CISCO-TRUSTSEC-SXP-MIB

File: CISCO-TRUSTSEC-SXP-MIB.mib (77963 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
SNMP-FRAMEWORK-MIB INET-ADDRESS-MIB IF-MIB
CISCO-TRUSTSEC-TC-MIB CISCO-TC CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Unsigned32
Gauge32 NOTIFICATION-TYPE MODULE-COMPLIANCE
OBJECT-GROUP NOTIFICATION-GROUP RowStatus
StorageType TruthValue SnmpAdminString
InetAddressType InetAddress InetAddressPrefixLength
InterfaceIndexOrZero CtsSecurityGroupTag CtsPasswordEncryptionType
CtsPassword CiscoVrfName ciscoMgmt

Defined Types

CtsxSxpConnectionEntry  
SEQUENCE    
  ctsxSxpConnVrfName CiscoVrfName
  ctsxSxpConnPeerAddrType InetAddressType
  ctsxSxpConnPeerAddr InetAddress
  ctsxSxpConnSourceAddrType InetAddressType
  ctsxSxpConnSourceAddr InetAddress
  ctsxSxpConnOperSourceAddrType InetAddressType
  ctsxSxpConnOperSourceAddr InetAddress
  ctsxSxpConnPasswordUsed INTEGER
  ctsxSxpConnConfigPasswordType CtsPasswordEncryptionType
  ctsxSxpConnConfigPassword CtsPassword
  ctsxSxpConnViewPasswordType CtsPasswordEncryptionType
  ctsxSxpConnViewPassword CtsPassword
  ctsxSxpConnModeLocation INTEGER
  ctsxSxpConnMode INTEGER
  ctsxSxpConnInstance Unsigned32
  ctsxSxpConnStatusLastChange Unsigned32
  ctsxSxpConnStatus INTEGER
  ctsxSxpVrfId Unsigned32
  ctsxSxpConnStorageType StorageType
  ctsxSxpConnRowStatus RowStatus
  ctsxSxpConnVersion INTEGER
  ctsxSxpConnSpeakerMinHoldTime Unsigned32
  ctsxSxpConnListenerMinHoldTime Unsigned32
  ctsxSxpConnListenerMaxHoldTime Unsigned32
  ctsxSxpConnHoldTime Unsigned32
  ctsxSxpConnCapability BITS

CtsxIpSgtMappingEntry  
SEQUENCE    
  ctsxIpSgtMappingVrfId Unsigned32
  ctsxIpSgtMappingAddrType InetAddressType
  ctsxIpSgtMappingAddr InetAddress
  ctsxIpSgtMappingPeerAddrType InetAddressType
  ctsxIpSgtMappingPeerAddr InetAddress
  ctsxIpSgtMappingSgt CtsSecurityGroupTag
  ctsxIpSgtMappingInstance Unsigned32
  ctsxIpSgtMappingVrfName CiscoVrfName
  ctsxIpSgtMappingStatus INTEGER

CtsxSxpSgtMapEntry  
SEQUENCE    
  ctsxSxpSgtMapVrfId Unsigned32
  ctsxSxpSgtMapAddrType InetAddressType
  ctsxSxpSgtMapAddr InetAddress
  ctsxSxpSgtMapAddrPrefixLength InetAddressPrefixLength
  ctsxSxpSgtMapPeerAddrType InetAddressType
  ctsxSxpSgtMapPeerAddr InetAddress
  ctsxSxpSgtMapSgt CtsSecurityGroupTag
  ctsxSxpSgtMapInstance Unsigned32
  ctsxSxpSgtMapVrfName CiscoVrfName
  ctsxSxpSgtMapPeerSeq OCTET STRING
  ctsxSxpSgtMapStatus INTEGER

Defined Values

ciscoTrustSecSxpMIB 1.3.6.1.4.1.9.9.720
This MIB module is for the configuration and status query of SGT Exchange Protocol over TCP (SXPoTCP) feature of the device on the Cisco's Trusted Security (TrustSec) system. Security Group Tag (SGT) identifying its source, assigned to a packet on ingress to a TrustSec cloud, and used to determine security and other policy to be applied to it along its path through the cloud. SXPoTCP protocol extends the original SGT Exchange Protocol (SXP) protocol to enable a much wider array of deployment scenarios. This MIB uses the term SXP to refer to SXPoTCP. TrustSec secures a network fabric by authenticating and authorizing each device connecting to the network, allowing for the encryption, authentication and replay protection of data traffic on a hop by hop basis. SXP allows the deployment of RBACL, a key component of the TrustSec architecture, in the absence of TrustSec capable hardware.
MODULE-IDENTITY    

ciscoTrustSecSxpMIBNotifs 1.3.6.1.4.1.9.9.720.0
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBObjects 1.3.6.1.4.1.9.9.720.1
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBConform 1.3.6.1.4.1.9.9.720.2
OBJECT IDENTIFIER    

ctsxSxpGlobalObjects 1.3.6.1.4.1.9.9.720.1.1
OBJECT IDENTIFIER    

ctsxSxpConnectionObjects 1.3.6.1.4.1.9.9.720.1.2
OBJECT IDENTIFIER    

ctsxSxpSgtObjects 1.3.6.1.4.1.9.9.720.1.3
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBNotifsControl 1.3.6.1.4.1.9.9.720.1.4
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBNotifsOnlyInfo 1.3.6.1.4.1.9.9.720.1.5
OBJECT IDENTIFIER    

ctsxSxpEnable 1.3.6.1.4.1.9.9.720.1.1.1
This object specifies if the SXP (Security Group Tag Exchange Protocol) functionality is enabled on the device.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpConfigDefaultPasswordType 1.3.6.1.4.1.9.9.720.1.1.2
This object specifies the type of encryption used to configure ctsxSxpConfigDefaultPassword string. When read, this object will always return 'other'. Value of this object must be set in the same PDU as ctsxSxpConfigDefaultPassword. Value of this object must be specified as 'clearText', 'typeSix' or 'typeSeven' to configure a non zero length password in ctsxSxpConfigDefaultPassword. Value for this object must be 'none' if ctsxSxpConfigDefaultPassword is a zero length string.
Status: current Access: read-write
OBJECT-TYPE    
  CtsPasswordEncryptionType  

ctsxSxpConfigDefaultPassword 1.3.6.1.4.1.9.9.720.1.1.3
This object specifies the default password for SXP connections. The type of encryption used to configure this password is determined by ctsxSxpConfigDefaultPasswordType. When read, this object will always return a zero length string. The value of this object must be set in the same PDU as ctsxSxpConfigDefaultPasswordType. A non zero length password must be specified for this object if the value of ctsxSxpConfigDefaultPasswordType is other than 'none' or 'other'. Value for this object must be a zero length string if the value of ctsxSxpConfigDefaultPasswordType is 'none'. The purpose of this object is to only allow configuration of the default password. The ctsxSxpViewDefaultPassword object is used to display the default password.
Status: current Access: read-write
OBJECT-TYPE    
  CtsPassword  

ctsxSxpViewDefaultPasswordType 1.3.6.1.4.1.9.9.720.1.1.4
This object indicates the type of encryption in use for ctsxSxpViewDefaultPassword.
Status: current Access: read-only
OBJECT-TYPE    
  CtsPasswordEncryptionType  

ctsxSxpViewDefaultPassword 1.3.6.1.4.1.9.9.720.1.1.5
This object indicates the default password for SXP connections. The type of encryption used to display this password is determined by the object ctsxSxpViewDefaultPasswordType. The purpose of this object is to only display the password. The ctsxSxpConfigDefaultPassword object is used to configure the password.
Status: current Access: read-only
OBJECT-TYPE    
  CtsPassword  

ctsxSxpDefaultSourceAddrType 1.3.6.1.4.1.9.9.720.1.1.6
The type of Internet address of the default source address for SXP connections.
Status: current Access: read-write
OBJECT-TYPE    
  InetAddressType  

ctsxSxpDefaultSourceAddr 1.3.6.1.4.1.9.9.720.1.1.7
The Internet address to be used as default source address for SXP connections. The type of this address is determined by the ctsxSxpDefaultSourceAddrType object. This address will be used as source address for SXP connections that do not have specific source-IP address configured via ctsxSxpConnSourceAddr object.
Status: current Access: read-write
OBJECT-TYPE    
  InetAddress  

ctsxSxpRetryPeriod 1.3.6.1.4.1.9.9.720.1.1.8
This object specifies the amount of time after which the device will make the retry attempt for the SXP connections that are not setup successfully. A value of zero for this object indicates that the device will never try to establish connections that were not setup successfully.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

ctsxSxpReconPeriod 1.3.6.1.4.1.9.9.720.1.1.9
This object specifies the amount of time after which system will initiate removal of SGT mappings for a reconciled connection. A value of zero for this object indicates that SGT mappings for a reconciled connection will never be deleted.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

ctsxSxpBindingChangesLogEnable 1.3.6.1.4.1.9.9.720.1.1.10
This object specifies if the system will generate system logging messages for SXP binding changes. A value of 'false' will prevent system from generating logging messages for SXP binding changes.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSgtMapExpansionLimit 1.3.6.1.4.1.9.9.720.1.1.11
This object specifies the maximum number of SGT mapping entries that can be expanded on the system. Value of zero for this object indicates that SGT mapping expansion functionality is disabled.
Status: current Access: read-write
OBJECT-TYPE    
  Gauge32  

ctsxSgtMapExpansionCount 1.3.6.1.4.1.9.9.720.1.1.12
This object indicates the number of SGT mapping entries currently expanded on the system.
Status: current Access: read-only
OBJECT-TYPE    
  Gauge32  

ctsxSxpAdminNodeId 1.3.6.1.4.1.9.9.720.1.1.13
This object specifies the administrative SXP node ID for this system. Setting this object to a non-zero value will clear the values in ctsxSxpNodeIdInterface and ctsxSxpNodeIdIpAddrType. This object can be set only if ctsxSxpEnable is 'false'.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32  

ctsxSxpNodeIdInterface 1.3.6.1.4.1.9.9.720.1.1.14
This object specifies the interface to be used to select SXP node ID. Setting this object to a non-zero value will clear the values in ctsxSxpAdminNodeId and ctsxSxpNodeIdIpAddrType. This object can be set only if ctsxSxpEnable is 'false'.
Status: current Access: read-write
OBJECT-TYPE    
  InterfaceIndexOrZero  

ctsxSxpNodeIdIpAddrType 1.3.6.1.4.1.9.9.720.1.1.15
This object specifies the type of Internet address to be used to select the SXP node ID.
Status: current Access: read-write
OBJECT-TYPE    
  InetAddressType  

ctsxSxpNodeIdIpAddr 1.3.6.1.4.1.9.9.720.1.1.16
This object specifies the Internet address to be used to select the SXP node ID. The type of this address is determined by ctsxSxpOperNodeIdIpAddrType object. Setting this object to a non-zero length value will clear the values in ctsxSxpAdminNodeId and ctsxSxpNodeIdInterface. This object can be set only if ctsxSxpEnable is 'false'.
Status: current Access: read-write
OBJECT-TYPE    
  InetAddress  

ctsxSxpOperNodeId 1.3.6.1.4.1.9.9.720.1.1.17
This object indicates the operational SXP node ID of the system.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpSpeakerMinHoldTime 1.3.6.1.4.1.9.9.720.1.1.18
This object specifies the global minimum hold-time for SXP connections in 'speaker' mode.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32 1..65534  

ctsxSxpListenerMinHoldTime 1.3.6.1.4.1.9.9.720.1.1.19
This object specifies the global minimum hold-time for SXP connections in 'listener' mode. Value of this object must be lesser than ctsxSxpListenerMaxHoldTime.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32 1..65534  

ctsxSxpListenerMaxHoldTime 1.3.6.1.4.1.9.9.720.1.1.20
This object specifies the global maximum hold-time for SXP connections in 'listener' mode. Value of this object must be greater than ctsxSxpListenerMinHoldTime.
Status: current Access: read-write
OBJECT-TYPE    
  Unsigned32 1..65534  

ctsxSxpVersionSupport 1.3.6.1.4.1.9.9.720.1.1.21
The highest version of SXP protocol that this device supports. 'unknown' - The SXP protocol version capability for the device is unknown. 'one' - The device supports SXP protocol up to version 1. 'two' - The device supports SXP protocol up to version 2. 'three' - The device supports SXP protocol up to version 3. 'four' - The device supports SXP protocol up to version 4.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER unknown(1), one(2), two(3), three(4), four(5)  

ctsxSxpConnectionTable 1.3.6.1.4.1.9.9.720.1.2.1
A list of SXP peers configured on this device.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    CtsxSxpConnectionEntry

ctsxSxpConnectionEntry 1.3.6.1.4.1.9.9.720.1.2.1.1
An entry containing management information of a particular SXP peers.
Status: current Access: not-accessible
OBJECT-TYPE    
  CtsxSxpConnectionEntry  

ctsxSxpConnVrfName 1.3.6.1.4.1.9.9.720.1.2.1.1.1
The name of the Virtual Routing and Forwarding (VRF) table associated with this SXP connection. A zero length string implies that connection will be setup in the default virtual routing and forwarding domain.
Status: current Access: not-accessible
OBJECT-TYPE    
  CiscoVrfName  

ctsxSxpConnPeerAddrType 1.3.6.1.4.1.9.9.720.1.2.1.1.2
The type of Internet address of the peer SXP device.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressType  

ctsxSxpConnPeerAddr 1.3.6.1.4.1.9.9.720.1.2.1.1.3
The Internet address of the SXP peer device. The type of this address is determined by the value of ctsxSxpConnPeerAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddress Size(1..64)  

ctsxSxpConnSourceAddrType 1.3.6.1.4.1.9.9.720.1.2.1.1.4
The type of source Internet address that is configured for this SXP connection.
Status: current Access: read-create
OBJECT-TYPE    
  InetAddressType  

ctsxSxpConnSourceAddr 1.3.6.1.4.1.9.9.720.1.2.1.1.5
The source Internet address configured for this SXP connection. The type of this address is determined by the value of ctsxSxpConnSourceAddrType object. When specified, value of this object takes precedence over the ctsxSxpDefaultSourceAddr object.
Status: current Access: read-create
OBJECT-TYPE    
  InetAddress  

ctsxSxpConnOperSourceAddrType 1.3.6.1.4.1.9.9.720.1.2.1.1.6
The type of source Internet address that is in in use for this SXP connection.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

ctsxSxpConnOperSourceAddr 1.3.6.1.4.1.9.9.720.1.2.1.1.7
The source Internet address that is in use for this SXP connection. The type of this address is determined by the value of ctsxSxpConnSourceAddrType object.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

ctsxSxpConnPasswordUsed 1.3.6.1.4.1.9.9.720.1.2.1.1.8
This object specifies the type of password to be used for this SXP connection. 'none' - No password required for the SXP connection. 'default' - The default password which is specified by the object ctsxSxpViewDefaultPassword, will be used for the SXP connection. 'connectionSpecific' - The password specified by the ctsxSxpConnViewPassword object will be used for the connection.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER none(1), default(2), connectionSpecific(3)  

ctsxSxpConnConfigPasswordType 1.3.6.1.4.1.9.9.720.1.2.1.1.9
This object specifies the type of encryption used to configure ctsxSxpConnConfigPassword string. When read, this object will always return 'other'. Value for this object may be specified as 'clearText', 'typeSix' or 'typeSeven' if the value of the object ctsxSxpConnPasswordUsed is 'connectionSpecific'. Value for this object may not be specified if the value of ctsxSxpConnPasswordUsed is other than 'connectionSpecific'.
Status: current Access: read-create
OBJECT-TYPE    
  CtsPasswordEncryptionType  

ctsxSxpConnConfigPassword 1.3.6.1.4.1.9.9.720.1.2.1.1.10
This object is used to specify the password for this connection. The type of encryption used to configure this password is determined by ctsxSxpConnConfigPasswordType. When read, this object will always return a zero length string. A non zero length password must be specified for this object if the value of ctsxSxpConnConfigPasswordType is other than 'none' or 'other'. A value for this object may not be specified if the value of ctsxSxpConnPasswordUsed is other than 'connectionSpecific'. The purpose of this object is to only allow configuration of the password. The ctsxSxpConnViewPassword object is used to display the password.
Status: current Access: read-create
OBJECT-TYPE    
  CtsPassword  

ctsxSxpConnViewPasswordType 1.3.6.1.4.1.9.9.720.1.2.1.1.11
This object indicates the type of encryption in use for ctsxSxpConnViewPassword.
Status: current Access: read-only
OBJECT-TYPE    
  CtsPasswordEncryptionType  

ctsxSxpConnViewPassword 1.3.6.1.4.1.9.9.720.1.2.1.1.12
This object indicates the password associated with this connection. The type of encryption used to display this password is determined by the object ctsxSxpConnViewPasswordType. The purpose of this object is to only display the password. The ctsxSxpConnConfigPassword object is used to configure the password.
Status: current Access: read-only
OBJECT-TYPE    
  CtsPassword  

ctsxSxpConnModeLocation 1.3.6.1.4.1.9.9.720.1.2.1.1.13
This object specifies if ctsxSxpConnMode is applicable for local or the peer device. A value of 'local' indicates that ctsxSxpConnMode applies to the local device in this SXP connection. A value of 'peer' indicates that ctsxSxpConnMode applies to the peer device in this SXP connection.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER local(1), peer(2)  

ctsxSxpConnMode 1.3.6.1.4.1.9.9.720.1.2.1.1.14
This object specifies the device mode of this SXP connection. A value of 'speaker' indicates that device will acts as the speaker in this SXP connection. A value of 'listener' indicates that device will acts as the listener in this SXP connection.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER speaker(1), listener(2)  

ctsxSxpConnInstance 1.3.6.1.4.1.9.9.720.1.2.1.1.15
This object indicates the instance number associated with this SXP connection. The instance number is used to identify stale SGT mappings which need to be removed from the system.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpConnStatusLastChange 1.3.6.1.4.1.9.9.720.1.2.1.1.16
The amount of time elapsed since change in status of this SXP connection.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpConnStatus 1.3.6.1.4.1.9.9.720.1.2.1.1.17
This object indicates the status of this SXP connection. 'other' - Any other state not covered by below enumerations. 'off' - The SXP connection has been disconnected. SGT mappings are no longer learnt through SXP connection in this state. SGT mappings already learnt through this connection will be deleted. 'on' - The SXP connection has been successfully established. SGT mappings are learnt through this SXP connection. 'pendingOn' - A request to establish SXP connection has been sent to the peer and is pending. 'deleteHoldDown' - The SXP connection is not operational and delete hold-down timer has been started. If the SXP connection does not recover before the expiration of the hold-down timer, the SGT mappings learnt on this connection will be deleted. If the SXP connection recovers before the expiration of the hold-down timer, the SGT mappings learnt on this connection will not be deleted.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER other(1), off(2), on(3), pendingOn(4), deleteHoldDown(5)  

ctsxSxpVrfId 1.3.6.1.4.1.9.9.720.1.2.1.1.18
The numerical identifier associated with ctsxSxpConnVrfName.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpConnStorageType 1.3.6.1.4.1.9.9.720.1.2.1.1.19
The storage type of this conceptual row.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ctsxSxpConnRowStatus 1.3.6.1.4.1.9.9.720.1.2.1.1.20
The status of this conceptual row. Once a row becomes active, only the value in ctsxSxpConnModeLocation, ctsxSxpConnMode ctsxSxpConnSpeakerMinHoldTime, ctsxSxpConnListenerMinHoldTime, and ctsxSxpConnListenerMaxHoldTime within each a row can be modified.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ctsxSxpConnVersion 1.3.6.1.4.1.9.9.720.1.2.1.1.21
The version of SXP protocol in use for this connection. 'unknown' - Version of SXP protocol for this connection is unknown. 'one' - Connection is using version 1 of the SXP protocol. 'two' - Connection is using version 2 of the SXP protocol. 'three' - Connection is using version 3 of the SXP protocol. 'four' - Connection is using version 4 of the SXP protocol.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER unknown(1), one(2), two(3), three(4), four(5)  

ctsxSxpConnSpeakerMinHoldTime 1.3.6.1.4.1.9.9.720.1.2.1.1.22
This object specifies the minimum hold-time for this SXP connection when the device is acting as 'speaker'. Setting the object to zero indicates that the global value ctsxSxpSpeakerMinHoldTime will be used for the connection. Setting the object to 65535 indicates that the hold-time functionality has been disabled for the connection. Value of this object must be 65535 if the corresponding instance value of ctsxSxpConnListenerMinHoldTime is 65535. Value of this object should be ignored and can not be set if the corresponding instance values of ctsxSxpConnModeLocation is 'local' and ctsSxpConnMode is 'listener' or ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is 'speaker'.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 0 | 1..65534 | 65535  

ctsxSxpConnListenerMinHoldTime 1.3.6.1.4.1.9.9.720.1.2.1.1.23
This object specifies the minimum hold-time for this SXP connection when the device is acting as 'listener'. Value of this object must be lesser than ctsxSxpConnListenerMaxHoldTime. Setting the object to zero indicates that the global value ctsxSxpListenerMinHoldTime will be used for the connection. Value of this object must be zero if the value of corresponding instance value of ctsxSxpConnListenerMaxHoldTime is zero. Setting the object to 65535 indicates that hold-time functionality has been disabled for the connection. Value of this object must be 65535 if the corresponding instance value of ctsxSxpConnListenerMaxHoldTime is 65535. Value of this object should be ignored and can not be set if the corresponding instance value of ctsxSxpConnModeLocation is 'local' and ctsSxpConnMode is 'speaker' or ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is 'listener'.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 0 | 1..65534 | 65535  

ctsxSxpConnListenerMaxHoldTime 1.3.6.1.4.1.9.9.720.1.2.1.1.24
This object specifies the maximum hold-time for this SXP connection when the device is acting as 'listener'. Value of this object must be greater than ctsxSxpConnListenerMinHoldTime. Setting the object to zero indicates that the global value ctsxSxpListenerMaxHoldTime will be used for the connection. Value of this object must be zero if the corresponding instance value of ctsxSxpConnListenerMinHoldTime is zero. Setting the object to 65535 indicates that hold-time functionality has been disabled for the connection. Value of this object must be 65535 if the corresponding instance value ctsxSxpConnListenerMinHoldTime is 65535. Value of this object should be ignored and can not be set if the corresponding instance value of ctsxSxpConnModeLocation is 'local' and ctsSxpConnMode is 'speaker' or ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is 'listener'.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 0 | 1..65534 | 65535  

ctsxSxpConnHoldTime 1.3.6.1.4.1.9.9.720.1.2.1.1.25
This object indicates the hold-time in use for this SXP connection. A value of 0 indicates that hold-time functionality has been disabled for this connection.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpConnCapability 1.3.6.1.4.1.9.9.720.1.2.1.1.26
This object indicates the capability of SXP connection.
Status: current Access: read-only
OBJECT-TYPE    
  BITS ipv4(0), ipv6(1), subnet(2)  

ctsxIpSgtMappingTable 1.3.6.1.4.1.9.9.720.1.3.1
A list of SGT mappings learnt by this device. If the value of ctsxSxpConnVersion is 'three' or above, this table populates entries for all mapping addresses without prefix. Addresses with prefix are not populated in this table. ctsxSxpSgtMapTable should be used in such case.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    CtsxIpSgtMappingEntry

ctsxIpSgtMappingEntry 1.3.6.1.4.1.9.9.720.1.3.1.1
An entry containing management information about SGT mapping learnt by this device. An entry will be created for each SGT mappings the device learns via SXP. An entry will be deleted if SXP connection from where the SGT mappings was learnt is disconnected.
Status: current Access: not-accessible
OBJECT-TYPE    
  CtsxIpSgtMappingEntry  

ctsxIpSgtMappingVrfId 1.3.6.1.4.1.9.9.720.1.3.1.1.1
The VRF number identifying the VRF where this SGT mapping was learnt.
Status: current Access: not-accessible
OBJECT-TYPE    
  Unsigned32  

ctsxIpSgtMappingAddrType 1.3.6.1.4.1.9.9.720.1.3.1.1.2
The type of IP address in this SGT mapping.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressType  

ctsxIpSgtMappingAddr 1.3.6.1.4.1.9.9.720.1.3.1.1.3
The IP address in this SGT mapping. The type of this address is determined by the value of ctsxIpSgtMappingAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddress Size(1..48)  

ctsxIpSgtMappingPeerAddrType 1.3.6.1.4.1.9.9.720.1.3.1.1.4
The type of IP address of the SXP peer device from where this SGT mapping was learnt.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressType  

ctsxIpSgtMappingPeerAddr 1.3.6.1.4.1.9.9.720.1.3.1.1.5
The IP address of the peer SXP device from where this SGT mapping was learnt. The type of this address is determined by the value of ctsxIpSgtMappingPeerAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddress Size(1..48)  

ctsxIpSgtMappingSgt 1.3.6.1.4.1.9.9.720.1.3.1.1.6
The Security Group Tag (SGT) in this SGT mapping. ctsxIpSgtMappingAddr represents the IP address associated with this SGT.
Status: current Access: read-only
OBJECT-TYPE    
  CtsSecurityGroupTag  

ctsxIpSgtMappingInstance 1.3.6.1.4.1.9.9.720.1.3.1.1.7
This object indicates the instance number of the SXP connection from where this SGT mapping was learnt. The instance number is used to determine if an SGT mapping entry is stale and needs to be removed from the system.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxIpSgtMappingVrfName 1.3.6.1.4.1.9.9.720.1.3.1.1.8
The name of the VRF identified by ctsxIpSgtMappingVrfId.
Status: current Access: read-only
OBJECT-TYPE    
  CiscoVrfName  

ctsxIpSgtMappingStatus 1.3.6.1.4.1.9.9.720.1.3.1.1.9
This object indicates the status of this SGT mapping. 'other' - Any other state no covered by below enumerations. 'active' - The SGT mapping is currently active.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER other(1), active(2)  

ctsxSxpSgtMapTable 1.3.6.1.4.1.9.9.720.1.3.2
A list of SGT mappings learnt by this device.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    CtsxSxpSgtMapEntry

ctsxSxpSgtMapEntry 1.3.6.1.4.1.9.9.720.1.3.2.1
An entry containing management information about SGT mapping learnt by this device. An entry will be created for each of the SGT mappings the device learns via SXP. An entry will be deleted if SXP connection from where the SGT mappings was learnt is disconnected.
Status: current Access: not-accessible
OBJECT-TYPE    
  CtsxSxpSgtMapEntry  

ctsxSxpSgtMapVrfId 1.3.6.1.4.1.9.9.720.1.3.2.1.1
The VRF number identifying the VRF where this SGT mapping was learnt.
Status: current Access: not-accessible
OBJECT-TYPE    
  Unsigned32  

ctsxSxpSgtMapAddrType 1.3.6.1.4.1.9.9.720.1.3.2.1.2
The type of address in this SGT mapping.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressType  

ctsxSxpSgtMapAddr 1.3.6.1.4.1.9.9.720.1.3.2.1.3
The address in this SGT mapping. The type of this address is determined by the value of ctsxSxpSgtMapAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddress Size(1..48)  

ctsxSxpSgtMapAddrPrefixLength 1.3.6.1.4.1.9.9.720.1.3.2.1.4
This object indicates the length of the prefix associated with ctsxSxpSgtMapAddr. This object is always interpreted with the value of ctsxSxpSgtMapAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressPrefixLength  

ctsxSxpSgtMapPeerAddrType 1.3.6.1.4.1.9.9.720.1.3.2.1.5
The type of address of the SXP peer device from where this SGT mapping was learnt.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddressType  

ctsxSxpSgtMapPeerAddr 1.3.6.1.4.1.9.9.720.1.3.2.1.6
The address of the peer SXP device from where this SGT mapping was learnt. The type of this address is determined by the value of ctsxSxpSgtMapPeerAddrType object.
Status: current Access: not-accessible
OBJECT-TYPE    
  InetAddress Size(1..48)  

ctsxSxpSgtMapSgt 1.3.6.1.4.1.9.9.720.1.3.2.1.7
The Security Group Tag (SGT) in this SGT mapping. ctsxSxpSgtMapAddr represents the address associated with this SGT.
Status: current Access: read-only
OBJECT-TYPE    
  CtsSecurityGroupTag  

ctsxSxpSgtMapInstance 1.3.6.1.4.1.9.9.720.1.3.2.1.8
This object indicates the instance number of the SXP connection from where this SGT binding was learnt. The instance number is used to determine if an SGT mapping entry is stale and needs to be removed from the system.
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

ctsxSxpSgtMapVrfName 1.3.6.1.4.1.9.9.720.1.3.2.1.9
The name of the VRF identified by ctsxEnahncedSgtMapVrfId.
Status: current Access: read-only
OBJECT-TYPE    
  CiscoVrfName  

ctsxSxpSgtMapPeerSeq 1.3.6.1.4.1.9.9.720.1.3.2.1.10
The Peer Sequence associated with this SGT mapping entry. It is a sequence of node IDs though which SGT mapping has traversed. Each node ID is 4 octets long. The octets 1 to 4 represent the first node ID in the sequence, octets 5 to 8 represent the second node ID in the sequence and so on.
Status: current Access: read-only
OBJECT-TYPE    
  OCTET STRING  

ctsxSxpSgtMapStatus 1.3.6.1.4.1.9.9.720.1.3.2.1.11
This object indicates the status of this SGT mapping. 'other' - Any other state no covered by below enumerations. 'active' - The SGT mapping is currently active.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER other(1), active(2)  

ctsxSxpConnSourceAddrErrNotifEnable 1.3.6.1.4.1.9.9.720.1.4.1
This object specifies whether the system generates the ctsxSxpConnSourceAddrErrNotif. A value of 'false' will prevent ctsxSxpConnSourceAddrErrNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpMsgParseErrNotifEnable 1.3.6.1.4.1.9.9.720.1.4.2
This object specifies whether the system generates the ctsxSxpMsgParseErrNotif. A value of 'false' will prevent ctsxSxpMsgParseErrNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpConnConfigErrNotifEnable 1.3.6.1.4.1.9.9.720.1.4.3
This object specifies whether the system generates the ctsxSxpConnConfigErrNotif. A value of 'false' will prevent ctsxSxpConnConfigErrNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpBindingErrNotifEnable 1.3.6.1.4.1.9.9.720.1.4.4
This object specifies whether the system generates the ctsxSxpBindingErrNotif. A value of 'false' will prevent ctsxSxpBindingErrNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpConnUpNotifEnable 1.3.6.1.4.1.9.9.720.1.4.5
This object specifies whether the system generates the ctsxSxpConnUpNotif. A value of 'false' will prevent ctsxSxpConnUpNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpConnDownNotifEnable 1.3.6.1.4.1.9.9.720.1.4.6
This object specifies whether the system generates the ctsxSxpConnDownNotif. A value of 'false' will prevent ctsxSxpConnDownNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpExpansionFailNotifEnable 1.3.6.1.4.1.9.9.720.1.4.7
This object specifies whether the system generates the ctsxSxpExpansionFailNotif. A value of 'false' will prevent ctsxSxpExpansionFailNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpOperNodeIdChangeNotifEnable 1.3.6.1.4.1.9.9.720.1.4.8
This object specifies whether the system generates the ctsxSxpOperNodeIdChangeNotif. A value of 'false' will prevent ctsxSxpOperNodeIdChangeNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSxpBindingConflictNotifEnable 1.3.6.1.4.1.9.9.720.1.4.9
This object specifies whether the system generates the ctsxSxpBindingConflictNotif. A value of 'false' will prevent ctsxSxpBindingConflictNotif notifications from being generated by this system.
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

ctsxSgtMapExpansionVrf 1.3.6.1.4.1.9.9.720.1.5.1
This object indicates the VRF name for which host SGT bindings cannot be expanded.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  CiscoVrfName  

ctsxSgtMapExpansionAddrType 1.3.6.1.4.1.9.9.720.1.5.2
This object indicates the type of subnet address for which host SGT binding cannot be expanded.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddressType  

ctsxSgtMapExpansionAddr 1.3.6.1.4.1.9.9.720.1.5.3
This object indicates the subnet address for which host SGT binding cannot be expanded. The type of this address is determined by the value of ctsxSgtMapExpansionAddrType object.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddress  

ctsxSgtMapExpansionAddrPrefixLength 1.3.6.1.4.1.9.9.720.1.5.4
This object indicates the length of the prefix associated with ctsxSgtMapExpansionAddr. This object is always interpreted with the value of ctsxSgtMapExpansionAddrType object.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddressPrefixLength  

ctsxSxpNotifErrMsg 1.3.6.1.4.1.9.9.720.1.5.5
This object indicates error message associated with notifications.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  SnmpAdminString  

ctsxSgtMapConflictingVrfName 1.3.6.1.4.1.9.9.720.1.5.6
This object indicates the VRF name of the SXP connection on which conflicting SGT mapping was received.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  CiscoVrfName  

ctsxSgtMapConflictingAddrType 1.3.6.1.4.1.9.9.720.1.5.7
This object indicates the type of Internet address in the conflicting SGT mapping.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddressType  

ctsxSgtMapConflictingAddr 1.3.6.1.4.1.9.9.720.1.5.8
This object indicates the Internet address in the conflicting SGT mapping. The type of this address is determined by the value of ctsxSgtMapConflictingAddrType object.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  InetAddress  

ctsxSgtMapConflictingOldSgt 1.3.6.1.4.1.9.9.720.1.5.9
The existing value of Security Group Tag (SGT) in SGT mapping for which conflict has occurred.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  CtsSecurityGroupTag  

ctsxSgtMapConflictingNewSgt 1.3.6.1.4.1.9.9.720.1.5.10
The new value of Security Group Tag (SGT) in SGT mapping that conflicts with the existing SGT.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  CtsSecurityGroupTag  

ctsxSxpOldOperNodeId 1.3.6.1.4.1.9.9.720.1.5.11
The SXP node ID that was in use by this SXP node and now replaced by a new SXP node ID represented by ctsxSxpOperNodeId.
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  Unsigned32  

ctsxSxpConnSourceAddrErrNotif 1.3.6.1.4.1.9.9.720.0.1
A ctsxSxpConnSourceAddrErrNotif is generated if the system is not able to establish SXP connection using ctsxSxpConnOperSourceAddr.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpMsgParseErrNotif 1.3.6.1.4.1.9.9.720.0.2
A ctsxSxpMsgParseErrNotif is generated if the system is not able to parse a received SXP message.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpConnConfigErrNotif 1.3.6.1.4.1.9.9.720.0.3
A ctsxSxpConnConfigErrNotif is generated if the system detects a configuration error for an SXP connection.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpBindingErrNotif 1.3.6.1.4.1.9.9.720.0.4
A ctsxSxpBindingErrNotif is generated if the address in the SGT mapping is not found in routing and forwarding table of the system.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpConnUpNotif 1.3.6.1.4.1.9.9.720.0.5
A ctsxSxpConnUpNotif is generated if the ctsxSxpConnStatus for an SXP connection transitioned into 'on' state.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpConnDownNotif 1.3.6.1.4.1.9.9.720.0.6
A ctsxSxpConnDownNotif is generated if ctsxSxpConnStatus for an SXP connection left the 'on' state and transitioned into some other state.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpExpansionFailNotif 1.3.6.1.4.1.9.9.720.0.7
A ctsxSxpExpansionFailNotif is generated if the number of expanded SGT maps reaches the configured limit and the received SGT mapping can not be expanded.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpOperNodeIdChangeNotif 1.3.6.1.4.1.9.9.720.0.8
A ctsxSxpOperNodeIdChangeNotif is generated if the value of ctsxSxpOperNodeId changes.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ctsxSxpBindingConflictNotif 1.3.6.1.4.1.9.9.720.0.9
A ctsxSxpBindingConflictNotif is generated if the device receives conflicting SGT mapping information.
Status: current Access: accessible-for-notify
NOTIFICATION-TYPE    

ciscoTrustSecSxpMIBCompliances 1.3.6.1.4.1.9.9.720.2.1
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBGroups 1.3.6.1.4.1.9.9.720.2.2
OBJECT IDENTIFIER    

ciscoTrustSecSxpMIBCompliance 1.3.6.1.4.1.9.9.720.2.1.1
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB.
Status: deprecated Access: read-only
MODULE-COMPLIANCE    

ciscoTrustSecSxpMIBCompliance2 1.3.6.1.4.1.9.9.720.2.1.2
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB.
Status: deprecated Access: read-only
MODULE-COMPLIANCE    

ciscoTrustSecSxpMIBCompliance3 1.3.6.1.4.1.9.9.720.2.1.3
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB.
Status: current Access: read-only
MODULE-COMPLIANCE    

ctsxSxpGlobalGroup 1.3.6.1.4.1.9.9.720.2.2.1
A collection of objects providing management functionality of global SXP configuration.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpConnectionGroup 1.3.6.1.4.1.9.9.720.2.2.2
A collection of objects providing management functionality of SXP connections.
Status: current Access: read-only
OBJECT-GROUP    

ctsxIpSgtMappingGroup 1.3.6.1.4.1.9.9.720.2.2.3
A collection of objects providing management functionality of SGT mapping for SXP.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpVersionGroup 1.3.6.1.4.1.9.9.720.2.2.4
A collection of object(s) providing version information for SXP.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpBindingLogGroup 1.3.6.1.4.1.9.9.720.2.2.5
A collection of object(s) providing logging control for SXP binding.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpBindingNotifInfoGroup 1.3.6.1.4.1.9.9.720.2.2.6
A collection of object(s) providing variable binding information for SXP notifications.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpNotifErrMsgGroup 1.3.6.1.4.1.9.9.720.2.2.7
A collection of object(s) providing detailed error messages for SXP notifications.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpNodeIdInfoGroup 1.3.6.1.4.1.9.9.720.2.2.8
A collection of object(s) providing SXP node ID information for the system.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpSgtMapGroup 1.3.6.1.4.1.9.9.720.2.2.9
A collection of objects providing management functionality of SGT mapping and expansion for SXP.
Status: current Access: read-only
OBJECT-GROUP    

ctsxNotifsControlGroup 1.3.6.1.4.1.9.9.720.2.2.10
A collection of objects providing notification control for SXP.
Status: current Access: read-only
OBJECT-GROUP    

ctsxNotifsGroup 1.3.6.1.4.1.9.9.720.2.2.11
A collection of notifications for SXP.
Status: current Access: read-only
NOTIFICATION-GROUP    

ctsxSxpGlobalHoldTimeGroup 1.3.6.1.4.1.9.9.720.2.2.12
A collection of objects providing global hold-time information for SXP connections.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpConnHoldTimeGroup 1.3.6.1.4.1.9.9.720.2.2.13
A collection of objects providing hold-time information for each SXP connection.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpConnCapbilityGroup 1.3.6.1.4.1.9.9.720.2.2.14
A collection of object(s) providing capability information for each SXP connection.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSxpVersionSupportGroup 1.3.6.1.4.1.9.9.720.2.2.15
A collection of object(s) providing SXP version capability information.
Status: current Access: read-only
OBJECT-GROUP    

ctsxSgtMapPeerSeqGroup 1.3.6.1.4.1.9.9.720.2.2.16
A collection of object(s) providing Peer Sequence information.
Status: current Access: read-only
OBJECT-GROUP