ISAKMP-DOI-IND-MON-MIB
File:
ISAKMP-DOI-IND-MON-MIB.mib (32605 bytes)
Imported modules
Imported symbols
Defined Types
InetAddressIPv4 |
|
Represents an IPv4 network address:
octets contents encoding
1-4 IP address network-byte order
The corresponding InetAddressType value is ipv4(1). |
TEXTUAL-CONVENTION |
|
|
|
|
OCTET STRING |
Size(4) |
|
IsakmpCookie |
|
This data type is used to model ISAKMP cookies. This is a
binary string of 8 octets in network byte-order. |
TEXTUAL-CONVENTION |
|
|
|
|
OCTET STRING |
Size(8) |
|
SaEntry |
|
SEQUENCE |
|
|
|
|
saLocalIpAddressType |
InetAddressType |
|
|
saLocalIpAddress |
InetAddress |
|
|
saRemoteIpAddressType |
InetAddressType |
|
|
saRemoteIpAddress |
InetAddressIPv4 |
|
|
saInitiatorCookie |
IsakmpCookie |
|
|
saResponderCookie |
IsakmpCookie |
|
|
saLocalUdpPort |
INTEGER |
|
|
saRemoteUdpPort |
INTEGER |
|
|
saPeerMajorVersion |
INTEGER |
|
|
saPeerMinorVersion |
INTEGER |
|
|
saDoi |
IsakmpDOI |
|
|
saLocallyInitiated |
TruthValue |
|
|
saStatus |
INTEGER |
|
|
saExchangeType |
IsakmpExchangeType |
|
|
saTimeSeconds |
Counter32 |
|
|
saInPackets |
Counter32 |
|
|
saOutPackets |
Counter32 |
|
|
saInOctets |
Counter32 |
|
|
saOutOctets |
Counter32 |
|
|
saByCreatorsIndex |
Unsigned32 |
|
Defined Values
isakmpDoiIndMonModule |
1.3.6.1.4.1.1954.3.10.2 |
The MIB module to describe the DOI-independent part of
ISAKMP objects; to be used for monitoring purposes. |
MODULE-IDENTITY |
|
|
|
isakmpDoiIndMIBObjects |
1.3.6.1.4.1.1954.3.10.2.1 |
This is the base object identifier for all ISAKMP
branches. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpSaTable |
1.3.6.1.4.1.1954.3.10.2.1.1 |
This is the base object identifier for the security
associations table. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpGlobals |
1.3.6.1.4.1.1954.3.10.2.1.2 |
This is the base object identifier for all objects which
are global values for ISAKMP. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpNegStats |
1.3.6.1.4.1.1954.3.10.2.1.3 |
This is the base object identifier for all objects which
are global counters for ISAKMP negotiation statistics. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpTrafStats |
1.3.6.1.4.1.1954.3.10.2.1.4 |
This is the base object identifier for all objects which
are global counters for ISAKMP security association traffic
statistics. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpErrors |
1.3.6.1.4.1.1954.3.10.2.1.5 |
This is the base object identifier for all objects which
are global error counters for ISAKMP. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpGroups |
1.3.6.1.4.1.1954.3.10.2.1.6 |
This is the base object identifier for all objects which
describe the groups in this MIB. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpTrapControl |
1.3.6.1.4.1.1954.3.10.2.1.8 |
This is the base object identifier for all trap controls
for this MIB. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpTraps |
1.3.6.1.4.1.1954.3.10.2.1.9 |
This is the base object identifier for all traps for this
MIB. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
isakmpTrapObjects |
1.3.6.1.4.1.1954.3.10.2.1.10 |
This is the base object identifier for all objects used by
traps for this MIB. |
Status: current |
Access: read-write |
OBJECT-IDENTITY |
|
|
|
saTable |
1.3.6.1.4.1.1954.3.10.2.1.1.1 |
The (conceptual) table containing the DOI-independent
portion of ISAKMP SAs.
There should be one row for every phase 1 security
association that exists in the entity that uses ISAKMP. The
maximum number of rows is implementation dependent. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SaEntry |
|
saEntry |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1 |
An entry (conceptual row) containing the DOI-independent
information on a particular ISAKMP SA.
A row in this table cannot be created or deleted by SNMP
operations on columns of the table. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SaEntry |
|
|
saLocalIpAddressType |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.1 |
The type of the local address used to negotiate the ISAKMP
phase 1 SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
saLocalIpAddress |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.2 |
The local address used to negotiate the ISAKMP phase 1 SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
saRemoteIpAddressType |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.3 |
The type of the remote address used to negotiate the ISAKMP
phase 1 SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
saRemoteIpAddress |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.4 |
The remote address used to negotiate the ISAKMP phase 1
SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
InetAddressIPv4 |
|
|
saInitiatorCookie |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.5 |
The value of the cookie used by the initiator for the
ISAKMP phase 1 SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IsakmpCookie |
|
|
saResponderCookie |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.6 |
The value of the cookie used by the responder for the
ISAKMP phase 1 SA.
Note that this value may be 0 if the ISAKMP phase 1 SA has
been initiated but not responded to by the peer entity.
It must never be 0 if this entry represents an ISAKMP phase
1 SA establishment attempt that has been initiated by the
peer. This rule prevents index collisions in the (unlikely)
event that two peers simultaneously initiate with the same
cookie at the same time. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IsakmpCookie |
|
|
saLocalUdpPort |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.7 |
The local UDP port number that this ISAKMP phase 1 SA was
negotiated with. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
saRemoteUdpPort |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.8 |
The remote UDP port number that this ISAKMP phase 1 SA was
negotiated with. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
saPeerMajorVersion |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.9 |
The major version number from the ISAKMP packet header used
by the peer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..15 |
|
saPeerMinorVersion |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.10 |
The minor version number from the ISAKMP packet header used
by the peer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..15 |
|
saDoi |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.11 |
The specific DOI value that this ISAKMP SA is using.
Note that this value MAY be 0, as allowed by Section 3.4 of
RFC 2408 |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IsakmpDOI |
|
|
saLocallyInitiated |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.12 |
This value is 'true' if the ISAKMP phase 1 SA was initiated
by the local entity, and 'false' if initiated by the remote
entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
saStatus |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.13 |
The status of the ISAKMP phase 1 SA.
If the state is 'negotiating', it means that processing of
the final packet of the phase 1 exchange is not yet
complete.
If the state is 'established', it means that processing of
all packets associated with ISAKMP phase 1 SA negotation is
complete, and the entities involved in the ISAKMP phase 1 SA
are authenticated. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
negotiating(1), established(2) |
|
saExchangeType |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.14 |
The exchange type used to negotiate the ISAKMP phase 1 SA. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IsakmpExchangeType |
|
|
saTimeSeconds |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.15 |
The number of seconds the SA has existed. In other words,
how old the SA is. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
saInPackets |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.16 |
The total number of packets received by the ISAKMP phase 1
SA, including un-encrypted packets used to negotiate the
ISAKMP phase 1 SA, and any re-transmissions. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
saOutPackets |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.17 |
The total number of packets sent by the ISAKMP phase 1 SA,
including un-encrypted packets used to negotiate the ISAKMP
phase 1 SA, and any re-transmissions received. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
saInOctets |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.18 |
The amount of traffic measured in bytes received by the
ISAKMP phase 1 SA. This includes encrypted and un-encrypted
traffic used to negotiate the ISAKMP phase 1 SA, and any re-
transmissions received. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
saOutOctets |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.19 |
The amount of traffic measured in bytes sent by the ISAKMP
phase 1 SA. This includes encrypted and un-encrypted traffic
used to negotiate the ISAKMP phase 1 SA, and any re-
transmissions. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
saByCreatorsIndex |
1.3.6.1.4.1.1954.3.10.2.1.1.1.1.20 |
A unique value, greater than zero, for each IKE phase 1 SA
that exists between the two endpoints. It is recommended
that values are assigned contiguously starting from 1. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
1..16777215 |
|
isakmpMajorVersion |
1.3.6.1.4.1.1954.3.10.2.1.2.1 |
The maximum major version number value capable of being
supported by the entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..15 |
|
isakmpMinorVersion |
1.3.6.1.4.1.1954.3.10.2.1.2.2 |
The maximum minor version number value capable of being
supported by the entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..15 |
|
isakmpCurrentSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.1 |
The current number of ISAKMP SAs in the entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge32 |
|
|
isakmpCurrentInitiatedSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.2 |
The current number of ISAKMP SAs successfully negotiated in
the entity that were initiated by the entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge32 |
|
|
isakmpCurrentRespondedSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.3 |
The current number of ISAKMP SAs successfully negotiated in
the entity that were initiated by the peer entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge32 |
|
|
isakmpTotalSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.4 |
The total number of ISAKMP SAs successfully negotiated in
the entity since boot time. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalInitiatedSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.5 |
The total number of ISAKMP SAs successfully negotiated in
the entity since boot time that were initiated by the
entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalRespondedSAs |
1.3.6.1.4.1.1954.3.10.2.1.3.6 |
The total number of ISAKMP SAs successfully negotiated in
the entity since boot time that were initiated by the peer
entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalAttempts |
1.3.6.1.4.1.1954.3.10.2.1.3.7 |
The total number of ISAKMP SAs negotiation attempts made
since boot time. This includes successful negotiations. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalAsInitAttempts |
1.3.6.1.4.1.1954.3.10.2.1.3.8 |
The total number of ISAKMP SAs negotiation attempts made
where the entity was the initiator since boot time. This
includes successful negotiations. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalAsRespAttempts |
1.3.6.1.4.1.1954.3.10.2.1.3.9 |
The total number of ISAKMP SAs negotiation attempts made
where the entity was the responder since boot time. This
includes successful negotiations. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalInPackets |
1.3.6.1.4.1.1954.3.10.2.1.4.1 |
The total number of ISAKMP packets received by the entity
since boot time, including re-transmissions and un-encrypted
packets. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalOutPackets |
1.3.6.1.4.1.1954.3.10.2.1.4.2 |
The total number of ISAKMP packets sent by the entity since
boot time, including re-transmissions and un-encrypted
packets. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalInOctets |
1.3.6.1.4.1.1954.3.10.2.1.4.3 |
The total amount of ISAKMP traffic received by the entity
since boot time, measured in bytes, including any re-
transmitted packets received, and including encrypted and
un-encrypted packets. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalOutOctets |
1.3.6.1.4.1.1954.3.10.2.1.4.4 |
The total amount of ISAKMP traffic sent by the entity since
boot time, measured in bytes, including any re-transmissions
and including encrypted and un-encrypted packets. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalInitFailures |
1.3.6.1.4.1.1954.3.10.2.1.5.1 |
The total number of attempts to initiate an ISAKMP phase 1
SA that failed since boot time, when there was a response
from the peer entity.
This value may be used to detect clogging or denial-of-
service attacks. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalInitNoResponses |
1.3.6.1.4.1.1954.3.10.2.1.5.2 |
The total number of attempts to initiate an ISAKMP phase 1
SA that failed since boot time, when there was no response
from the peer entity.
This should only be incremented if the peer does not repond
to the first packet of attempted negotiations. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpTotalRespFailures |
1.3.6.1.4.1.1954.3.10.2.1.5.3 |
The total number of attempts to initiate an ISAKMP phase 1
SA that failed since boot time, when the initiation attempt
came for the peer entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
isakmpInvalidCookieCount |
1.3.6.1.4.1.1954.3.10.2.1.5.4 |
The total number of ISAKMP packets with invalid cookies
received by the entity since boot time. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
invalidCookieTrapEnable |
1.3.6.1.4.1.1954.3.10.2.1.8.1 |
Indicates whether invalidCookieTrap traps should be
generated. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
localIpAddressType |
1.3.6.1.4.1.1954.3.10.2.1.10.1 |
The type of the local IP address used in an ISAKMP message,
to be associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
localIpAddress |
1.3.6.1.4.1.1954.3.10.2.1.10.2 |
The local IP address used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
localUdpPort |
1.3.6.1.4.1.1954.3.10.2.1.10.3 |
The local port UDP number used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
remoteIpAddressType |
1.3.6.1.4.1.1954.3.10.2.1.10.4 |
The type of the remote IP used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
remoteIpAddress |
1.3.6.1.4.1.1954.3.10.2.1.10.5 |
The remote IPaddress used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IsakmpCookie |
|
|
remoteUdpPort |
1.3.6.1.4.1.1954.3.10.2.1.10.6 |
The remote UDP port number used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
initiatorCookie |
1.3.6.1.4.1.1954.3.10.2.1.10.7 |
The initiator cookie used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IsakmpCookie |
|
|
responderCookie |
1.3.6.1.4.1.1954.3.10.2.1.10.8 |
The responder cookie used in an ISAKMP message, to be
associated with a trap. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IsakmpCookie |
|
|
invalidCookieTrap |
24578 |
ISAKMP packets with invalid cookies were detected from the
specified source, intended for the specified destination.
The initiator and responder cookies are also sent with the
trap.
The current count is sent to allow the trap to accurately
relfect dropped and throttled traps.
Implementations SHOULD send one trap per peer (within a
reasonable time period, rather than sending one trap per
packet. |
TRAP-TYPE |
|
|
|
isakmpSaGroup |
1.3.6.1.4.1.1954.3.10.2.1.6.1 |
A collection of objects that describe the state of the
security associations of the ISAKMP protocol. |
Status: current |
Access: accessible-for-notify |
OBJECT-GROUP |
|
|
|
isakmpGlobalsGroup |
1.3.6.1.4.1.1954.3.10.2.1.6.2 |
A collections of objects that describe the global state of
the ISAKMP protocol. |
Status: current |
Access: accessible-for-notify |
OBJECT-GROUP |
|
|
|
isakmpTrapControlGroup |
1.3.6.1.4.1.1954.3.10.2.1.6.3 |
Trap control for the ISAKMP protocol. |
Status: current |
Access: accessible-for-notify |
OBJECT-GROUP |
|
|
|
isakmpTrapDataGroup |
1.3.6.1.4.1.1954.3.10.2.1.6.4 |
Trap data for the ISAKMP protocol. |
Status: current |
Access: accessible-for-notify |
OBJECT-GROUP |
|
|
|
isakmpTrapGroup |
1.3.6.1.4.1.1954.3.10.2.1.6.5 |
The traps for the ISAKMP protocol. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-GROUP |
|
|
|
isakmpDoiIndependentMonitorCompliance |
1.3.6.1.4.1.1954.3.10.2.1.7.1 |
The compliance statement for the SNMPv3 entities which
implement the ISAKMP DOI-Indpendent Monitoring MIB. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|