IPSEC-IKEACTION-MIB

File: IPSEC-IKEACTION-MIB.mib (106085 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
SNMP-FRAMEWORK-MIB INET-ADDRESS-MIB IPSEC-SPD-MIB
IPSEC-IPSECACTION-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Integer32
Unsigned32 TEXTUAL-CONVENTION RowStatus
TruthValue TimeStamp StorageType
VariablePointer MODULE-COMPLIANCE OBJECT-GROUP
SnmpAdminString InetAddressType InetAddress
InetPortNumber spdActions SpdIPPacketLogging
spdEndGroupInterface IpsaCredentialType IpsecDoiIdentType
IpsaIdentityFilter ipsaSharedGroup

Defined Types

IkeEncryptionAlgorithm  
TEXTUAL-CONVENTION    
  current Unsigned32 0..65535

IkeAuthMethod  
TEXTUAL-CONVENTION    
  current Unsigned32 0..65535

IkeHashAlgorithm  
TEXTUAL-CONVENTION    
  current Unsigned32 0..65535

IkeGroupDescription  
TEXTUAL-CONVENTION    
  current Unsigned32 0..65535

IpsecDoiSecProtocolId  
TEXTUAL-CONVENTION    
  current Unsigned32 0..255

IpiaCredentialFilterEntry  
SEQUENCE    
  ipiaCredFiltName SnmpAdminString
  ipiaCredFiltCredentialType IpsaCredentialType
  ipiaCredFiltMatchFieldName STRING
  ipiaCredFiltMatchFieldValue STRING
  ipiaCredFiltAcceptCredFrom STRING
  ipiaCredFiltLastChanged TimeStamp
  ipiaCredFiltStorageType StorageType
  ipiaCredFiltRowStatus RowStatus

IpiaPeerIdentityFilterEntry  
SEQUENCE    
  ipiaPeerIdFiltName SnmpAdminString
  ipiaPeerIdFiltIdentityType IpsecDoiIdentType
  ipiaPeerIdFiltIdentityValue IpsaIdentityFilter
  ipiaPeerIdFiltLastChanged TimeStamp
  ipiaPeerIdFiltStorageType StorageType
  ipiaPeerIdFiltRowStatus RowStatus

IpiaIkeActionEntry  
SEQUENCE    
  ipiaIkeActName SnmpAdminString
  ipiaIkeActParametersName SnmpAdminString
  ipiaIkeActThresholdDerivedKeys Integer32
  ipiaIkeActExchangeMode INTEGER
  ipiaIkeActAgressiveModeGroupId IkeGroupDescription
  ipiaIkeActIdentityType IpsecDoiIdentType
  ipiaIkeActIdentityContext SnmpAdminString
  ipiaIkeActPeerName SnmpAdminString
  ipiaIkeActDoActionLogging TruthValue
  ipiaIkeActDoPacketLogging SpdIPPacketLogging
  ipiaIkeActVendorId STRING
  ipiaIkeActLastChanged TimeStamp
  ipiaIkeActStorageType StorageType
  ipiaIkeActRowStatus RowStatus

IpiaIpsecActionEntry  
SEQUENCE    
  ipiaIpsecActName SnmpAdminString
  ipiaIpsecActParametersName SnmpAdminString
  ipiaIpsecActProposalsName SnmpAdminString
  ipiaIpsecActUsePfs TruthValue
  ipiaIpsecActVendorId STRING
  ipiaIpsecActGroupId IkeGroupDescription
  ipiaIpsecActPeerGatewayIdName STRING
  ipiaIpsecActUseIkeGroup TruthValue
  ipiaIpsecActGranularity INTEGER
  ipiaIpsecActMode INTEGER
  ipiaIpsecActDFHandling INTEGER
  ipiaIpsecActDoActionLogging TruthValue
  ipiaIpsecActDoPacketLogging SpdIPPacketLogging
  ipiaIpsecActLastChanged TimeStamp
  ipiaIpsecActStorageType StorageType
  ipiaIpsecActRowStatus RowStatus

IpiaSaNegotiationParametersEntry  
SEQUENCE    
  ipiaSaNegParamName SnmpAdminString
  ipiaSaNegParamMinLifetimeSecs Unsigned32
  ipiaSaNegParamMinLifetimeKB Unsigned32
  ipiaSaNegParamRefreshThreshSecs Unsigned32
  ipiaSaNegParamRefreshThresholdKB Unsigned32
  ipiaSaNegParamIdleDurationSecs Unsigned32
  ipiaSaNegParamLastChanged TimeStamp
  ipiaSaNegParamStorageType StorageType
  ipiaSaNegParamRowStatus RowStatus

IpiaIkeActionProposalsEntry  
SEQUENCE    
  ipiaIkeActPropPriority Integer32
  ipiaIkeActPropName SnmpAdminString
  ipiaIkeActPropLastChanged TimeStamp
  ipiaIkeActPropStorageType StorageType
  ipiaIkeActPropRowStatus RowStatus

IpiaIkeProposalEntry  
SEQUENCE    
  ipiaIkePropLifetimeDerivedKeys Unsigned32
  ipiaIkePropCipherAlgorithm IkeEncryptionAlgorithm
  ipiaIkePropCipherKeyLength Unsigned32
  ipiaIkePropCipherKeyRounds Unsigned32
  ipiaIkePropHashAlgorithm IkeHashAlgorithm
  ipiaIkePropPrfAlgorithm INTEGER
  ipiaIkePropVendorId STRING
  ipiaIkePropDhGroup IkeGroupDescription
  ipiaIkePropAuthenticationMethod IkeAuthMethod
  ipiaIkePropMaxLifetimeSecs Unsigned32
  ipiaIkePropMaxLifetimeKB Unsigned32
  ipiaIkePropLastChanged TimeStamp
  ipiaIkePropStorageType StorageType
  ipiaIkePropRowStatus RowStatus

IpiaIpsecProposalsEntry  
SEQUENCE    
  ipiaIpsecPropName SnmpAdminString
  ipiaIpsecPropPriority Integer32
  ipiaIpsecPropProtocolId IpsecDoiSecProtocolId
  ipiaIpsecPropTransformsName SnmpAdminString
  ipiaIpsecPropLastChanged TimeStamp
  ipiaIpsecPropStorageType StorageType
  ipiaIpsecPropRowStatus RowStatus

IpiaIpsecTransformsEntry  
SEQUENCE    
  ipiaIpsecTranType IpsecDoiSecProtocolId
  ipiaIpsecTranName SnmpAdminString
  ipiaIpsecTranPriority Integer32
  ipiaIpsecTranTransformName SnmpAdminString
  ipiaIpsecTranLastChanged TimeStamp
  ipiaIpsecTranStorageType StorageType
  ipiaIpsecTranRowStatus RowStatus

IpiaIkeIdentityEntry  
SEQUENCE    
  ipiaIkeIdCredentialName SnmpAdminString
  ipiaIkeIdLastChanged TimeStamp
  ipiaIkeIdStorageType StorageType
  ipiaIkeIdRowStatus RowStatus

IpiaAutostartIkeEntry  
SEQUENCE    
  ipiaAutoIkePriority Integer32
  ipiaAutoIkeAction VariablePointer
  ipiaAutoIkeAddressType InetAddressType
  ipiaAutoIkeSourceAddress InetAddress
  ipiaAutoIkeSourcePort InetPortNumber
  ipiaAutoIkeDestAddress InetAddress
  ipiaAutoIkeDestPort InetPortNumber
  ipiaAutoIkeProtocol Unsigned32
  ipiaAutoIkeLastChanged TimeStamp
  ipiaAutoIkeStorageType StorageType
  ipiaAutoIkeRowStatus RowStatus

IpiaIpsecCredMngServiceEntry  
SEQUENCE    
  ipiaIcmsName SnmpAdminString
  ipiaIcmsDistinguishedName STRING
  ipiaIcmsPolicyStatement STRING
  ipiaIcmsMaxChainLength Integer32
  ipiaIcmsCredentialName SnmpAdminString
  ipiaIcmsLastChanged TimeStamp
  ipiaIcmsStorageType StorageType
  ipiaIcmsRowStatus RowStatus

IpiaCredMngCRLEntry  
SEQUENCE    
  ipiaCmcCRLName SnmpAdminString
  ipiaCmcDistributionPoint STRING
  ipiaCmcThisUpdate STRING
  ipiaCmcNextUpdate STRING
  ipiaCmcLastChanged TimeStamp
  ipiaCmcStorageType StorageType
  ipiaCmcRowStatus RowStatus

IpiaRevokedCertificateEntry  
SEQUENCE    
  ipiaRctCertSerialNumber Unsigned32
  ipiaRctRevokedDate STRING
  ipiaRctRevokedReason INTEGER
  ipiaRctLastChanged TimeStamp
  ipiaRctStorageType StorageType
  ipiaRctRowStatus RowStatus

Defined Values

ipiaMIB 1.3.6.1.2.1.153.4.2
The MIB module for defining IKE actions for managing IPsec Security Policy. Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC YYYY, see the RFC itself for full legal notices.
MODULE-IDENTITY    

ipiaConfigObjects 1.3.6.1.2.1.153.4.2.1
OBJECT IDENTIFIER    

ipiaNotificationObjects 1.3.6.1.2.1.153.4.2.2
OBJECT IDENTIFIER    

ipiaConformanceObjects 1.3.6.1.2.1.153.4.2.3
OBJECT IDENTIFIER    

ipiaLocalConfigObjects 1.3.6.1.2.1.153.4.2.1.1
OBJECT IDENTIFIER    

ipiaStaticFilters 1.3.6.1.2.1.153.4.2.1.2
OBJECT IDENTIFIER    

ipiaIkePhase1Filter 1.3.6.1.2.1.153.4.2.1.2.1
This static filter can be used to test if a packet is part of an IKE phase-1 negotiation.
OBJECT-TYPE    
  Integer32  

ipiaIkePhase2Filter 1.3.6.1.2.1.153.4.2.1.2.2
This static filter can be used to test if a packet is part of an IKE phase-2 negotiation.
OBJECT-TYPE    
  Integer32  

ipiaCredentialFilterTable 1.3.6.1.2.1.153.4.2.1.3
This table is used to provide credentials for IKE identities. It can be used to for filters which are matched to credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They MAY be X.509 certificates, Kerberos tickets, etc... It can also be used to provide credentials for local IKE identities.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaCredentialFilterEntry

ipiaCredentialFilterEntry 1.3.6.1.2.1.153.4.2.1.3.1
A row defining a particular credential filter
OBJECT-TYPE    
  IpiaCredentialFilterEntry  

ipiaCredFiltName 1.3.6.1.2.1.153.4.2.1.3.1.1
The administrative name of this filter.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaCredFiltCredentialType 1.3.6.1.2.1.153.4.2.1.3.1.2
The credential type that is expected for this filter to succeed.
OBJECT-TYPE    
  IpsaCredentialType  

ipiaCredFiltMatchFieldName 1.3.6.1.2.1.153.4.2.1.3.1.3
The piece of the credential to match against. Examples: serialNumber, signatureAlgorithm, issuerName or subjectName. For credential types without fields (e.g. shared secret), this field SHOULD be left empty, and the entire credential will be matched against the ipiaCredFiltMatchFieldValue.
OBJECT-TYPE    
  STRING Size(0..256)  

ipiaCredFiltMatchFieldValue 1.3.6.1.2.1.153.4.2.1.3.1.4
The value that the field indicated by the ipiaCredFiltMatchFieldName MUST match against for the filter to be considered TRUE.
OBJECT-TYPE    
  STRING Size(1..4096)  

ipiaCredFiltAcceptCredFrom 1.3.6.1.2.1.153.4.2.1.3.1.5
This value is used to look up a row in the ipiaIpsecCredMngServiceTable for the Certificate Authority (CA) Information. This value is empty if there is no CA used for this filter.
OBJECT-TYPE    
  STRING Size(1..117)  

ipiaCredFiltLastChanged 1.3.6.1.2.1.153.4.2.1.3.1.6
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaCredFiltStorageType 1.3.6.1.2.1.153.4.2.1.3.1.7
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaCredFiltRowStatus 1.3.6.1.2.1.153.4.2.1.3.1.8
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaPeerIdentityFilterTable 1.3.6.1.2.1.153.4.2.1.4
This table defines filters which can be used to match credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They MAY be X.509 certificates, Kerberos tickets, etc...
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaPeerIdentityFilterEntry

ipiaPeerIdentityFilterEntry 1.3.6.1.2.1.153.4.2.1.4.1
A row defining a particular credential filter
OBJECT-TYPE    
  IpiaPeerIdentityFilterEntry  

ipiaPeerIdFiltName 1.3.6.1.2.1.153.4.2.1.4.1.1
The administrative name of this filter.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaPeerIdFiltIdentityType 1.3.6.1.2.1.153.4.2.1.4.1.2
The type of identity field in the peer ID payload to match against.
OBJECT-TYPE    
  IpsecDoiIdentType  

ipiaPeerIdFiltIdentityValue 1.3.6.1.2.1.153.4.2.1.4.1.3
The string representation of the value that the peer ID payload value MUST match against. Wildcard mechanisms MUST be supported such that: - a ipiaPeerIdFiltIdentityValue of '*@example.com' will match a userFqdn ID payload of 'JDOE@EXAMPLE.COM' - a ipiaPeerIdFiltIdentityValue of '*.example.com' will match a fqdn ID payload of 'WWW.EXAMPLE.COM' - a ipiaPeerIdFiltIdentityValue of: 'cn=*,ou=engineering,o=company,c=us' will match a DER DN ID payload of 'cn=John Doe,ou=engineering,o=company,c=us' - a ipiaPeerIdFiltIdentityValue of '192.0.2.0/24' will match an IPv4 address ID payload of 192.0.2.10 - a ipiaPeerIdFiltIdentityValue of '192.0.2.*' will also match an IPv4 address ID payload of 192.0.2.10. The character '*' replaces 0 or multiple instances of any character.
OBJECT-TYPE    
  IpsaIdentityFilter  

ipiaPeerIdFiltLastChanged 1.3.6.1.2.1.153.4.2.1.4.1.4
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaPeerIdFiltStorageType 1.3.6.1.2.1.153.4.2.1.4.1.5
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaPeerIdFiltRowStatus 1.3.6.1.2.1.153.4.2.1.4.1.6
This object indicates the conceptual status of this row. This object can not be considered active unless the ipiaPeerIdFiltIdentityType and ipiaPeerIdFiltIdentityValue column values are defined. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaStaticActions 1.3.6.1.2.1.153.4.2.1.5
OBJECT IDENTIFIER    

ipiaRejectIKEAction 1.3.6.1.2.1.153.4.2.1.5.1
This scalar indicates that a packet SHOULD be rejected WITHOUT action/packet logging. This object returns a value of 1 for IPsec policy implementations that support the reject static action.
OBJECT-TYPE    
  Integer32  

ipiaRejectIKEActionLog 1.3.6.1.2.1.153.4.2.1.5.2
This scalar indicates that a packet SHOULD be rejected WITH action/packet logging. This object returns a value of 1 for IPsec policy implementations that support the reject static action with logging.
OBJECT-TYPE    
  Integer32  

ipiaIkeActionTable 1.3.6.1.2.1.153.4.2.1.6
The ipiaIkeActionTable contains a list of the parameters used for an IKE phase 1 SA DOI negotiation. See the corresponding table ipiaIkeActionProposalsTable for a list of proposals contained within a given IKE Action.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeActionEntry

ipiaIkeActionEntry 1.3.6.1.2.1.153.4.2.1.6.1
The ipiaIkeActionEntry lists the IKE negotiation attributes.
OBJECT-TYPE    
  IpiaIkeActionEntry  

ipiaIkeActName 1.3.6.1.2.1.153.4.2.1.6.1.1
This object contains the name of this ikeAction entry.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActParametersName 1.3.6.1.2.1.153.4.2.1.6.1.2
This object is administratively assigned to reference a row in the ipiaSaNegotiationParametersTable where additional parameters affecting this action can be found. An attempt to set this object to a value that does not exist in the ipiaSaNegotiationParametersTable MUST result in an inconsistentValue error.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActThresholdDerivedKeys 1.3.6.1.2.1.153.4.2.1.6.1.3
ipiaIkeActThresholdDerivedKeys specifies what percentage of the derived key limit (see the LifetimeDerivedKeys property of IKEProposal) can expire before IKE SHOULD attempt to renegotiate the IKE phase 1 security association.
OBJECT-TYPE    
  Integer32 0..100  

ipiaIkeActExchangeMode 1.3.6.1.2.1.153.4.2.1.6.1.4
ipiaIkeActExchangeMode specifies the IKE Phase 1 negotiation mode.
OBJECT-TYPE    
  INTEGER main(1), agressive(2)  

ipiaIkeActAgressiveModeGroupId 1.3.6.1.2.1.153.4.2.1.6.1.5
The values to be used for Diffie-Hellman exchange.
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIkeActIdentityType 1.3.6.1.2.1.153.4.2.1.6.1.6
This column along with ipiaIkeActIdentityContext and endpoint information is used to refer an ipiaIkeIdentityEntry in the ipiaIkeIdentityTable.
OBJECT-TYPE    
  IpsecDoiIdentType  

ipiaIkeActIdentityContext 1.3.6.1.2.1.153.4.2.1.6.1.7
This column, along with ipiaIkeActIdentityType and endpoint information, is used to refer to an ipiaIkeIdentityEntry in the ipiaIkeIdentityTable.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActPeerName 1.3.6.1.2.1.153.4.2.1.6.1.8
This object indicates the peer id name of the IKE peer. This object can be used to look up the peer id value, address, credentials and other values in the ipiaPeerIdentityTable.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIkeActDoActionLogging 1.3.6.1.2.1.153.4.2.1.6.1.9
ikeDoActionLogging specifies whether or not an audit message SHOULD be logged when this ike SA is created.
OBJECT-TYPE    
  TruthValue  

ipiaIkeActDoPacketLogging 1.3.6.1.2.1.153.4.2.1.6.1.10
ikeDoPacketLogging specifies whether or not an audit message SHOULD be logged and if there is logging, how many bytes of the packet to place in the notification.
OBJECT-TYPE    
  SpdIPPacketLogging  

ipiaIkeActVendorId 1.3.6.1.2.1.153.4.2.1.6.1.11
Vendor ID Payload. A value of NULL means that Vendor ID payload will be neither generated nor accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (when acting as a responder).
OBJECT-TYPE    
  STRING Size(0..65535)  

ipiaIkeActLastChanged 1.3.6.1.2.1.153.4.2.1.6.1.12
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIkeActStorageType 1.3.6.1.2.1.153.4.2.1.6.1.13
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIkeActRowStatus 1.3.6.1.2.1.153.4.2.1.6.1.14
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This object MUST NOT be set to destroy if referred to by other rows in other action tables. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaIpsecActionTable 1.3.6.1.2.1.153.4.2.1.7
The ipiaIpsecActionTable contains a list of the parameters used for an IKE phase 2 IPsec DOI negotiation.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecActionEntry

ipiaIpsecActionEntry 1.3.6.1.2.1.153.4.2.1.7.1
The ipiaIpsecActionEntry lists the IPsec negotiation attributes.
OBJECT-TYPE    
  IpiaIpsecActionEntry  

ipiaIpsecActName 1.3.6.1.2.1.153.4.2.1.7.1.1
ipiaIpsecActName is the name of the ipsecAction entry.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActParametersName 1.3.6.1.2.1.153.4.2.1.7.1.2
This object is used to reference a row in the ipiaSaNegotiationParametersTable where additional parameters affecting this action can be found. An attempt to set this column to a value that does not exist in the ipiaSaNegotiationParametersTable MUST result in an inconsistentValue error.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActProposalsName 1.3.6.1.2.1.153.4.2.1.7.1.3
This object is used to reference one or more rows in the ipiaIpsecProposalsTable where an ordered list of proposals affecting this action can be found. An attempt to set this column to a value that does not exist in the ipiaIpsecProposalsTable MUST result in an inconsistentValue error.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActUsePfs 1.3.6.1.2.1.153.4.2.1.7.1.4
This MIB object specifies whether or not perfect forward secrecy is used when refreshing keys. A value of true indicates that PFS SHOULD be used.
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActVendorId 1.3.6.1.2.1.153.4.2.1.7.1.5
The VendorID property is used to identify vendor-defined key exchange GroupIDs.
OBJECT-TYPE    
  STRING Size(0..255)  

ipiaIpsecActGroupId 1.3.6.1.2.1.153.4.2.1.7.1.6
This object specifies the Diffie-Hellman group to use for phase 2 when the object ipiaIpsecActUsePfs is true and the object ipiaIpsecActUseIkeGroup is false. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number.
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIpsecActPeerGatewayIdName 1.3.6.1.2.1.153.4.2.1.7.1.7
This object indicates the peer id name of the peer gateway. This object can be used to look up the peer id value, address and other values in the ipiaPeerIdentityTable. This object is used when initiating a tunnel SA. This object is not used for transport SAs. If no value is set and ipiaIpsecActMode is tunnel, the peer gateway is determined from the source or destination address of the packet.
OBJECT-TYPE    
  STRING Size(0..116)  

ipiaIpsecActUseIkeGroup 1.3.6.1.2.1.153.4.2.1.7.1.8
This object specifies whether or not to use the same GroupId for phase 2 as was used in phase 1. If UsePFS is false, this entry SHOULD be ignored.
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActGranularity 1.3.6.1.2.1.153.4.2.1.7.1.9
This object specifies how the proposed selector for the security association will be created. The selector is created by using the FilterList information. The selector can be subnet, address, porotocol, or port.
OBJECT-TYPE    
  INTEGER subnet(1), address(2), protocol(3), port(4)  

ipiaIpsecActMode 1.3.6.1.2.1.153.4.2.1.7.1.10
This object specifies the encapsulation of the IPsec SA to be negotiated.
OBJECT-TYPE    
  INTEGER tunnel(1), transport(2)  

ipiaIpsecActDFHandling 1.3.6.1.2.1.153.4.2.1.7.1.11
This object specifies the processing of DF bit by the negotiated IPsec tunnel. 1 - DF bit is copied. 2 - DF bit is set. 3 - DF bit is cleared.
OBJECT-TYPE    
  INTEGER copy(1), set(2), clear(3)  

ipiaIpsecActDoActionLogging 1.3.6.1.2.1.153.4.2.1.7.1.12
ipiaIpsecActDoActionLogging specifies whether or not an audit message SHOULD be logged when this ipsec SA is created.
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActDoPacketLogging 1.3.6.1.2.1.153.4.2.1.7.1.13
ipiaIpsecActDoPacketLogging specifies whether or not an audit message SHOULD be logged and if there is logging, how many bytes of the packet to place in the notification.
OBJECT-TYPE    
  SpdIPPacketLogging  

ipiaIpsecActLastChanged 1.3.6.1.2.1.153.4.2.1.7.1.14
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecActStorageType 1.3.6.1.2.1.153.4.2.1.7.1.15
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIpsecActRowStatus 1.3.6.1.2.1.153.4.2.1.7.1.16
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaSaNegotiationParametersTable 1.3.6.1.2.1.153.4.2.1.8
This table contains reusable parameters that can be pointed to by the ipiaIkeActionTable and ipiaIpsecActionTable. These parameters are reusable since it is likely an administrator will want to make global policy changes to lifetime parameters that apply to multiple actions. This table allows multiple rows in the other actions tables to reuse global lifetime parameters in this table by repeatedly pointing to a row cointained within this table.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaSaNegotiationParametersEntry

ipiaSaNegotiationParametersEntry 1.3.6.1.2.1.153.4.2.1.8.1
Contains the attributes of one row in the ipiaSaNegotiationParametersTable.
OBJECT-TYPE    
  IpiaSaNegotiationParametersEntry  

ipiaSaNegParamName 1.3.6.1.2.1.153.4.2.1.8.1.1
This object contains the administrative name of this SaNegotiationParametersEntry. This row can be referred to by this name in other policy action tables.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaSaNegParamMinLifetimeSecs 1.3.6.1.2.1.153.4.2.1.8.1.2
ipiaSaNegParamMinLifetimeSecs specifies the minimum seconds lifetime that will be accepted from the peer.
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamMinLifetimeKB 1.3.6.1.2.1.153.4.2.1.8.1.3
ipiaSaNegParamMinLifetimeKB specifies the minimum kilobyte lifetime that will be accepted from the peer.
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamRefreshThreshSecs 1.3.6.1.2.1.153.4.2.1.8.1.4
ipiaSaNegParamRefreshThreshSecs specifies what percentage of the seconds lifetime can expire before IKE SHOULD attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentage. A value of 100 indicates that the IPsec security association SHOULD not be renegotiated until the seconds lifetime has been completely reached.
OBJECT-TYPE    
  Unsigned32 1..100  

ipiaSaNegParamRefreshThresholdKB 1.3.6.1.2.1.153.4.2.1.8.1.5
ipiaSaNegParamRefreshThresholdKB specifies what percentage of the kilobyte lifetime can expire before IKE SHOULD attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentage. A value of 100 indicates that the IPsec security association SHOULD not be renegotiated until the kilobyte lifetime has been reached.
OBJECT-TYPE    
  Unsigned32 1..100  

ipiaSaNegParamIdleDurationSecs 1.3.6.1.2.1.153.4.2.1.8.1.6
ipiaSaNegParamIdleDurationSecs specifies how many seconds a security association MAY remain idle (i.e., no traffic protected using the security association) before it is deleted. A value of zero indicates that idle detection SHOULD NOT be used for the security association. Any non-zero value indicates the number of seconds the security association can remain unused.
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamLastChanged 1.3.6.1.2.1.153.4.2.1.8.1.7
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaSaNegParamStorageType 1.3.6.1.2.1.153.4.2.1.8.1.8
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaSaNegParamRowStatus 1.3.6.1.2.1.153.4.2.1.8.1.9
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaIkeActionProposalsTable 1.3.6.1.2.1.153.4.2.1.9
This table contains a list of all ike proposal names found within a given IKE Action.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeActionProposalsEntry

ipiaIkeActionProposalsEntry 1.3.6.1.2.1.153.4.2.1.9.1
a row containing one ike proposal reference
OBJECT-TYPE    
  IpiaIkeActionProposalsEntry  

ipiaIkeActPropPriority 1.3.6.1.2.1.153.4.2.1.9.1.1
The numeric priority of a given contained proposal inside an ike Action. This index SHOULD be used to order the proposals in an IKE Phase I negotiation, lowest value first (i.e. 0 first, then 1,2,etc...).
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIkeActPropName 1.3.6.1.2.1.153.4.2.1.9.1.2
The administratively assigned name that can be used to reference a set of values contained within the ipiaIkeProposalTable. An attempt to set this object to a value that doesn't exist in the ipiaIkeProposalTable MUST result in an inconsistentValue error.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActPropLastChanged 1.3.6.1.2.1.153.4.2.1.9.1.3
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIkeActPropStorageType 1.3.6.1.2.1.153.4.2.1.9.1.4
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIkeActPropRowStatus 1.3.6.1.2.1.153.4.2.1.9.1.5
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the ipiaIkeActionTable exists which has a matching ipiaIkeActName. II. Or at least one other active row in this table has a matching ipiaIkeActName.
OBJECT-TYPE    
  RowStatus  

ipiaIkeProposalTable 1.3.6.1.2.1.153.4.2.1.10
This table contains a list of IKE proposals which are used in an IKE negotiation.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeProposalEntry

ipiaIkeProposalEntry 1.3.6.1.2.1.153.4.2.1.10.1
One IKE proposal entry.
OBJECT-TYPE    
  IpiaIkeProposalEntry  

ipiaIkePropLifetimeDerivedKeys 1.3.6.1.2.1.153.4.2.1.10.1.1
ipiaIkePropLifetimeDerivedKeys specifies the number of times that a phase 1 key will be used to derive a phase 2 key before the phase 1 security association needs renegotiated.
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropCipherAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.2
ipiaIkePropCipherAlgorithm specifies the proposed phase 1 security association encryption algorithm.
OBJECT-TYPE    
  IkeEncryptionAlgorithm  

ipiaIkePropCipherKeyLength 1.3.6.1.2.1.153.4.2.1.10.1.3
This object specifies, in bits, the key length for the cipher algorithm used in IKE Phase 1 negotiation.
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropCipherKeyRounds 1.3.6.1.2.1.153.4.2.1.10.1.4
This object specifies the number of key rounds for the cipher algorithm used in IKE Phase 1 negotiation.
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropHashAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.5
ipiaIkePropHashAlgorithm specifies the proposed phase 1 security assocation hash algorithm.
OBJECT-TYPE    
  IkeHashAlgorithm  

ipiaIkePropPrfAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.6
ipPRFAlgorithm specifies the proposed phase 1 security association psuedo-random function. Note: currently no prf algorithms are defined.
OBJECT-TYPE    
  INTEGER reserved(0)  

ipiaIkePropVendorId 1.3.6.1.2.1.153.4.2.1.10.1.7
The VendorID property is used to identify vendor-defined key exchange GroupIDs.
OBJECT-TYPE    
  STRING Size(0..255)  

ipiaIkePropDhGroup 1.3.6.1.2.1.153.4.2.1.10.1.8
This object specifies the proposed phase 1 security association Diffie-Hellman group
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIkePropAuthenticationMethod 1.3.6.1.2.1.153.4.2.1.10.1.9
This object specifies the proposed authentication method for the phase 1 security association.
OBJECT-TYPE    
  IkeAuthMethod  

ipiaIkePropMaxLifetimeSecs 1.3.6.1.2.1.153.4.2.1.10.1.10
ipiaIkePropMaxLifetimeSecs specifies the maximum amount of time to propose a security association remain valid. A value of 0 indicates that the default lifetime of 8 hours SHOULD be used.
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropMaxLifetimeKB 1.3.6.1.2.1.153.4.2.1.10.1.11
ipiaIkePropMaxLifetimeKB specifies the maximum kilobyte lifetime to propose a security association remain valid.
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropLastChanged 1.3.6.1.2.1.153.4.2.1.10.1.12
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIkePropStorageType 1.3.6.1.2.1.153.4.2.1.10.1.13
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIkePropRowStatus 1.3.6.1.2.1.153.4.2.1.10.1.14
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaIpsecProposalsTable 1.3.6.1.2.1.153.4.2.1.11
This table lists one or more IPsec proposals for IPsec actions.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecProposalsEntry

ipiaIpsecProposalsEntry 1.3.6.1.2.1.153.4.2.1.11.1
An entry containing (possibly a portion of) a proposal.
OBJECT-TYPE    
  IpiaIpsecProposalsEntry  

ipiaIpsecPropName 1.3.6.1.2.1.153.4.2.1.11.1.1
The name of this proposal.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecPropPriority 1.3.6.1.2.1.153.4.2.1.11.1.2
The priority level (AKA sequence level) of this proposal. A lower number indicates a higher precedence (0 before 1, etc..).
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIpsecPropProtocolId 1.3.6.1.2.1.153.4.2.1.11.1.3
The protocol Id for the transforms for this proposal. The protoIsakmp(1) value is not valid for this object. This object, along with the ipiaIpsecPropTransformsName, is the index into the ipiaIpsecTransformsTable.
OBJECT-TYPE    
  IpsecDoiSecProtocolId  

ipiaIpsecPropTransformsName 1.3.6.1.2.1.153.4.2.1.11.1.4
The name of the transform or group of transforms for this protocol. This object, along with the ipiaIpsecPropProtocolId, is the index into the ipiaIpsecTransformsTable. An attempt to set this object to a value that does not exist in the ipiaIpsecTransformTable MUST result in an inconsistentValue error.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecPropLastChanged 1.3.6.1.2.1.153.4.2.1.11.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecPropStorageType 1.3.6.1.2.1.153.4.2.1.11.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIpsecPropRowStatus 1.3.6.1.2.1.153.4.2.1.11.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This row MUST NOT be set to active until the corresponding row(s) in the ipiaIpsecTransformsTable exists and is active. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the ipiaIkeActionProposalTable exists which has a matching ipiaIpsecPropName. II. Or at least one other active row in this table has a matching ipiaIpsecPropName.
OBJECT-TYPE    
  RowStatus  

ipiaIpsecTransformsTable 1.3.6.1.2.1.153.4.2.1.12
This table lists the IPsec proposals contained within a given IPsec action and the transforms within each of those proposals. These proposals and transforms can then be used to create phase 2 negotiation proposals.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecTransformsEntry

ipiaIpsecTransformsEntry 1.3.6.1.2.1.153.4.2.1.12.1
An entry containing the information on an IPsec transform.
OBJECT-TYPE    
  IpiaIpsecTransformsEntry  

ipiaIpsecTranType 1.3.6.1.2.1.153.4.2.1.12.1.1
The protocol type for this transform. The protoIsakmp(1) value is not valid for this object.
OBJECT-TYPE    
  IpsecDoiSecProtocolId  

ipiaIpsecTranName 1.3.6.1.2.1.153.4.2.1.12.1.2
The name for this transform or group of transforms.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecTranPriority 1.3.6.1.2.1.153.4.2.1.12.1.3
The priority level (AKA sequence level) of the this transform within the group of transforms (0 before 1, etc...). This indicates the preference for which algorithms are requested when the list of transforms are sent to the remote host. A lower number indicates a higher precedence.
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIpsecTranTransformName 1.3.6.1.2.1.153.4.2.1.12.1.4
The name for the given transform. Depending on the value of ipiaIpsecTranType, this value is used to lookup the transform's specific parameters in the ipiaAhTransformTable, the ipiaEspTransformTable or the ipiaIpcompTransformTable.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecTranLastChanged 1.3.6.1.2.1.153.4.2.1.12.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecTranStorageType 1.3.6.1.2.1.153.4.2.1.12.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIpsecTranRowStatus 1.3.6.1.2.1.153.4.2.1.12.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This row MUST NOT be set to active until the corresponding row in the ipiaAhTransformTable, ipiaEspTransformTable or the ipiaIpcompTransformTable exists. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the IpiaIpsecProposalsTable exists which has a matching ipiaIpsecPropTransformsName. II. Or at least one other active row in this table has a matching ipiaIpsecPropTransformsName.
OBJECT-TYPE    
  RowStatus  

ipiaIkeIdentityTable 1.3.6.1.2.1.153.4.2.1.13
IKEIdentity is used to represent the identities that are used for an IPProtocolEndpoint (or collection of IPProtocolEndpoints) to identify itself in IKE phase 1 negotiations. The column ipiaIkeActIdentityType and ipiaIkeIdentityContext in an ipiaIkeActionEntry together with the spdEndGroupInterface in the spdEndpointToGroupTable specifies the unique identity to use in a negotiation exchange.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeIdentityEntry

ipiaIkeIdentityEntry 1.3.6.1.2.1.153.4.2.1.13.1
ikeIdentity lists the attributes of an IKE identity.
OBJECT-TYPE    
  IpiaIkeIdentityEntry  

ipiaIkeIdCredentialName 1.3.6.1.2.1.153.4.2.1.13.1.1
This value is used as an index into the ipiaCredentialFilterTable to look up the actual credential value and other credential information. For ID's without associated credential information, this value is left blank. For ID's that are address types, this value MAY be left blank and the associated IPProtocolEndpoint or appropriate member of the Collection of endpoints is used.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIkeIdLastChanged 1.3.6.1.2.1.153.4.2.1.13.1.2
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIkeIdStorageType 1.3.6.1.2.1.153.4.2.1.13.1.3
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIkeIdRowStatus 1.3.6.1.2.1.153.4.2.1.13.1.4
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaAutostartIkeTable 1.3.6.1.2.1.153.4.2.1.14
The parameters in the autostart IKE Table are used to automatically initiate IKE phaes I and II (i.e. IPsec) negotiations on startup. It also will initiate IKE phase I and II negotiations for a row at the time of that row's creation
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaAutostartIkeEntry

ipiaAutostartIkeEntry 1.3.6.1.2.1.153.4.2.1.14.1
autostart ike provides the set of parameters to automatically start IKE and IPsec SA's.
OBJECT-TYPE    
  IpiaAutostartIkeEntry  

ipiaAutoIkePriority 1.3.6.1.2.1.153.4.2.1.14.1.1
ipiaAutoIkePriority is an index into the autostartIkeAction table and can be used to order the autostart IKE actions (0 before 1, etc...).
OBJECT-TYPE    
  Integer32 0..65535  

ipiaAutoIkeAction 1.3.6.1.2.1.153.4.2.1.14.1.2
This pointer is used to point to the action or compound action that is initiated by this row. This value can be used to indicate a scalar or a row in a table. When indicating a row in a table, this value MUST point to the first column instance in that row. If this column is set to a VariablePointer value which references a non-existent row in an otherwise supported table or if the table or scalar pointed to by the VariablePointer is not supported at all, the inconsistentValue exception MUST be returned. If during packet processing this column has a value that references a non-existent or non-supported object, the packet MUST be dropped.
OBJECT-TYPE    
  VariablePointer  

ipiaAutoIkeAddressType 1.3.6.1.2.1.153.4.2.1.14.1.3
The property ipiaAutoIkeAddressType specifies the format of the autoIke source and destination Address values.
OBJECT-TYPE    
  InetAddressType  

ipiaAutoIkeSourceAddress 1.3.6.1.2.1.153.4.2.1.14.1.4
The property autoIkeSourecAddress specifies Source IP address for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipiaAutoIkeAddressType property.
OBJECT-TYPE    
  InetAddress  

ipiaAutoIkeSourcePort 1.3.6.1.2.1.153.4.2.1.14.1.5
The property ipiaAutoIkeSourcePort specifies the port number for the source port for auotstarting IKE SA's. The value of 0 for this object is illegal.
OBJECT-TYPE    
  InetPortNumber  

ipiaAutoIkeDestAddress 1.3.6.1.2.1.153.4.2.1.14.1.6
The property ipiaAutoIkeDestAddress specifies the Destination IP address for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipiaAutoIkeAddressType property.
OBJECT-TYPE    
  InetAddress  

ipiaAutoIkeDestPort 1.3.6.1.2.1.153.4.2.1.14.1.7
The property ipiaAutoIkeDestPort specifies the port number for the destination port for auotstarting IKE SA's. The value of 0 for this object is illegal.
OBJECT-TYPE    
  InetPortNumber  

ipiaAutoIkeProtocol 1.3.6.1.2.1.153.4.2.1.14.1.8
The property Protocol specifies the protocol number used in comparing with policy filter entries and used in any phase 2 negotiations.
OBJECT-TYPE    
  Unsigned32 0..255  

ipiaAutoIkeLastChanged 1.3.6.1.2.1.153.4.2.1.14.1.9
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaAutoIkeStorageType 1.3.6.1.2.1.153.4.2.1.14.1.10
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaAutoIkeRowStatus 1.3.6.1.2.1.153.4.2.1.14.1.11
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This object MUST NOT be set to active until the object to which the ipiaAutoIkeAction points to exists and is active. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaIpsecCredMngServiceTable 1.3.6.1.2.1.153.4.2.1.15
A table of Credential Management Service values. This table is usually used for credential/certificate values that are used with a management service (e.g. Certificate Authorities).
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecCredMngServiceEntry

ipiaIpsecCredMngServiceEntry 1.3.6.1.2.1.153.4.2.1.15.1
A row in the ipiaIpsecCredMngServiceTable.
OBJECT-TYPE    
  IpiaIpsecCredMngServiceEntry  

ipiaIcmsName 1.3.6.1.2.1.153.4.2.1.15.1.1
This is an administratively assigned string used to index this table.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIcmsDistinguishedName 1.3.6.1.2.1.153.4.2.1.15.1.2
This value represents the Distinguished Name of the Credential Management Service.
OBJECT-TYPE    
  STRING Size(1..256)  

ipiaIcmsPolicyStatement 1.3.6.1.2.1.153.4.2.1.15.1.3
This Value represents the Credential Management Service Policy Statement, or a reference describing how to obtain it (e.g., a URL). If one doesn't exist, this value can be left blank
OBJECT-TYPE    
  STRING Size(0..1024)  

ipiaIcmsMaxChainLength 1.3.6.1.2.1.153.4.2.1.15.1.4
This value is the maximum length of the chain allowble from the Credential Management Service to the credential in question.
OBJECT-TYPE    
  Integer32 0..255  

ipiaIcmsCredentialName 1.3.6.1.2.1.153.4.2.1.15.1.5
This value is used as an index into the ipiaCredentialFilterTable to look up the actual credential value.
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIcmsLastChanged 1.3.6.1.2.1.153.4.2.1.15.1.6
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaIcmsStorageType 1.3.6.1.2.1.153.4.2.1.15.1.7
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaIcmsRowStatus 1.3.6.1.2.1.153.4.2.1.15.1.8
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaCredMngCRLTable 1.3.6.1.2.1.153.4.2.1.16
A table of the Credential Revocation Lists (CRL) for credential managment services.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaCredMngCRLEntry

ipiaCredMngCRLEntry 1.3.6.1.2.1.153.4.2.1.16.1
A row in the ipiaCredMngCRLTable.
OBJECT-TYPE    
  IpiaCredMngCRLEntry  

ipiaCmcCRLName 1.3.6.1.2.1.153.4.2.1.16.1.1
This is an administratively assigned string used to index this table. It represents a CRL for a given CA from a given distribution point.
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaCmcDistributionPoint 1.3.6.1.2.1.153.4.2.1.16.1.2
This Value represents a Distribution Point for a Credential Revocation List. It can be relative to the Credential Management Service or a full name (URL, e-mail, etc...).
OBJECT-TYPE    
  STRING Size(0..256)  

ipiaCmcThisUpdate 1.3.6.1.2.1.153.4.2.1.16.1.3
This value is the issue date of this CRL. This SHOULD be in utctime or generalizedtime.
OBJECT-TYPE    
  STRING Size(0..32)  

ipiaCmcNextUpdate 1.3.6.1.2.1.153.4.2.1.16.1.4
This value indicates the date the next version of this CRL will be issued. This SHOULD be in utctime or generalizedtime.
OBJECT-TYPE    
  STRING Size(0..32)  

ipiaCmcLastChanged 1.3.6.1.2.1.153.4.2.1.16.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaCmcStorageType 1.3.6.1.2.1.153.4.2.1.16.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaCmcRowStatus 1.3.6.1.2.1.153.4.2.1.16.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaRevokedCertificateTable 1.3.6.1.2.1.153.4.2.1.17
A table of Credentials revoked by credential managment services. That is, this table is a table of Certificates that are on CRL's, Credential Revocation Lists.
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaRevokedCertificateEntry

ipiaRevokedCertificateEntry 1.3.6.1.2.1.153.4.2.1.17.1
A row in the ipiaRevokedCertificateTable.
OBJECT-TYPE    
  IpiaRevokedCertificateEntry  

ipiaRctCertSerialNumber 1.3.6.1.2.1.153.4.2.1.17.1.1
This value is the serial number of the revoked certificate.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

ipiaRctRevokedDate 1.3.6.1.2.1.153.4.2.1.17.1.2
This value is the revocation date of the certificate. This SHOULD be in utctime or generaltime.
OBJECT-TYPE    
  STRING Size(0..32)  

ipiaRctRevokedReason 1.3.6.1.2.1.153.4.2.1.17.1.3
This value is the reason this certificate was revoked.
OBJECT-TYPE    
  INTEGER unspecified(1), keyCompromise(2), cACompromise(3), affiliationChanged(4), superseded(5), cessationOfOperation(6), certificateHold(7), removeFromCRL(8)  

ipiaRctLastChanged 1.3.6.1.2.1.153.4.2.1.17.1.4
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
OBJECT-TYPE    
  TimeStamp  

ipiaRctStorageType 1.3.6.1.2.1.153.4.2.1.17.1.5
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
OBJECT-TYPE    
  StorageType  

ipiaRctRowStatus 1.3.6.1.2.1.153.4.2.1.17.1.6
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
OBJECT-TYPE    
  RowStatus  

ipiaNotificationVariables 1.3.6.1.2.1.153.4.2.2.1
OBJECT IDENTIFIER    

ipiaNotifications 1.3.6.1.2.1.153.4.2.2.0
OBJECT IDENTIFIER    

ipiaCompliances 1.3.6.1.2.1.153.4.2.3.1
OBJECT IDENTIFIER    

ipiaGroups 1.3.6.1.2.1.153.4.2.3.2
OBJECT IDENTIFIER    

ipiaIKECompliance 1.3.6.1.2.1.153.4.2.3.1.1
Only read-only access is required for compliance.
MODULE-COMPLIANCE    

ipiaRuleFilterCompliance 1.3.6.1.2.1.153.4.2.3.1.2
This object not required for compliance.
MODULE-COMPLIANCE    

ipiaStaticFilterGroup 1.3.6.1.2.1.153.4.2.3.2.1
The static filter group. Currently this is just a true filter.
OBJECT-GROUP    

ipiaCredentialFilterGroup 1.3.6.1.2.1.153.4.2.3.2.2
This group is made up of objects from the IPsec Policy Credential Filter Table.
OBJECT-GROUP    

ipiaPeerIdFilterGroup 1.3.6.1.2.1.153.4.2.3.2.3
This group is made up of objects from the IPsec Policy Peer Identity Filter Table.
OBJECT-GROUP    

ipiaStaticActionGroup 1.3.6.1.2.1.153.4.2.3.2.4
This group is made up of IPsec Policy Static Actions objects.
OBJECT-GROUP    

ipiaIkeGroup 1.3.6.1.2.1.153.4.2.3.2.5
This group is the set of objects that support IKE actions. These objects are from The IPsec Policy IKE Action Table, The IKE Action Proposals Table, The IKE Proposal Table, The autostart IKE Table and The IKE Identity Table, The Peer Identity Table, The Credential Management Service Table, and the shared table Negotiation Parameters Table (from the IPSEC-IPSECACTION-MIB.
OBJECT-GROUP    

ipiaIpsecGroup 1.3.6.1.2.1.153.4.2.3.2.6
This group is the set of objects that support IPsec actions. These objects are from The IPsec Policy IPsec Actions Table, The IPsec Proposal Table, and The IPsec Transform Table. This group also includes objects from the shared tables: Peer Identity Table, Credential Table, Negotiation Parameters Table, Credential Management Service Table and the AH, ESP, and IPComp Transform Table.
OBJECT-GROUP