this tunnel. If 'clear', then this tunnel is cleared. If 'rekey', then rekeying is forced on this tunnel. The value 'none' would be returned on doing read of this object.
OBJECT-TYPE    
  INTEGER none(1), clear(2), rekey(3)  

cisgIpsSgHistGlobal 1.3.6.1.4.1.9.9.438.1.3.1
OBJECT IDENTIFIER    

cisgIpsSgHistGlobalCntl 1.3.6.1.4.1.9.9.438.1.3.1.1
OBJECT IDENTIFIER    

cisgIpsSgHistTableSize 1.3.6.1.4.1.9.9.438.1.3.1.1.1
The window size of the control tunnel History Tables. The control tunnel history table is implemented as a sliding window in which at most the last 'cisgIpsSgHistTableSize' entries are maintained. This object is, hence, used to control the size of the tunnel history table. An implementation may choose suitable values for this element based on the available resources. If an SNMP SET request specifies a value outside this window for this element, in appropriate SNMP error code should be returned. Setting this value to zero is equivalent to deleting all conceptual rows in the archiving table ('cisgIpsSgTunnelHistTable') and disabling the archiving of entries in the tables.
OBJECT-TYPE    
  Unsigned32 0..2147483647  

cisgIpsSgTunnelHistTable 1.3.6.1.4.1.9.9.438.1.3.2
The control tunnel History Table. This table lists all instances of control tunnels that were successfully established but which are no longer in operation. An entry transitions to this table from the active tunnel table ('cisgIpsSgTunnelTable') into this table after it expires, is aborted or terminated. This table is conceptually a sliding window in which only the last 'N' entries are maintained, where 'N' is the value of the object 'cisgIpsSgHistTableSize'. If the value of 'cisgIpsSgHistTableSize' is 0, archiving of entries in this table is disabled.
OBJECT-TYPE    
  SEQUENCE OF  
    CisgIpsSgTunnelHistEntry

cisgIpsSgTunnelHistEntry 1.3.6.1.4.1.9.9.438.1.3.2.1
Each entry contains the attributes associated with a previously active control Tunnel.
OBJECT-TYPE    
  CisgIpsSgTunnelHistEntry  

cisgIpsSgTunHistIndex 1.3.6.1.4.1.9.9.438.1.3.2.1.1
The index of the Phase-1 Control Tunnel History Table. This object has no relationship to the cisgIpsSgTunIndex of the tunnel when it was active. The value of the index is a number which begins at one and is incremented with each tunnel that ends. The value of this object will wrap at 4,294,967,296.
OBJECT-TYPE    
  Unsigned32  

cisgIpsSgTunHistTermReason 1.3.6.1.4.1.9.9.438.1.3.2.1.2
The reason the Phase-1 Control Tunnel was terminated. Possible reasons include: 1 = other 2 = normal termination 3 = operator request 4 = peer delete request was received 5 = contact with peer was lost 6 = applicationInitiated (eg: L2TP requesting the termination) 7 = failure of extended user authentication 8 = local failure occurred.
OBJECT-TYPE    
  INTEGER other(1), normal(2), operRequest(3), peerDelRequest(4), peerLost(5), applicationInitiated(6), userAuthFailure(7), localFailure(8)  

cisgIpsSgTunHistActiveIndex 1.3.6.1.4.1.9.9.438.1.3.2.1.3
The index of the previously active Control Tunnel. This object must correspond to an expired IKE tunnel.
OBJECT-TYPE    
  CIPsecPhase1TunnelIndex  

cisgIpsSgTunHistPeerLocalType 1.3.6.1.4.1.9.9.438.1.3.2.1.4
The type of local peer identity.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunHistPeerLocalValue 1.3.6.1.4.1.9.9.438.1.3.2.1.5
The value of the local peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgTunHistPeerIntIndex 1.3.6.1.4.1.9.9.438.1.3.2.1.6
The arbitrary index to keep local-remote peer association. This index is used to uniquely identify multiple associations between the local and remote peer.
OBJECT-TYPE    
  Unsigned32 1..2147483647  

cisgIpsSgTunHistPeerRemoteType 1.3.6.1.4.1.9.9.438.1.3.2.1.7
The type of remote peer identity.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunHistPeerRemoteValue 1.3.6.1.4.1.9.9.438.1.3.2.1.8
The value of the remote peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgTunHistLocalAddrType 1.3.6.1.4.1.9.9.438.1.3.2.1.9
The type of the address of the local endpoint for the control tunnel.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunHistLocalAddr 1.3.6.1.4.1.9.9.438.1.3.2.1.10
The address of the local endpoint for the control tunnel.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunHistLocalName 1.3.6.1.4.1.9.9.438.1.3.2.1.11
The DNS name of the local address for the control Tunnel. If the DNS name associated with the local tunnel endpoint is not known, then the value of this object will be a zero-length string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunHistRemoteAddrType 1.3.6.1.4.1.9.9.438.1.3.2.1.12
The type of the address of the remote endpoint for the control Tunnel.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgTunHistRemoteAddr 1.3.6.1.4.1.9.9.438.1.3.2.1.13
The address of the remote endpoint for the control Tunnel.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunHistRemoteName 1.3.6.1.4.1.9.9.438.1.3.2.1.14
The DNS name of the remote address of control Tunnel. If the DNS name associated with the remote tunnel endpoint is not known, then the value of this object will be a zero-length string.
OBJECT-TYPE    
  SnmpAdminString Size(0..255)  

cisgIpsSgTunHistEncryptAlgo 1.3.6.1.4.1.9.9.438.1.3.2.1.15
The encryption algorithm used in control tunnel.
OBJECT-TYPE    
  CIPsecEncryptAlgorithm  

cisgIpsSgTunHistEncryptKeySize 1.3.6.1.4.1.9.9.438.1.3.2.1.16
The size in bits of the key which was negotiated for the control tunnel to be used with the algorithm denoted by the column 'cisgIpsSgTunEncryptAlgo'. For DES and 3DES the key size is respectively 56 and 168. For AES, this will denote the negotiated key size.
OBJECT-TYPE    
  CIPsecEncryptionKeySize  

cisgIpsSgTunHistHashAlgo 1.3.6.1.4.1.9.9.438.1.3.2.1.17
The hash algorithm used in control tunnel negotiations.
OBJECT-TYPE    
  CIPsecIkeHashAlgorithm  

cisgIpsSgTunHistAuthMethod 1.3.6.1.4.1.9.9.438.1.3.2.1.18
The authentication method used in control tunnel negotiations.
OBJECT-TYPE    
  CIPsecIkeAuthMethod  

cisgIpsSgTunHistLifeTime 1.3.6.1.4.1.9.9.438.1.3.2.1.19
The negotiated LifeTime of the control tunnel in seconds.
OBJECT-TYPE    
  Unsigned32 1..2147483647  

cisgIpsSgTunHistStartTime 1.3.6.1.4.1.9.9.438.1.3.2.1.20
The value of sysUpTime in hundredths of seconds when the control tunnel was started.
OBJECT-TYPE    
  TimeStamp  

cisgIpsSgTunHistActiveTime 1.3.6.1.4.1.9.9.438.1.3.2.1.21
The length of time the control tunnel has been active in hundredths of seconds.
OBJECT-TYPE    
  TimeInterval  

cisgIpsSgTunHistInOctets 1.3.6.1.4.1.9.9.438.1.3.2.1.22
The total number of octets received by this control tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistInPkts 1.3.6.1.4.1.9.9.438.1.3.2.1.23
The total number of packets received by this Phase-1 control tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistInDropPkts 1.3.6.1.4.1.9.9.438.1.3.2.1.24
The total number of packets dropped by this control Tunnel during receive processing.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistInNotifys 1.3.6.1.4.1.9.9.438.1.3.2.1.25
The total number of notification payloads received by this control tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistInP2SaDelReqs 1.3.6.1.4.1.9.9.438.1.3.2.1.26
The total number of Phase-2 tunnel delete requests received by this control tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistOutOctets 1.3.6.1.4.1.9.9.438.1.3.2.1.27
The total number of octets sent by this control Tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistOutPkts 1.3.6.1.4.1.9.9.438.1.3.2.1.28
The total number of packets sent by this control Tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistOutDropPkts 1.3.6.1.4.1.9.9.438.1.3.2.1.29
The total number of packets dropped by this control Tunnel during send processing.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistOutNotifys 1.3.6.1.4.1.9.9.438.1.3.2.1.30
The total number of notification payloads sent by this control Tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgTunHistOutP2SaDelReqs 1.3.6.1.4.1.9.9.438.1.3.2.1.31
The total number of Phase-2 tunnel delete requests sent by this control tunnel.
OBJECT-TYPE    
  Counter64  

cisgIpsSgFailGlobal 1.3.6.1.4.1.9.9.438.1.4.1
OBJECT IDENTIFIER    

cisgIpsSgFailGlobalCntl 1.3.6.1.4.1.9.9.438.1.4.1.1
OBJECT IDENTIFIER    

cisgIpsSgFailTableSize 1.3.6.1.4.1.9.9.438.1.4.1.1.1
The window size of the Internet Key Exchange Failure Tables. The Failure Table is implemented as a sliding window in which only the last 'cisgIpsSgFailTableSize' entries are maintained. This object is used specify the number of entries which will be maintained in the control tunnel Failure Table. An implementation may choose suitable minimum and maximum values for this element based on the local policy and available resources. If an SNMP SET request specifies a value outside this window for this element, an appropriate SNMP error code must be returned. Setting this value to zero is equivalent to deleting all conceptual rows in the archiving tables ('cisgIpsSgFailTable') and disabling the archiving of entries in this table.
OBJECT-TYPE    
  Unsigned32 0..2147483647  

cisgIpsSgFailTable 1.3.6.1.4.1.9.9.438.1.4.2
This is the control tunnel Table and is implemented as a sliding window in which only the last 'N' entries are maintained. The maximum number of entries is specified by the object 'cisgIpsSgFailTableSize'. The failure records are catalogued under each signaling protocol type; that is, the first index of this table is the signaling protocol identifier ('cisgIpsSgProtocol'). The second index ('cisgIpsSgFailIndex') identifies the failure record uniquely in the subcategory. Should a failure be identified before the signaling protocol itself has been identified by the managed entity, the failure record will be classified under 'cpUnknown'.
OBJECT-TYPE    
  SEQUENCE OF  
    CisgIpsSgFailEntry

cisgIpsSgFailEntry 1.3.6.1.4.1.9.9.438.1.4.2.1
Each entry contains the attributes associated with an Phase-1 failure.
OBJECT-TYPE    
  CisgIpsSgFailEntry  

cisgIpsSgFailIndex 1.3.6.1.4.1.9.9.438.1.4.2.1.1
The Phase-1 Failure Table index. This object has no relationship to the cisgIpsSgTunIndex of the tunnel when it was active. The value of the index is a number which begins at one and is incremented with each Phase-1 failure. The value of this object will wrap at 4,294,967,296.
OBJECT-TYPE    
  Unsigned32  

cisgIpsSgFailReason 1.3.6.1.4.1.9.9.438.1.4.2.1.2
The reason for the failure. Possible reasons include: 1 = other 2 = peer delete request was received 3 = contact with peer was lost 4 = local failure occurred 5 = authentication failure 6 = hash validation failure 7 = encryption failure 8 = internal error occurred 9 = system capacity failure 10 = proposal failure 11 = peer's certificate is unavailable 12 = peer's certificate was found invalid 13 = local certificate expired 14 = certificate revoke list (crl) failure 15 = peer encoding error 16 = Reference to a non-existent control tunnel 17 = Extended User authentication failed 18 = operator requested termination. 19 = An attempt to establish a tunnel was aborted by the admission control policy (this could include a simple policy that limits the maximum active tunnels) 20 = A protocol specific reason (look in the protocol-specific MIB for more info).
OBJECT-TYPE    
  INTEGER other(1), peerDelRequest(2), peerLost(3), localFailure(4), authFailure(5), hashValidation(6), encryptFailure(7), internalError(8), sysCapExceeded(9), proposalFailure(10), peerCertUnavailable(11), peerCertNotValid(12), localCertExpired(13), crlFailure(14), peerEncodingError(15), nonExistentSa(16), userAuthFailure(17), operRequest(18), deniedByAdmissionControl(19), protocolSpecific(20)  

cisgIpsSgFailTime 1.3.6.1.4.1.9.9.438.1.4.2.1.3
The value of sysUpTime in hundredths of seconds at the time of the failure.
OBJECT-TYPE    
  TimeStamp  

cisgIpsSgFailLocalType 1.3.6.1.4.1.9.9.438.1.4.2.1.4
The type of local peer identity.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgFailLocalValue 1.3.6.1.4.1.9.9.438.1.4.2.1.5
The value of the local peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgFailRemoteType 1.3.6.1.4.1.9.9.438.1.4.2.1.6
The type of remote peer identity.
OBJECT-TYPE    
  CIPsecPhase1PeerIdentityType  

cisgIpsSgFailRemoteValue 1.3.6.1.4.1.9.9.438.1.4.2.1.7
The value of the remote peer identity.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgFailLocalAddress 1.3.6.1.4.1.9.9.438.1.4.2.1.8
The address of the local peer. The value of cisgIpsSgFailLocalType identifies the type of the address contained in this object.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgFailRemoteAddress 1.3.6.1.4.1.9.9.438.1.4.2.1.9
The address of the remote peer. The value of cisgIpsSgFailLocalType identifies the type of the address contained in this object.
OBJECT-TYPE    
  SnmpAdminString Size(1..255)  

cisgIpsSgNotifCntlAllNotifs 1.3.6.1.4.1.9.9.438.1.5.1
This object acts as the knob that controls the the administrative state of sending any notification defined in this MIB module. That is, a particular notification 'foo' defined in this MIB module is enabled if and only if the expression cisgIpsSgNotifCntlAllNotifs && cisgIpsSgNotifCntl evaluates to 'true'.
OBJECT-TYPE    
  TruthValue  

cisgIpsSgNotifCntlTunnelStart 1.3.6.1.4.1.9.9.438.1.5.2
This object defines the administrative state of sending the Control Tunnel Start notification. If the value of this object is 'true', the issuing of the notification 'cisgIpsSgTunnelStart' is enabled.
OBJECT-TYPE    
  TruthValue  

cisgIpsSgNotifCntlTunnelStop 1.3.6.1.4.1.9.9.438.1.5.3
This object defines the administrative state of sending the Control Tunnel Stop notification. If the value of this object is 'true', the issuing of the notification 'cisgIpsSgTunnelStop' is enabled.
OBJECT-TYPE    
  TruthValue  

cisgIpsSgNotifCntlSysFailure 1.3.6.1.4.1.9.9.438.1.5.4
This object defines the administrative state of sending the System Failure notification. If the value of this object is 'true', the issuing of the notification 'ciscoIpsSgSysFailure' is enabled.
OBJECT-TYPE    
  TruthValue  

cisgIpsSgNotifCntlCertCrlFail 1.3.6.1.4.1.9.9.438.1.5.5
This object defines the administrative state of sending the Certificate/CRL Failure notification. If the value of this object is 'true', the issuing of the notification 'ciscoIpsSgCertCrlFailure' is enabled.
OBJECT-TYPE    
  TruthValue  

ciscoIpsSgTunnelStart 1.3.6.1.4.1.9.9.438.0.1
This notification is generated when an control tunnel becomes active.
NOTIFICATION-TYPE    

ciscoIpsSgTunnelStop 1.3.6.1.4.1.9.9.438.0.2
This notification is generated when an control tunnel becomes inactive.
NOTIFICATION-TYPE    

ciscoIpsSgSysFailure 1.3.6.1.4.1.9.9.438.0.3
This notification is generated when the processing for an control Tunnel experiences an system capacity error.
NOTIFICATION-TYPE    

ciscoIpsSgCertCrlFailure 1.3.6.1.4.1.9.9.438.0.4
This notification is generated when the processing for an control Tunnel experiences a Certificate or a Certificate validation (CRL or OCSP) related error.
NOTIFICATION-TYPE    

ciscoIpsSgMIBCompliances 1.3.6.1.4.1.9.9.438.2.1
OBJECT IDENTIFIER    

ciscoIpsSgMIBGroups 1.3.6.1.4.1.9.9.438.2.2
OBJECT IDENTIFIER    

ciscoIpsSgMIBCompliance 1.3.6.1.4.1.9.9.438.2.1.1
The compliance statement for SNMP entities the IPsec Signaling MIB.
MODULE-COMPLIANCE    

ciscoIpsSgActivityGroup 1.3.6.1.4.1.9.9.438.2.2.1
This group consists of: 1) Signaling Global Objects 2) control Tunnel table.
OBJECT-GROUP    

ciscoIpsSgCoreHistoryGroup 1.3.6.1.4.1.9.9.438.2.2.2
This group consists of the core (mandatory) objects pertaining to maintaining history of signaling activity.
OBJECT-GROUP    

ciscoIpsSgHistoryGroup 1.3.6.1.4.1.9.9.438.2.2.3
This group consists of objects that pertain to maintenance of history of signaling activity.
OBJECT-GROUP    

ciscoIpsSgCoreFailureGroup 1.3.6.1.4.1.9.9.438.2.2.4
This group consists of the core (mandatory) objects pertaining to maintaining history of failure signaling activity.
OBJECT-GROUP    

ciscoIpsSgFailureGroup 1.3.6.1.4.1.9.9.438.2.2.5
This group consists of objects that pertain to maintenance of history of failures associated with Ipsec signaling activity.
OBJECT-GROUP    

ciscoIpsSgNotifCntlGroup 1.3.6.1.4.1.9.9.438.2.2.6
This group of objects controls the sending of notifications pertaining to signaling operations.
OBJECT-GROUP    

ciscoIpsSgNotifcationGroup 1.3.6.1.4.1.9.9.438.2.2.7
This group contains the notifications pertaining to Ipsec signaling operations.
NOTIFICATION-GROUP