IPSEC-IKEACTION-MIB

File: IPSEC-IKEACTION-MIB.mib (108875 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
SNMP-FRAMEWORK-MIB INET-ADDRESS-MIB IPSEC-SPD-MIB
IPSEC-IPSECACTION-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Integer32
Unsigned32 TEXTUAL-CONVENTION RowStatus
TruthValue TimeStamp StorageType
VariablePointer MODULE-COMPLIANCE OBJECT-GROUP
SnmpAdminString InetAddressType InetAddress
InetPortNumber spdActions SpdIPPacketLogging
spdEndGroupInterface IpsaCredentialType IpsecDoiIdentType
IpsaIdentityFilter ipsaSharedGroup

Defined Types

IkeEncryptionAlgorithm  
Values for encryption algorithms negotiated for the ISAKMP SA by IKE in Phase I. These are values for SA Attrbute type Encryption Algorithm (1). Unused values <= 65000 are reserved to IANA. Currently assigned values at the time of this writing: reserved(0), -- reserved in IKE desCbc(1), -- RFC 2405 ideaCbc(2), blowfishCbc(3), rc5R16B64Cbc(4), -- RC5 R16 B64 CBC tripleDesCbc(5), -- 3DES CBC castCbc(6), aesCbc(7) Values 65001-65535 are for private use among mutually consenting parties.
TEXTUAL-CONVENTION    
  Unsigned32 0..65535  

IkeAuthMethod  
Values for authentication methods negotiated for the ISAKMP SA by IKE in Phase I. These are values for SA Attrbute type Authentication Method (3). Unused values <= 65000 are reserved to IANA. reserved(0), -- reserved in IKE preSharedKey(1), dssSignatures(2), rsaSignatures(3), encryptionWithRsa(4), revisedEncryptionWithRsa(5), reservedDontUse6(6), -- not to be used reservedDontUse7(7), -- not to be used ecdsaSignatures(8) Values 65001-65535 are for private use among mutually consenting parties.
TEXTUAL-CONVENTION    
  Unsigned32 0..65535  

IkeHashAlgorithm  
Values for hash algorithms negotiated for the ISAKMP SA by IKE in Phase I. These are values for SA Attrbute type Hash Algorithm (2). Unused values <= 65000 are reserved to IANA. Currently assigned values at the time of this writing: reserved(0), -- reserved in IKE md5(1), -- RFC 1321 sha(2), -- FIPS 180-1 tiger(3), sha256(4), sha384(5), sha512(6) Values 65001-65535 are for private use among mutually consenting parties.
TEXTUAL-CONVENTION    
  Unsigned32 0..65535  

IkeGroupDescription  
Values for Oakley key computation groups for Diffie-Hellman exchange negotiated for the ISAKMP SA by IKE in Phase I. They are also used in Phase II when perfect forward secrecy is in use. These are values for SA Attrbute type Group Description (4). Unused values <= 32767 are reserved to IANA. Currently assigned values at the time of this writing: none(0), -- reserved in IKE, used -- in MIBs to reflect that -- none of the predefined -- groups are used modp768(1), -- default 768-bit MODP group modp1024(2), -- alternate 1024-bit MODP -- group ec2nGF155(3), -- EC2N group on Galois -- Field GF[2^155] ec2nGF185(4), -- EC2N group on Galois -- Field GF[2^185] ec2nGF163Random(6), -- EC2N group on Galois -- Field GF[2^163], -- random seed ec2nGF163Koblitz(7), -- EC2N group on Galois -- Field GF[2^163], -- Koblitz curve ec2nGF283Random(8), -- EC2N group on Galois -- Field GF[2^283], -- random seed ec2nGF283Koblitz(9), -- EC2N group on Galois -- Field GF[2^283], -- Koblitz curve ec2nGF409Random(10), -- EC2N group on Galois -- Field GF[2^409], -- random seed ec2nGF409Koblitz(11), -- EC2N group on Galois -- Field GF[2^409], -- Koblitz curve ec2nGF571Random(12), -- EC2N group on Galois -- Field GF[2^571], -- random seed ec2nGF571Koblitz(13) -- EC2N group on Galois -- Field GF[2^571], -- Koblitz curve Values 32768-65535 are for private use among mutually consenting parties.
TEXTUAL-CONVENTION    
  Unsigned32 0..65535  

IpsecDoiSecProtocolId  
These are the IPsec DOI values for the Protocol-Id field in an ISAKMP Proposal Payload, and in all Notification Payloads. They are also used as the Protocol-ID In the Notification Payload and the Delete Payload. Currently assigned values at the time of this writing: reserved(0), -- reserved in DOI protoIsakmp(1), -- message protection -- required during Phase I -- of the IKE protocol protoIpsecAh(2), -- IP packet authentication -- via Authentication Header protoIpsecEsp(3), -- IP packet confidentiality -- via Encapsulating -- Security Payload protoIpcomp(4) -- IP payload compression The values 249-255 are reserved for private use amongst cooperating systems.
TEXTUAL-CONVENTION    
  Unsigned32 0..255  

IpiaCredentialFilterEntry  
SEQUENCE    
  ipiaCredFiltName SnmpAdminString
  ipiaCredFiltCredentialType IpsaCredentialType
  ipiaCredFiltMatchFieldName OCTET STRING
  ipiaCredFiltMatchFieldValue OCTET STRING
  ipiaCredFiltAcceptCredFrom OCTET STRING
  ipiaCredFiltLastChanged TimeStamp
  ipiaCredFiltStorageType StorageType
  ipiaCredFiltRowStatus RowStatus

IpiaPeerIdentityFilterEntry  
SEQUENCE    
  ipiaPeerIdFiltName SnmpAdminString
  ipiaPeerIdFiltIdentityType IpsecDoiIdentType
  ipiaPeerIdFiltIdentityValue IpsaIdentityFilter
  ipiaPeerIdFiltLastChanged TimeStamp
  ipiaPeerIdFiltStorageType StorageType
  ipiaPeerIdFiltRowStatus RowStatus

IpiaIkeActionEntry  
SEQUENCE    
  ipiaIkeActName SnmpAdminString
  ipiaIkeActParametersName SnmpAdminString
  ipiaIkeActThresholdDerivedKeys Integer32
  ipiaIkeActExchangeMode INTEGER
  ipiaIkeActAgressiveModeGroupId IkeGroupDescription
  ipiaIkeActIdentityType IpsecDoiIdentType
  ipiaIkeActIdentityContext SnmpAdminString
  ipiaIkeActPeerName SnmpAdminString
  ipiaIkeActDoActionLogging TruthValue
  ipiaIkeActDoPacketLogging SpdIPPacketLogging
  ipiaIkeActVendorId OCTET STRING
  ipiaIkeActLastChanged TimeStamp
  ipiaIkeActStorageType StorageType
  ipiaIkeActRowStatus RowStatus

IpiaIpsecActionEntry  
SEQUENCE    
  ipiaIpsecActName SnmpAdminString
  ipiaIpsecActParametersName SnmpAdminString
  ipiaIpsecActProposalsName SnmpAdminString
  ipiaIpsecActUsePfs TruthValue
  ipiaIpsecActVendorId OCTET STRING
  ipiaIpsecActGroupId IkeGroupDescription
  ipiaIpsecActPeerGatewayIdName OCTET STRING
  ipiaIpsecActUseIkeGroup TruthValue
  ipiaIpsecActGranularity INTEGER
  ipiaIpsecActMode INTEGER
  ipiaIpsecActDFHandling INTEGER
  ipiaIpsecActDoActionLogging TruthValue
  ipiaIpsecActDoPacketLogging SpdIPPacketLogging
  ipiaIpsecActLastChanged TimeStamp
  ipiaIpsecActStorageType StorageType
  ipiaIpsecActRowStatus RowStatus

IpiaSaNegotiationParametersEntry  
SEQUENCE    
  ipiaSaNegParamName SnmpAdminString
  ipiaSaNegParamMinLifetimeSecs Unsigned32
  ipiaSaNegParamMinLifetimeKB Unsigned32
  ipiaSaNegParamRefreshThreshSecs Unsigned32
  ipiaSaNegParamRefreshThresholdKB Unsigned32
  ipiaSaNegParamIdleDurationSecs Unsigned32
  ipiaSaNegParamLastChanged TimeStamp
  ipiaSaNegParamStorageType StorageType
  ipiaSaNegParamRowStatus RowStatus

IpiaIkeActionProposalsEntry  
SEQUENCE    
  ipiaIkeActPropPriority Integer32
  ipiaIkeActPropName SnmpAdminString
  ipiaIkeActPropLastChanged TimeStamp
  ipiaIkeActPropStorageType StorageType
  ipiaIkeActPropRowStatus RowStatus

IpiaIkeProposalEntry  
SEQUENCE    
  ipiaIkePropLifetimeDerivedKeys Unsigned32
  ipiaIkePropCipherAlgorithm IkeEncryptionAlgorithm
  ipiaIkePropCipherKeyLength Unsigned32
  ipiaIkePropCipherKeyRounds Unsigned32
  ipiaIkePropHashAlgorithm IkeHashAlgorithm
  ipiaIkePropPrfAlgorithm INTEGER
  ipiaIkePropVendorId OCTET STRING
  ipiaIkePropDhGroup IkeGroupDescription
  ipiaIkePropAuthenticationMethod IkeAuthMethod
  ipiaIkePropMaxLifetimeSecs Unsigned32
  ipiaIkePropMaxLifetimeKB Unsigned32
  ipiaIkePropLastChanged TimeStamp
  ipiaIkePropStorageType StorageType
  ipiaIkePropRowStatus RowStatus

IpiaIpsecProposalsEntry  
SEQUENCE    
  ipiaIpsecPropName SnmpAdminString
  ipiaIpsecPropPriority Integer32
  ipiaIpsecPropProtocolId IpsecDoiSecProtocolId
  ipiaIpsecPropTransformsName SnmpAdminString
  ipiaIpsecPropLastChanged TimeStamp
  ipiaIpsecPropStorageType StorageType
  ipiaIpsecPropRowStatus RowStatus

IpiaIpsecTransformsEntry  
SEQUENCE    
  ipiaIpsecTranType IpsecDoiSecProtocolId
  ipiaIpsecTranName SnmpAdminString
  ipiaIpsecTranPriority Integer32
  ipiaIpsecTranTransformName SnmpAdminString
  ipiaIpsecTranLastChanged TimeStamp
  ipiaIpsecTranStorageType StorageType
  ipiaIpsecTranRowStatus RowStatus

IpiaIkeIdentityEntry  
SEQUENCE    
  ipiaIkeIdCredentialName SnmpAdminString
  ipiaIkeIdLastChanged TimeStamp
  ipiaIkeIdStorageType StorageType
  ipiaIkeIdRowStatus RowStatus

IpiaAutostartIkeEntry  
SEQUENCE    
  ipiaAutoIkePriority Integer32
  ipiaAutoIkeAction VariablePointer
  ipiaAutoIkeAddressType InetAddressType
  ipiaAutoIkeSourceAddress InetAddress
  ipiaAutoIkeSourcePort InetPortNumber
  ipiaAutoIkeDestAddress InetAddress
  ipiaAutoIkeDestPort InetPortNumber
  ipiaAutoIkeProtocol Unsigned32
  ipiaAutoIkeLastChanged TimeStamp
  ipiaAutoIkeStorageType StorageType
  ipiaAutoIkeRowStatus RowStatus

IpiaIpsecCredMngServiceEntry  
SEQUENCE    
  ipiaIcmsName SnmpAdminString
  ipiaIcmsDistinguishedName OCTET STRING
  ipiaIcmsPolicyStatement OCTET STRING
  ipiaIcmsMaxChainLength Integer32
  ipiaIcmsCredentialName SnmpAdminString
  ipiaIcmsLastChanged TimeStamp
  ipiaIcmsStorageType StorageType
  ipiaIcmsRowStatus RowStatus

IpiaCredMngCRLEntry  
SEQUENCE    
  ipiaCmcCRLName SnmpAdminString
  ipiaCmcDistributionPoint OCTET STRING
  ipiaCmcThisUpdate OCTET STRING
  ipiaCmcNextUpdate OCTET STRING
  ipiaCmcLastChanged TimeStamp
  ipiaCmcStorageType StorageType
  ipiaCmcRowStatus RowStatus

IpiaRevokedCertificateEntry  
SEQUENCE    
  ipiaRctCertSerialNumber Unsigned32
  ipiaRctRevokedDate OCTET STRING
  ipiaRctRevokedReason INTEGER
  ipiaRctLastChanged TimeStamp
  ipiaRctStorageType StorageType
  ipiaRctRowStatus RowStatus

Defined Values

ipiaMIB 1.3.6.1.2.1.153.4.2
The MIB module for defining IKE actions for managing IPsec Security Policy. Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC YYYY, see the RFC itself for full legal notices.
MODULE-IDENTITY    

ipiaConfigObjects 1.3.6.1.2.1.153.4.2.1
OBJECT IDENTIFIER    

ipiaNotificationObjects 1.3.6.1.2.1.153.4.2.2
OBJECT IDENTIFIER    

ipiaConformanceObjects 1.3.6.1.2.1.153.4.2.3
OBJECT IDENTIFIER    

ipiaLocalConfigObjects 1.3.6.1.2.1.153.4.2.1.1
OBJECT IDENTIFIER    

ipiaStaticFilters 1.3.6.1.2.1.153.4.2.1.2
OBJECT IDENTIFIER    

ipiaIkePhase1Filter 1.3.6.1.2.1.153.4.2.1.2.1
This static filter can be used to test if a packet is part of an IKE phase-1 negotiation.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipiaIkePhase2Filter 1.3.6.1.2.1.153.4.2.1.2.2
This static filter can be used to test if a packet is part of an IKE phase-2 negotiation.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipiaCredentialFilterTable 1.3.6.1.2.1.153.4.2.1.3
This table is used to provide credentials for IKE identities. It can be used to for filters which are matched to credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They MAY be X.509 certificates, Kerberos tickets, etc... It can also be used to provide credentials for local IKE identities.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaCredentialFilterEntry

ipiaCredentialFilterEntry 1.3.6.1.2.1.153.4.2.1.3.1
A row defining a particular credential filter
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaCredentialFilterEntry  

ipiaCredFiltName 1.3.6.1.2.1.153.4.2.1.3.1.1
The administrative name of this filter.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaCredFiltCredentialType 1.3.6.1.2.1.153.4.2.1.3.1.2
The credential type that is expected for this filter to succeed.
Status: current Access: read-create
OBJECT-TYPE    
  IpsaCredentialType  

ipiaCredFiltMatchFieldName 1.3.6.1.2.1.153.4.2.1.3.1.3
The piece of the credential to match against. Examples: serialNumber, signatureAlgorithm, issuerName or subjectName. For credential types without fields (e.g. shared secret), this field SHOULD be left empty, and the entire credential will be matched against the ipiaCredFiltMatchFieldValue.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..256)  

ipiaCredFiltMatchFieldValue 1.3.6.1.2.1.153.4.2.1.3.1.4
The value that the field indicated by the ipiaCredFiltMatchFieldName MUST match against for the filter to be considered TRUE.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(1..4096)  

ipiaCredFiltAcceptCredFrom 1.3.6.1.2.1.153.4.2.1.3.1.5
This value is used to look up a row in the ipiaIpsecCredMngServiceTable for the Certificate Authority (CA) Information. This value is empty if there is no CA used for this filter.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(1..117)  

ipiaCredFiltLastChanged 1.3.6.1.2.1.153.4.2.1.3.1.6
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaCredFiltStorageType 1.3.6.1.2.1.153.4.2.1.3.1.7
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaCredFiltRowStatus 1.3.6.1.2.1.153.4.2.1.3.1.8
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaPeerIdentityFilterTable 1.3.6.1.2.1.153.4.2.1.4
This table defines filters which can be used to match credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They MAY be X.509 certificates, Kerberos tickets, etc...
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaPeerIdentityFilterEntry

ipiaPeerIdentityFilterEntry 1.3.6.1.2.1.153.4.2.1.4.1
A row defining a particular credential filter
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaPeerIdentityFilterEntry  

ipiaPeerIdFiltName 1.3.6.1.2.1.153.4.2.1.4.1.1
The administrative name of this filter.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaPeerIdFiltIdentityType 1.3.6.1.2.1.153.4.2.1.4.1.2
The type of identity field in the peer ID payload to match against.
Status: current Access: read-create
OBJECT-TYPE    
  IpsecDoiIdentType  

ipiaPeerIdFiltIdentityValue 1.3.6.1.2.1.153.4.2.1.4.1.3
The string representation of the value that the peer ID payload value MUST match against. Wildcard mechanisms MUST be supported such that: - a ipiaPeerIdFiltIdentityValue of '*@example.com' will match a userFqdn ID payload of 'JDOE@EXAMPLE.COM' - a ipiaPeerIdFiltIdentityValue of '*.example.com' will match a fqdn ID payload of 'WWW.EXAMPLE.COM' - a ipiaPeerIdFiltIdentityValue of: 'cn=*,ou=engineering,o=company,c=us' will match a DER DN ID payload of 'cn=John Doe,ou=engineering,o=company,c=us' - a ipiaPeerIdFiltIdentityValue of '192.0.2.0/24' will match an IPv4 address ID payload of 192.0.2.10 - a ipiaPeerIdFiltIdentityValue of '192.0.2.*' will also match an IPv4 address ID payload of 192.0.2.10. The character '*' replaces 0 or multiple instances of any character.
Status: current Access: read-create
OBJECT-TYPE    
  IpsaIdentityFilter  

ipiaPeerIdFiltLastChanged 1.3.6.1.2.1.153.4.2.1.4.1.4
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaPeerIdFiltStorageType 1.3.6.1.2.1.153.4.2.1.4.1.5
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaPeerIdFiltRowStatus 1.3.6.1.2.1.153.4.2.1.4.1.6
This object indicates the conceptual status of this row. This object can not be considered active unless the ipiaPeerIdFiltIdentityType and ipiaPeerIdFiltIdentityValue column values are defined. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaStaticActions 1.3.6.1.2.1.153.4.2.1.5
OBJECT IDENTIFIER    

ipiaRejectIKEAction 1.3.6.1.2.1.153.4.2.1.5.1
This scalar indicates that a packet SHOULD be rejected WITHOUT action/packet logging. This object returns a value of 1 for IPsec policy implementations that support the reject static action.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipiaRejectIKEActionLog 1.3.6.1.2.1.153.4.2.1.5.2
This scalar indicates that a packet SHOULD be rejected WITH action/packet logging. This object returns a value of 1 for IPsec policy implementations that support the reject static action with logging.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

ipiaIkeActionTable 1.3.6.1.2.1.153.4.2.1.6
The ipiaIkeActionTable contains a list of the parameters used for an IKE phase 1 SA DOI negotiation. See the corresponding table ipiaIkeActionProposalsTable for a list of proposals contained within a given IKE Action.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeActionEntry

ipiaIkeActionEntry 1.3.6.1.2.1.153.4.2.1.6.1
The ipiaIkeActionEntry lists the IKE negotiation attributes.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIkeActionEntry  

ipiaIkeActName 1.3.6.1.2.1.153.4.2.1.6.1.1
This object contains the name of this ikeAction entry.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActParametersName 1.3.6.1.2.1.153.4.2.1.6.1.2
This object is administratively assigned to reference a row in the ipiaSaNegotiationParametersTable where additional parameters affecting this action can be found. An attempt to set this object to a value that does not exist in the ipiaSaNegotiationParametersTable MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActThresholdDerivedKeys 1.3.6.1.2.1.153.4.2.1.6.1.3
ipiaIkeActThresholdDerivedKeys specifies what percentage of the derived key limit (see the LifetimeDerivedKeys property of IKEProposal) can expire before IKE SHOULD attempt to renegotiate the IKE phase 1 security association.
Status: current Access: read-create
OBJECT-TYPE    
  Integer32 0..100  

ipiaIkeActExchangeMode 1.3.6.1.2.1.153.4.2.1.6.1.4
ipiaIkeActExchangeMode specifies the IKE Phase 1 negotiation mode.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER main(1), agressive(2)  

ipiaIkeActAgressiveModeGroupId 1.3.6.1.2.1.153.4.2.1.6.1.5
The values to be used for Diffie-Hellman exchange.
Status: current Access: read-create
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIkeActIdentityType 1.3.6.1.2.1.153.4.2.1.6.1.6
This column along with ipiaIkeActIdentityContext and endpoint information is used to refer an ipiaIkeIdentityEntry in the ipiaIkeIdentityTable.
Status: current Access: read-create
OBJECT-TYPE    
  IpsecDoiIdentType  

ipiaIkeActIdentityContext 1.3.6.1.2.1.153.4.2.1.6.1.7
This column, along with ipiaIkeActIdentityType and endpoint information, is used to refer to an ipiaIkeIdentityEntry in the ipiaIkeIdentityTable.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActPeerName 1.3.6.1.2.1.153.4.2.1.6.1.8
This object indicates the peer id name of the IKE peer. This object can be used to look up the peer id value, address, credentials and other values in the ipiaPeerIdentityTable.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIkeActDoActionLogging 1.3.6.1.2.1.153.4.2.1.6.1.9
ikeDoActionLogging specifies whether or not an audit message SHOULD be logged when this ike SA is created.
Status: current Access: read-create
OBJECT-TYPE    
  TruthValue  

ipiaIkeActDoPacketLogging 1.3.6.1.2.1.153.4.2.1.6.1.10
ikeDoPacketLogging specifies whether or not an audit message SHOULD be logged and if there is logging, how many bytes of the packet to place in the notification.
Status: current Access: read-create
OBJECT-TYPE    
  SpdIPPacketLogging  

ipiaIkeActVendorId 1.3.6.1.2.1.153.4.2.1.6.1.11
Vendor ID Payload. A value of NULL means that Vendor ID payload will be neither generated nor accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (when acting as a responder).
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..65535)  

ipiaIkeActLastChanged 1.3.6.1.2.1.153.4.2.1.6.1.12
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIkeActStorageType 1.3.6.1.2.1.153.4.2.1.6.1.13
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIkeActRowStatus 1.3.6.1.2.1.153.4.2.1.6.1.14
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This object MUST NOT be set to destroy if referred to by other rows in other action tables. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIpsecActionTable 1.3.6.1.2.1.153.4.2.1.7
The ipiaIpsecActionTable contains a list of the parameters used for an IKE phase 2 IPsec DOI negotiation.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecActionEntry

ipiaIpsecActionEntry 1.3.6.1.2.1.153.4.2.1.7.1
The ipiaIpsecActionEntry lists the IPsec negotiation attributes.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIpsecActionEntry  

ipiaIpsecActName 1.3.6.1.2.1.153.4.2.1.7.1.1
ipiaIpsecActName is the name of the ipsecAction entry.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActParametersName 1.3.6.1.2.1.153.4.2.1.7.1.2
This object is used to reference a row in the ipiaSaNegotiationParametersTable where additional parameters affecting this action can be found. An attempt to set this column to a value that does not exist in the ipiaSaNegotiationParametersTable MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActProposalsName 1.3.6.1.2.1.153.4.2.1.7.1.3
This object is used to reference one or more rows in the ipiaIpsecProposalsTable where an ordered list of proposals affecting this action can be found. An attempt to set this column to a value that does not exist in the ipiaIpsecProposalsTable MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecActUsePfs 1.3.6.1.2.1.153.4.2.1.7.1.4
This MIB object specifies whether or not perfect forward secrecy is used when refreshing keys. A value of true indicates that PFS SHOULD be used.
Status: current Access: read-create
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActVendorId 1.3.6.1.2.1.153.4.2.1.7.1.5
The VendorID property is used to identify vendor-defined key exchange GroupIDs.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..255)  

ipiaIpsecActGroupId 1.3.6.1.2.1.153.4.2.1.7.1.6
This object specifies the Diffie-Hellman group to use for phase 2 when the object ipiaIpsecActUsePfs is true and the object ipiaIpsecActUseIkeGroup is false. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number.
Status: current Access: read-create
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIpsecActPeerGatewayIdName 1.3.6.1.2.1.153.4.2.1.7.1.7
This object indicates the peer id name of the peer gateway. This object can be used to look up the peer id value, address and other values in the ipiaPeerIdentityTable. This object is used when initiating a tunnel SA. This object is not used for transport SAs. If no value is set and ipiaIpsecActMode is tunnel, the peer gateway is determined from the source or destination address of the packet.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..116)  

ipiaIpsecActUseIkeGroup 1.3.6.1.2.1.153.4.2.1.7.1.8
This object specifies whether or not to use the same GroupId for phase 2 as was used in phase 1. If UsePFS is false, this entry SHOULD be ignored.
Status: current Access: read-create
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActGranularity 1.3.6.1.2.1.153.4.2.1.7.1.9
This object specifies how the proposed selector for the security association will be created. The selector is created by using the FilterList information. The selector can be subnet, address, porotocol, or port.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER subnet(1), address(2), protocol(3), port(4)  

ipiaIpsecActMode 1.3.6.1.2.1.153.4.2.1.7.1.10
This object specifies the encapsulation of the IPsec SA to be negotiated.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER tunnel(1), transport(2)  

ipiaIpsecActDFHandling 1.3.6.1.2.1.153.4.2.1.7.1.11
This object specifies the processing of DF bit by the negotiated IPsec tunnel. 1 - DF bit is copied. 2 - DF bit is set. 3 - DF bit is cleared.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER copy(1), set(2), clear(3)  

ipiaIpsecActDoActionLogging 1.3.6.1.2.1.153.4.2.1.7.1.12
ipiaIpsecActDoActionLogging specifies whether or not an audit message SHOULD be logged when this ipsec SA is created.
Status: current Access: read-create
OBJECT-TYPE    
  TruthValue  

ipiaIpsecActDoPacketLogging 1.3.6.1.2.1.153.4.2.1.7.1.13
ipiaIpsecActDoPacketLogging specifies whether or not an audit message SHOULD be logged and if there is logging, how many bytes of the packet to place in the notification.
Status: current Access: read-create
OBJECT-TYPE    
  SpdIPPacketLogging  

ipiaIpsecActLastChanged 1.3.6.1.2.1.153.4.2.1.7.1.14
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecActStorageType 1.3.6.1.2.1.153.4.2.1.7.1.15
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIpsecActRowStatus 1.3.6.1.2.1.153.4.2.1.7.1.16
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaSaNegotiationParametersTable 1.3.6.1.2.1.153.4.2.1.8
This table contains reusable parameters that can be pointed to by the ipiaIkeActionTable and ipiaIpsecActionTable. These parameters are reusable since it is likely an administrator will want to make global policy changes to lifetime parameters that apply to multiple actions. This table allows multiple rows in the other actions tables to reuse global lifetime parameters in this table by repeatedly pointing to a row cointained within this table.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaSaNegotiationParametersEntry

ipiaSaNegotiationParametersEntry 1.3.6.1.2.1.153.4.2.1.8.1
Contains the attributes of one row in the ipiaSaNegotiationParametersTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaSaNegotiationParametersEntry  

ipiaSaNegParamName 1.3.6.1.2.1.153.4.2.1.8.1.1
This object contains the administrative name of this SaNegotiationParametersEntry. This row can be referred to by this name in other policy action tables.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaSaNegParamMinLifetimeSecs 1.3.6.1.2.1.153.4.2.1.8.1.2
ipiaSaNegParamMinLifetimeSecs specifies the minimum seconds lifetime that will be accepted from the peer.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamMinLifetimeKB 1.3.6.1.2.1.153.4.2.1.8.1.3
ipiaSaNegParamMinLifetimeKB specifies the minimum kilobyte lifetime that will be accepted from the peer.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamRefreshThreshSecs 1.3.6.1.2.1.153.4.2.1.8.1.4
ipiaSaNegParamRefreshThreshSecs specifies what percentage of the seconds lifetime can expire before IKE SHOULD attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentage. A value of 100 indicates that the IPsec security association SHOULD not be renegotiated until the seconds lifetime has been completely reached.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 1..100  

ipiaSaNegParamRefreshThresholdKB 1.3.6.1.2.1.153.4.2.1.8.1.5
ipiaSaNegParamRefreshThresholdKB specifies what percentage of the kilobyte lifetime can expire before IKE SHOULD attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentage. A value of 100 indicates that the IPsec security association SHOULD not be renegotiated until the kilobyte lifetime has been reached.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 1..100  

ipiaSaNegParamIdleDurationSecs 1.3.6.1.2.1.153.4.2.1.8.1.6
ipiaSaNegParamIdleDurationSecs specifies how many seconds a security association MAY remain idle (i.e., no traffic protected using the security association) before it is deleted. A value of zero indicates that idle detection SHOULD NOT be used for the security association. Any non-zero value indicates the number of seconds the security association can remain unused.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaSaNegParamLastChanged 1.3.6.1.2.1.153.4.2.1.8.1.7
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaSaNegParamStorageType 1.3.6.1.2.1.153.4.2.1.8.1.8
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaSaNegParamRowStatus 1.3.6.1.2.1.153.4.2.1.8.1.9
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIkeActionProposalsTable 1.3.6.1.2.1.153.4.2.1.9
This table contains a list of all ike proposal names found within a given IKE Action.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeActionProposalsEntry

ipiaIkeActionProposalsEntry 1.3.6.1.2.1.153.4.2.1.9.1
a row containing one ike proposal reference
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIkeActionProposalsEntry  

ipiaIkeActPropPriority 1.3.6.1.2.1.153.4.2.1.9.1.1
The numeric priority of a given contained proposal inside an ike Action. This index SHOULD be used to order the proposals in an IKE Phase I negotiation, lowest value first (i.e. 0 first, then 1,2,etc...).
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIkeActPropName 1.3.6.1.2.1.153.4.2.1.9.1.2
The administratively assigned name that can be used to reference a set of values contained within the ipiaIkeProposalTable. An attempt to set this object to a value that doesn't exist in the ipiaIkeProposalTable MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIkeActPropLastChanged 1.3.6.1.2.1.153.4.2.1.9.1.3
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIkeActPropStorageType 1.3.6.1.2.1.153.4.2.1.9.1.4
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIkeActPropRowStatus 1.3.6.1.2.1.153.4.2.1.9.1.5
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the ipiaIkeActionTable exists which has a matching ipiaIkeActName. II. Or at least one other active row in this table has a matching ipiaIkeActName.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIkeProposalTable 1.3.6.1.2.1.153.4.2.1.10
This table contains a list of IKE proposals which are used in an IKE negotiation.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeProposalEntry

ipiaIkeProposalEntry 1.3.6.1.2.1.153.4.2.1.10.1
One IKE proposal entry.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIkeProposalEntry  

ipiaIkePropLifetimeDerivedKeys 1.3.6.1.2.1.153.4.2.1.10.1.1
ipiaIkePropLifetimeDerivedKeys specifies the number of times that a phase 1 key will be used to derive a phase 2 key before the phase 1 security association needs renegotiated.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropCipherAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.2
ipiaIkePropCipherAlgorithm specifies the proposed phase 1 security association encryption algorithm.
Status: current Access: read-create
OBJECT-TYPE    
  IkeEncryptionAlgorithm  

ipiaIkePropCipherKeyLength 1.3.6.1.2.1.153.4.2.1.10.1.3
This object specifies, in bits, the key length for the cipher algorithm used in IKE Phase 1 negotiation.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropCipherKeyRounds 1.3.6.1.2.1.153.4.2.1.10.1.4
This object specifies the number of key rounds for the cipher algorithm used in IKE Phase 1 negotiation.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropHashAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.5
ipiaIkePropHashAlgorithm specifies the proposed phase 1 security assocation hash algorithm.
Status: current Access: read-create
OBJECT-TYPE    
  IkeHashAlgorithm  

ipiaIkePropPrfAlgorithm 1.3.6.1.2.1.153.4.2.1.10.1.6
ipPRFAlgorithm specifies the proposed phase 1 security association psuedo-random function. Note: currently no prf algorithms are defined.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER reserved(0)  

ipiaIkePropVendorId 1.3.6.1.2.1.153.4.2.1.10.1.7
The VendorID property is used to identify vendor-defined key exchange GroupIDs.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..255)  

ipiaIkePropDhGroup 1.3.6.1.2.1.153.4.2.1.10.1.8
This object specifies the proposed phase 1 security association Diffie-Hellman group
Status: current Access: read-create
OBJECT-TYPE    
  IkeGroupDescription  

ipiaIkePropAuthenticationMethod 1.3.6.1.2.1.153.4.2.1.10.1.9
This object specifies the proposed authentication method for the phase 1 security association.
Status: current Access: read-create
OBJECT-TYPE    
  IkeAuthMethod  

ipiaIkePropMaxLifetimeSecs 1.3.6.1.2.1.153.4.2.1.10.1.10
ipiaIkePropMaxLifetimeSecs specifies the maximum amount of time to propose a security association remain valid. A value of 0 indicates that the default lifetime of 8 hours SHOULD be used.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropMaxLifetimeKB 1.3.6.1.2.1.153.4.2.1.10.1.11
ipiaIkePropMaxLifetimeKB specifies the maximum kilobyte lifetime to propose a security association remain valid.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32  

ipiaIkePropLastChanged 1.3.6.1.2.1.153.4.2.1.10.1.12
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIkePropStorageType 1.3.6.1.2.1.153.4.2.1.10.1.13
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIkePropRowStatus 1.3.6.1.2.1.153.4.2.1.10.1.14
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIpsecProposalsTable 1.3.6.1.2.1.153.4.2.1.11
This table lists one or more IPsec proposals for IPsec actions.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecProposalsEntry

ipiaIpsecProposalsEntry 1.3.6.1.2.1.153.4.2.1.11.1
An entry containing (possibly a portion of) a proposal.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIpsecProposalsEntry  

ipiaIpsecPropName 1.3.6.1.2.1.153.4.2.1.11.1.1
The name of this proposal.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecPropPriority 1.3.6.1.2.1.153.4.2.1.11.1.2
The priority level (AKA sequence level) of this proposal. A lower number indicates a higher precedence (0 before 1, etc..).
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIpsecPropProtocolId 1.3.6.1.2.1.153.4.2.1.11.1.3
The protocol Id for the transforms for this proposal. The protoIsakmp(1) value is not valid for this object. This object, along with the ipiaIpsecPropTransformsName, is the index into the ipiaIpsecTransformsTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpsecDoiSecProtocolId  

ipiaIpsecPropTransformsName 1.3.6.1.2.1.153.4.2.1.11.1.4
The name of the transform or group of transforms for this protocol. This object, along with the ipiaIpsecPropProtocolId, is the index into the ipiaIpsecTransformsTable. An attempt to set this object to a value that does not exist in the ipiaIpsecTransformTable MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecPropLastChanged 1.3.6.1.2.1.153.4.2.1.11.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecPropStorageType 1.3.6.1.2.1.153.4.2.1.11.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIpsecPropRowStatus 1.3.6.1.2.1.153.4.2.1.11.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This row MUST NOT be set to active until the corresponding row(s) in the ipiaIpsecTransformsTable exists and is active. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the ipiaIkeActionProposalTable exists which has a matching ipiaIpsecPropName. II. Or at least one other active row in this table has a matching ipiaIpsecPropName.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIpsecTransformsTable 1.3.6.1.2.1.153.4.2.1.12
This table lists the IPsec proposals contained within a given IPsec action and the transforms within each of those proposals. These proposals and transforms can then be used to create phase 2 negotiation proposals.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecTransformsEntry

ipiaIpsecTransformsEntry 1.3.6.1.2.1.153.4.2.1.12.1
An entry containing the information on an IPsec transform.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIpsecTransformsEntry  

ipiaIpsecTranType 1.3.6.1.2.1.153.4.2.1.12.1.1
The protocol type for this transform. The protoIsakmp(1) value is not valid for this object.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpsecDoiSecProtocolId  

ipiaIpsecTranName 1.3.6.1.2.1.153.4.2.1.12.1.2
The name for this transform or group of transforms.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecTranPriority 1.3.6.1.2.1.153.4.2.1.12.1.3
The priority level (AKA sequence level) of the this transform within the group of transforms (0 before 1, etc...). This indicates the preference for which algorithms are requested when the list of transforms are sent to the remote host. A lower number indicates a higher precedence.
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 0..65535  

ipiaIpsecTranTransformName 1.3.6.1.2.1.153.4.2.1.12.1.4
The name for the given transform. Depending on the value of ipiaIpsecTranType, this value is used to lookup the transform's specific parameters in the ipiaAhTransformTable, the ipiaEspTransformTable or the ipiaIpcompTransformTable.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIpsecTranLastChanged 1.3.6.1.2.1.153.4.2.1.12.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIpsecTranStorageType 1.3.6.1.2.1.153.4.2.1.12.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIpsecTranRowStatus 1.3.6.1.2.1.153.4.2.1.12.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This row MUST NOT be set to active until the corresponding row in the ipiaAhTransformTable, ipiaEspTransformTable or the ipiaIpcompTransformTable exists. If active, this object MUST remain active unless one of the following two conditions are met. An attempt to set it to anything other than active while the following conditions are not met MUST result in an inconsistentValue error. The two conditions are: I. No active row in the IpiaIpsecProposalsTable exists which has a matching ipiaIpsecPropTransformsName. II. Or at least one other active row in this table has a matching ipiaIpsecPropTransformsName.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIkeIdentityTable 1.3.6.1.2.1.153.4.2.1.13
IKEIdentity is used to represent the identities that are used for an IPProtocolEndpoint (or collection of IPProtocolEndpoints) to identify itself in IKE phase 1 negotiations. The column ipiaIkeActIdentityType and ipiaIkeIdentityContext in an ipiaIkeActionEntry together with the spdEndGroupInterface in the spdEndpointToGroupTable specifies the unique identity to use in a negotiation exchange.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIkeIdentityEntry

ipiaIkeIdentityEntry 1.3.6.1.2.1.153.4.2.1.13.1
ikeIdentity lists the attributes of an IKE identity.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIkeIdentityEntry  

ipiaIkeIdCredentialName 1.3.6.1.2.1.153.4.2.1.13.1.1
This value is used as an index into the ipiaCredentialFilterTable to look up the actual credential value and other credential information. For ID's without associated credential information, this value is left blank. For ID's that are address types, this value MAY be left blank and the associated IPProtocolEndpoint or appropriate member of the Collection of endpoints is used.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIkeIdLastChanged 1.3.6.1.2.1.153.4.2.1.13.1.2
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIkeIdStorageType 1.3.6.1.2.1.153.4.2.1.13.1.3
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIkeIdRowStatus 1.3.6.1.2.1.153.4.2.1.13.1.4
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaAutostartIkeTable 1.3.6.1.2.1.153.4.2.1.14
The parameters in the autostart IKE Table are used to automatically initiate IKE phaes I and II (i.e. IPsec) negotiations on startup. It also will initiate IKE phase I and II negotiations for a row at the time of that row's creation
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaAutostartIkeEntry

ipiaAutostartIkeEntry 1.3.6.1.2.1.153.4.2.1.14.1
autostart ike provides the set of parameters to automatically start IKE and IPsec SA's.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaAutostartIkeEntry  

ipiaAutoIkePriority 1.3.6.1.2.1.153.4.2.1.14.1.1
ipiaAutoIkePriority is an index into the autostartIkeAction table and can be used to order the autostart IKE actions (0 before 1, etc...).
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 0..65535  

ipiaAutoIkeAction 1.3.6.1.2.1.153.4.2.1.14.1.2
This pointer is used to point to the action or compound action that is initiated by this row. This value can be used to indicate a scalar or a row in a table. When indicating a row in a table, this value MUST point to the first column instance in that row. If this column is set to a VariablePointer value which references a non-existent row in an otherwise supported table or if the table or scalar pointed to by the VariablePointer is not supported at all, the inconsistentValue exception MUST be returned. If during packet processing this column has a value that references a non-existent or non-supported object, the packet MUST be dropped.
Status: current Access: read-create
OBJECT-TYPE    
  VariablePointer  

ipiaAutoIkeAddressType 1.3.6.1.2.1.153.4.2.1.14.1.3
The property ipiaAutoIkeAddressType specifies the format of the autoIke source and destination Address values.
Status: current Access: read-create
OBJECT-TYPE    
  InetAddressType  

ipiaAutoIkeSourceAddress 1.3.6.1.2.1.153.4.2.1.14.1.4
The property autoIkeSourecAddress specifies Source IP address for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipiaAutoIkeAddressType property.
Status: current Access: read-create
OBJECT-TYPE    
  InetAddress  

ipiaAutoIkeSourcePort 1.3.6.1.2.1.153.4.2.1.14.1.5
The property ipiaAutoIkeSourcePort specifies the port number for the source port for auotstarting IKE SA's. The value of 0 for this object is illegal.
Status: current Access: read-create
OBJECT-TYPE    
  InetPortNumber  

ipiaAutoIkeDestAddress 1.3.6.1.2.1.153.4.2.1.14.1.6
The property ipiaAutoIkeDestAddress specifies the Destination IP address for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipiaAutoIkeAddressType property.
Status: current Access: read-create
OBJECT-TYPE    
  InetAddress  

ipiaAutoIkeDestPort 1.3.6.1.2.1.153.4.2.1.14.1.7
The property ipiaAutoIkeDestPort specifies the port number for the destination port for auotstarting IKE SA's. The value of 0 for this object is illegal.
Status: current Access: read-create
OBJECT-TYPE    
  InetPortNumber  

ipiaAutoIkeProtocol 1.3.6.1.2.1.153.4.2.1.14.1.8
The property Protocol specifies the protocol number used in comparing with policy filter entries and used in any phase 2 negotiations.
Status: current Access: read-create
OBJECT-TYPE    
  Unsigned32 0..255  

ipiaAutoIkeLastChanged 1.3.6.1.2.1.153.4.2.1.14.1.9
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaAutoIkeStorageType 1.3.6.1.2.1.153.4.2.1.14.1.10
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaAutoIkeRowStatus 1.3.6.1.2.1.153.4.2.1.14.1.11
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. This object MUST NOT be set to active until the object to which the ipiaAutoIkeAction points to exists and is active. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaIpsecCredMngServiceTable 1.3.6.1.2.1.153.4.2.1.15
A table of Credential Management Service values. This table is usually used for credential/certificate values that are used with a management service (e.g. Certificate Authorities).
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaIpsecCredMngServiceEntry

ipiaIpsecCredMngServiceEntry 1.3.6.1.2.1.153.4.2.1.15.1
A row in the ipiaIpsecCredMngServiceTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaIpsecCredMngServiceEntry  

ipiaIcmsName 1.3.6.1.2.1.153.4.2.1.15.1.1
This is an administratively assigned string used to index this table.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaIcmsDistinguishedName 1.3.6.1.2.1.153.4.2.1.15.1.2
This value represents the Distinguished Name of the Credential Management Service.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(1..256)  

ipiaIcmsPolicyStatement 1.3.6.1.2.1.153.4.2.1.15.1.3
This Value represents the Credential Management Service Policy Statement, or a reference describing how to obtain it (e.g., a URL). If one doesn't exist, this value can be left blank
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..1024)  

ipiaIcmsMaxChainLength 1.3.6.1.2.1.153.4.2.1.15.1.4
This value is the maximum length of the chain allowble from the Credential Management Service to the credential in question.
Status: current Access: read-create
OBJECT-TYPE    
  Integer32 0..255  

ipiaIcmsCredentialName 1.3.6.1.2.1.153.4.2.1.15.1.5
This value is used as an index into the ipiaCredentialFilterTable to look up the actual credential value.
Status: current Access: read-create
OBJECT-TYPE    
  SnmpAdminString Size(0..32)  

ipiaIcmsLastChanged 1.3.6.1.2.1.153.4.2.1.15.1.6
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaIcmsStorageType 1.3.6.1.2.1.153.4.2.1.15.1.7
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaIcmsRowStatus 1.3.6.1.2.1.153.4.2.1.15.1.8
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaCredMngCRLTable 1.3.6.1.2.1.153.4.2.1.16
A table of the Credential Revocation Lists (CRL) for credential managment services.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaCredMngCRLEntry

ipiaCredMngCRLEntry 1.3.6.1.2.1.153.4.2.1.16.1
A row in the ipiaCredMngCRLTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaCredMngCRLEntry  

ipiaCmcCRLName 1.3.6.1.2.1.153.4.2.1.16.1.1
This is an administratively assigned string used to index this table. It represents a CRL for a given CA from a given distribution point.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

ipiaCmcDistributionPoint 1.3.6.1.2.1.153.4.2.1.16.1.2
This Value represents a Distribution Point for a Credential Revocation List. It can be relative to the Credential Management Service or a full name (URL, e-mail, etc...).
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..256)  

ipiaCmcThisUpdate 1.3.6.1.2.1.153.4.2.1.16.1.3
This value is the issue date of this CRL. This SHOULD be in utctime or generalizedtime.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

ipiaCmcNextUpdate 1.3.6.1.2.1.153.4.2.1.16.1.4
This value indicates the date the next version of this CRL will be issued. This SHOULD be in utctime or generalizedtime.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

ipiaCmcLastChanged 1.3.6.1.2.1.153.4.2.1.16.1.5
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaCmcStorageType 1.3.6.1.2.1.153.4.2.1.16.1.6
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaCmcRowStatus 1.3.6.1.2.1.153.4.2.1.16.1.7
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaRevokedCertificateTable 1.3.6.1.2.1.153.4.2.1.17
A table of Credentials revoked by credential managment services. That is, this table is a table of Certificates that are on CRL's, Credential Revocation Lists.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    IpiaRevokedCertificateEntry

ipiaRevokedCertificateEntry 1.3.6.1.2.1.153.4.2.1.17.1
A row in the ipiaRevokedCertificateTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpiaRevokedCertificateEntry  

ipiaRctCertSerialNumber 1.3.6.1.2.1.153.4.2.1.17.1.1
This value is the serial number of the revoked certificate.
Status: current Access: not-accessible
OBJECT-TYPE    
  Unsigned32 0..4294967295  

ipiaRctRevokedDate 1.3.6.1.2.1.153.4.2.1.17.1.2
This value is the revocation date of the certificate. This SHOULD be in utctime or generaltime.
Status: current Access: read-create
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

ipiaRctRevokedReason 1.3.6.1.2.1.153.4.2.1.17.1.3
This value is the reason this certificate was revoked.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER unspecified(1), keyCompromise(2), cACompromise(3), affiliationChanged(4), superseded(5), cessationOfOperation(6), certificateHold(7), removeFromCRL(8)  

ipiaRctLastChanged 1.3.6.1.2.1.153.4.2.1.17.1.4
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

ipiaRctStorageType 1.3.6.1.2.1.153.4.2.1.17.1.5
The storage type for this row. Rows in this table which were created through an external process MAY have a storage type of readOnly or permanent. For a storage type of permanent, none of the columns have to be writable.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

ipiaRctRowStatus 1.3.6.1.2.1.153.4.2.1.17.1.6
This object indicates the conceptual status of this row. The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object MUST remain active if it is referenced by an active row in another table. An attempt to set it to anything other than active while it is referenced by an active row in another table MUST result in an inconsistentValue error.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

ipiaNotificationVariables 1.3.6.1.2.1.153.4.2.2.1
OBJECT IDENTIFIER    

ipiaNotifications 1.3.6.1.2.1.153.4.2.2.0
OBJECT IDENTIFIER    

ipiaCompliances 1.3.6.1.2.1.153.4.2.3.1
OBJECT IDENTIFIER    

ipiaGroups 1.3.6.1.2.1.153.4.2.3.2
OBJECT IDENTIFIER    

ipiaIKECompliance 1.3.6.1.2.1.153.4.2.3.1.1
The compliance statement for SNMP entities that include an IPsec MIB implementation and supports IKE actions. -- OBJECT ipiaAutoIkeAddressType -- SYNTAX InetAddreessType { ipv4(1), ipv6(2) } -- DESCRIPTION -- Only support for global IPv4 and IPv6 address -- types is required. -- -- OBJECT ipiaAutoIkeSourceAddress -- SYNTAX InetAddress (SIZE(4|16)) -- DESCRIPTION -- Only support for global IPv4 and IPv6 address -- types is required. -- OBJECT ipiaAutoIkeDestAddress -- SYNTAX InetAddress (SIZE(4|16)) -- DESCRIPTION -- Only support for global IPv4 and IPv6 address -- types is required. --
Status: current Access: read-only
MODULE-COMPLIANCE    

ipiaRuleFilterCompliance 1.3.6.1.2.1.153.4.2.3.1.2
The compliance statement for SNMP entities that include an IKEACTION MIB implementation with IKE filters support.
Status: current Access: not-accessible
MODULE-COMPLIANCE    

ipiaStaticFilterGroup 1.3.6.1.2.1.153.4.2.3.2.1
The static filter group. Currently this is just a true filter.
Status: current Access: not-accessible
OBJECT-GROUP    

ipiaCredentialFilterGroup 1.3.6.1.2.1.153.4.2.3.2.2
This group is made up of objects from the IPsec Policy Credential Filter Table.
Status: current Access: not-accessible
OBJECT-GROUP    

ipiaPeerIdFilterGroup 1.3.6.1.2.1.153.4.2.3.2.3
This group is made up of objects from the IPsec Policy Peer Identity Filter Table.
Status: current Access: not-accessible
OBJECT-GROUP    

ipiaStaticActionGroup 1.3.6.1.2.1.153.4.2.3.2.4
This group is made up of IPsec Policy Static Actions objects.
Status: current Access: not-accessible
OBJECT-GROUP    

ipiaIkeGroup 1.3.6.1.2.1.153.4.2.3.2.5
This group is the set of objects that support IKE actions. These objects are from The IPsec Policy IKE Action Table, The IKE Action Proposals Table, The IKE Proposal Table, The autostart IKE Table and The IKE Identity Table, The Peer Identity Table, The Credential Management Service Table, and the shared table Negotiation Parameters Table (from the IPSEC-IPSECACTION-MIB.
Status: current Access: not-accessible
OBJECT-GROUP    

ipiaIpsecGroup 1.3.6.1.2.1.153.4.2.3.2.6
This group is the set of objects that support IPsec actions. These objects are from The IPsec Policy IPsec Actions Table, The IPsec Proposal Table, and The IPsec Transform Table. This group also includes objects from the shared tables: Peer Identity Table, Credential Table, Negotiation Parameters Table, Credential Management Service Table and the AH, ESP, and IPComp Transform Table.
Status: current Access: not-accessible
OBJECT-GROUP