ISAKMP-DOI-IND-MON-MIB

File: ISAKMP-DOI-IND-MON-MIB.mib (32605 bytes)

Imported modules

RFC-1215 SNMPv2-SMI SNMPv2-TC
SNMPv2-CONF INET-ADDRESS-MIB AMTEC-MIB
IPSEC-ISAKMP-IKE-DOI-TC

Imported symbols

TRAP-TYPE MODULE-IDENTITY OBJECT-TYPE
Counter32 Gauge32 Unsigned32
Counter64 NOTIFICATION-TYPE OBJECT-IDENTITY
experimental TEXTUAL-CONVENTION TruthValue
OBJECT-GROUP NOTIFICATION-GROUP MODULE-COMPLIANCE
InetAddressType InetAddress ike
IsakmpDOI IsakmpExchangeType

Defined Types

InetAddressIPv4  
Represents an IPv4 network address: octets contents encoding 1-4 IP address network-byte order The corresponding InetAddressType value is ipv4(1).
TEXTUAL-CONVENTION    
  OCTET STRING Size(4)  

IsakmpCookie  
This data type is used to model ISAKMP cookies. This is a binary string of 8 octets in network byte-order.
TEXTUAL-CONVENTION    
  OCTET STRING Size(8)  

SaEntry  
SEQUENCE    
  saLocalIpAddressType InetAddressType
  saLocalIpAddress InetAddress
  saRemoteIpAddressType InetAddressType
  saRemoteIpAddress InetAddressIPv4
  saInitiatorCookie IsakmpCookie
  saResponderCookie IsakmpCookie
  saLocalUdpPort INTEGER
  saRemoteUdpPort INTEGER
  saPeerMajorVersion INTEGER
  saPeerMinorVersion INTEGER
  saDoi IsakmpDOI
  saLocallyInitiated TruthValue
  saStatus INTEGER
  saExchangeType IsakmpExchangeType
  saTimeSeconds Counter32
  saInPackets Counter32
  saOutPackets Counter32
  saInOctets Counter32
  saOutOctets Counter32
  saByCreatorsIndex Unsigned32

Defined Values

isakmpDoiIndMonModule 1.3.6.1.4.1.1954.3.10.2
The MIB module to describe the DOI-independent part of ISAKMP objects; to be used for monitoring purposes.
MODULE-IDENTITY    

isakmpDoiIndMIBObjects 1.3.6.1.4.1.1954.3.10.2.1
This is the base object identifier for all ISAKMP branches.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpSaTable 1.3.6.1.4.1.1954.3.10.2.1.1
This is the base object identifier for the security associations table.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpGlobals 1.3.6.1.4.1.1954.3.10.2.1.2
This is the base object identifier for all objects which are global values for ISAKMP.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpNegStats 1.3.6.1.4.1.1954.3.10.2.1.3
This is the base object identifier for all objects which are global counters for ISAKMP negotiation statistics.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpTrafStats 1.3.6.1.4.1.1954.3.10.2.1.4
This is the base object identifier for all objects which are global counters for ISAKMP security association traffic statistics.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpErrors 1.3.6.1.4.1.1954.3.10.2.1.5
This is the base object identifier for all objects which are global error counters for ISAKMP.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpGroups 1.3.6.1.4.1.1954.3.10.2.1.6
This is the base object identifier for all objects which describe the groups in this MIB.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpConformance 1.3.6.1.4.1.1954.3.10.2.1.7
This is the base object identifier for all objects which describe the conformance for this MIB.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpTrapControl 1.3.6.1.4.1.1954.3.10.2.1.8
This is the base object identifier for all trap controls for this MIB.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpTraps 1.3.6.1.4.1.1954.3.10.2.1.9
This is the base object identifier for all traps for this MIB.
Status: current Access: read-write
OBJECT-IDENTITY    

isakmpTrapObjects 1.3.6.1.4.1.1954.3.10.2.1.10
This is the base object identifier for all objects used by traps for this MIB.
Status: current Access: read-write
OBJECT-IDENTITY    

saTable 1.3.6.1.4.1.1954.3.10.2.1.1.1
The (conceptual) table containing the DOI-independent portion of ISAKMP SAs. There should be one row for every phase 1 security association that exists in the entity that uses ISAKMP. The maximum number of rows is implementation dependent.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    SaEntry

saEntry 1.3.6.1.4.1.1954.3.10.2.1.1.1.1
An entry (conceptual row) containing the DOI-independent information on a particular ISAKMP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
Status: current Access: not-accessible
OBJECT-TYPE    
  SaEntry  

saLocalIpAddressType 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.1
The type of the local address used to negotiate the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

saLocalIpAddress 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.2
The local address used to negotiate the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

saRemoteIpAddressType 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.3
The type of the remote address used to negotiate the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

saRemoteIpAddress 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.4
The remote address used to negotiate the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressIPv4  

saInitiatorCookie 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.5
The value of the cookie used by the initiator for the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  IsakmpCookie  

saResponderCookie 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.6
The value of the cookie used by the responder for the ISAKMP phase 1 SA. Note that this value may be 0 if the ISAKMP phase 1 SA has been initiated but not responded to by the peer entity. It must never be 0 if this entry represents an ISAKMP phase 1 SA establishment attempt that has been initiated by the peer. This rule prevents index collisions in the (unlikely) event that two peers simultaneously initiate with the same cookie at the same time.
Status: current Access: read-only
OBJECT-TYPE    
  IsakmpCookie  

saLocalUdpPort 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.7
The local UDP port number that this ISAKMP phase 1 SA was negotiated with.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

saRemoteUdpPort 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.8
The remote UDP port number that this ISAKMP phase 1 SA was negotiated with.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

saPeerMajorVersion 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.9
The major version number from the ISAKMP packet header used by the peer.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..15  

saPeerMinorVersion 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.10
The minor version number from the ISAKMP packet header used by the peer.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..15  

saDoi 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.11
The specific DOI value that this ISAKMP SA is using. Note that this value MAY be 0, as allowed by Section 3.4 of RFC 2408
Status: current Access: read-only
OBJECT-TYPE    
  IsakmpDOI  

saLocallyInitiated 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.12
This value is 'true' if the ISAKMP phase 1 SA was initiated by the local entity, and 'false' if initiated by the remote entity.
Status: current Access: read-only
OBJECT-TYPE    
  TruthValue  

saStatus 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.13
The status of the ISAKMP phase 1 SA. If the state is 'negotiating', it means that processing of the final packet of the phase 1 exchange is not yet complete. If the state is 'established', it means that processing of all packets associated with ISAKMP phase 1 SA negotation is complete, and the entities involved in the ISAKMP phase 1 SA are authenticated.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER negotiating(1), established(2)  

saExchangeType 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.14
The exchange type used to negotiate the ISAKMP phase 1 SA.
Status: current Access: read-only
OBJECT-TYPE    
  IsakmpExchangeType  

saTimeSeconds 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.15
The number of seconds the SA has existed. In other words, how old the SA is.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

saInPackets 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.16
The total number of packets received by the ISAKMP phase 1 SA, including un-encrypted packets used to negotiate the ISAKMP phase 1 SA, and any re-transmissions.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

saOutPackets 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.17
The total number of packets sent by the ISAKMP phase 1 SA, including un-encrypted packets used to negotiate the ISAKMP phase 1 SA, and any re-transmissions received.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

saInOctets 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.18
The amount of traffic measured in bytes received by the ISAKMP phase 1 SA. This includes encrypted and un-encrypted traffic used to negotiate the ISAKMP phase 1 SA, and any re- transmissions received.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

saOutOctets 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.19
The amount of traffic measured in bytes sent by the ISAKMP phase 1 SA. This includes encrypted and un-encrypted traffic used to negotiate the ISAKMP phase 1 SA, and any re- transmissions.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

saByCreatorsIndex 1.3.6.1.4.1.1954.3.10.2.1.1.1.1.20
A unique value, greater than zero, for each IKE phase 1 SA that exists between the two endpoints. It is recommended that values are assigned contiguously starting from 1.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 1..16777215  

isakmpMajorVersion 1.3.6.1.4.1.1954.3.10.2.1.2.1
The maximum major version number value capable of being supported by the entity.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..15  

isakmpMinorVersion 1.3.6.1.4.1.1954.3.10.2.1.2.2
The maximum minor version number value capable of being supported by the entity.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER 0..15  

isakmpCurrentSAs 1.3.6.1.4.1.1954.3.10.2.1.3.1
The current number of ISAKMP SAs in the entity.
Status: current Access: read-only
OBJECT-TYPE    
  Gauge32  

isakmpCurrentInitiatedSAs 1.3.6.1.4.1.1954.3.10.2.1.3.2
The current number of ISAKMP SAs successfully negotiated in the entity that were initiated by the entity.
Status: current Access: read-only
OBJECT-TYPE    
  Gauge32  

isakmpCurrentRespondedSAs 1.3.6.1.4.1.1954.3.10.2.1.3.3
The current number of ISAKMP SAs successfully negotiated in the entity that were initiated by the peer entity.
Status: current Access: read-only
OBJECT-TYPE    
  Gauge32  

isakmpTotalSAs 1.3.6.1.4.1.1954.3.10.2.1.3.4
The total number of ISAKMP SAs successfully negotiated in the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalInitiatedSAs 1.3.6.1.4.1.1954.3.10.2.1.3.5
The total number of ISAKMP SAs successfully negotiated in the entity since boot time that were initiated by the entity.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalRespondedSAs 1.3.6.1.4.1.1954.3.10.2.1.3.6
The total number of ISAKMP SAs successfully negotiated in the entity since boot time that were initiated by the peer entity.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalAttempts 1.3.6.1.4.1.1954.3.10.2.1.3.7
The total number of ISAKMP SAs negotiation attempts made since boot time. This includes successful negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalAsInitAttempts 1.3.6.1.4.1.1954.3.10.2.1.3.8
The total number of ISAKMP SAs negotiation attempts made where the entity was the initiator since boot time. This includes successful negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalAsRespAttempts 1.3.6.1.4.1.1954.3.10.2.1.3.9
The total number of ISAKMP SAs negotiation attempts made where the entity was the responder since boot time. This includes successful negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalInPackets 1.3.6.1.4.1.1954.3.10.2.1.4.1
The total number of ISAKMP packets received by the entity since boot time, including re-transmissions and un-encrypted packets.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalOutPackets 1.3.6.1.4.1.1954.3.10.2.1.4.2
The total number of ISAKMP packets sent by the entity since boot time, including re-transmissions and un-encrypted packets.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalInOctets 1.3.6.1.4.1.1954.3.10.2.1.4.3
The total amount of ISAKMP traffic received by the entity since boot time, measured in bytes, including any re- transmitted packets received, and including encrypted and un-encrypted packets.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalOutOctets 1.3.6.1.4.1.1954.3.10.2.1.4.4
The total amount of ISAKMP traffic sent by the entity since boot time, measured in bytes, including any re-transmissions and including encrypted and un-encrypted packets.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalInitFailures 1.3.6.1.4.1.1954.3.10.2.1.5.1
The total number of attempts to initiate an ISAKMP phase 1 SA that failed since boot time, when there was a response from the peer entity. This value may be used to detect clogging or denial-of- service attacks.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalInitNoResponses 1.3.6.1.4.1.1954.3.10.2.1.5.2
The total number of attempts to initiate an ISAKMP phase 1 SA that failed since boot time, when there was no response from the peer entity. This should only be incremented if the peer does not repond to the first packet of attempted negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpTotalRespFailures 1.3.6.1.4.1.1954.3.10.2.1.5.3
The total number of attempts to initiate an ISAKMP phase 1 SA that failed since boot time, when the initiation attempt came for the peer entity.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

isakmpInvalidCookieCount 1.3.6.1.4.1.1954.3.10.2.1.5.4
The total number of ISAKMP packets with invalid cookies received by the entity since boot time.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

invalidCookieTrapEnable 1.3.6.1.4.1.1954.3.10.2.1.8.1
Indicates whether invalidCookieTrap traps should be generated.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

localIpAddressType 1.3.6.1.4.1.1954.3.10.2.1.10.1
The type of the local IP address used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddressType  

localIpAddress 1.3.6.1.4.1.1954.3.10.2.1.10.2
The local IP address used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddress  

localUdpPort 1.3.6.1.4.1.1954.3.10.2.1.10.3
The local port UDP number used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  INTEGER 0..65535  

remoteIpAddressType 1.3.6.1.4.1.1954.3.10.2.1.10.4
The type of the remote IP used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddressType  

remoteIpAddress 1.3.6.1.4.1.1954.3.10.2.1.10.5
The remote IPaddress used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  IsakmpCookie  

remoteUdpPort 1.3.6.1.4.1.1954.3.10.2.1.10.6
The remote UDP port number used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  INTEGER 0..65535  

initiatorCookie 1.3.6.1.4.1.1954.3.10.2.1.10.7
The initiator cookie used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  IsakmpCookie  

responderCookie 1.3.6.1.4.1.1954.3.10.2.1.10.8
The responder cookie used in an ISAKMP message, to be associated with a trap.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  IsakmpCookie  

invalidCookieTrap 24578
ISAKMP packets with invalid cookies were detected from the specified source, intended for the specified destination. The initiator and responder cookies are also sent with the trap. The current count is sent to allow the trap to accurately relfect dropped and throttled traps. Implementations SHOULD send one trap per peer (within a reasonable time period, rather than sending one trap per packet.
TRAP-TYPE    

isakmpSaGroup 1.3.6.1.4.1.1954.3.10.2.1.6.1
A collection of objects that describe the state of the security associations of the ISAKMP protocol.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

isakmpGlobalsGroup 1.3.6.1.4.1.1954.3.10.2.1.6.2
A collections of objects that describe the global state of the ISAKMP protocol.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

isakmpTrapControlGroup 1.3.6.1.4.1.1954.3.10.2.1.6.3
Trap control for the ISAKMP protocol.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

isakmpTrapDataGroup 1.3.6.1.4.1.1954.3.10.2.1.6.4
Trap data for the ISAKMP protocol.
Status: current Access: accessible-for-notify
OBJECT-GROUP    

isakmpTrapGroup 1.3.6.1.4.1.1954.3.10.2.1.6.5
The traps for the ISAKMP protocol.
Status: current Access: accessible-for-notify
NOTIFICATION-GROUP    

isakmpDoiIndependentMonitorCompliance 1.3.6.1.4.1.1954.3.10.2.1.7.1
The compliance statement for the SNMPv3 entities which implement the ISAKMP DOI-Indpendent Monitoring MIB.
Status: current Access: read-only
MODULE-COMPLIANCE