JNX-IPSEC-MONITOR-MIB

File: JNX-IPSEC-MONITOR-MIB.mib (37889 bytes)

Imported modules

SNMPv2-SMI INET-ADDRESS-MIB SNMPv2-TC
JUNIPER-SMI JUNIPER-SP-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Counter32
Counter64 Integer32 Unsigned32
InetAddress InetAddressType TEXTUAL-CONVENTION
DisplayString TimeInterval jnxMibs
jnxSpSvcSetName

Defined Types

JnxIkePeerType  
The type of IPsec Phase-1 IKE peer identity. The IKE peer may be identified by one of the ID types defined in IPSEC DOI.
TEXTUAL-CONVENTION    
  INTEGER unknown(0), idIpv4Addr(1), idFqdn(2), idDn(3)  

JnxIkeNegoMode  
The IPsec Phase-1 IKE negotiation mode.
TEXTUAL-CONVENTION    
  INTEGER main(1), aggressive(2), ikev2(3)  

JnxIkeHashAlgo  
The hash algorithm used in IPsec Phase-1 IKE negotiations.
TEXTUAL-CONVENTION    
  INTEGER md5(1), sha(2), sha256(3), sha384(4)  

JnxIkeAuthMethod  
The authentication method used in IPsec Phase-1 IKE negotiations.
TEXTUAL-CONVENTION    
  INTEGER preSharedKey(1), dssSignature(2), rsaSignature(3), rsaEncryption(4), revRsaEncryption(5)  

JnxIkePeerRole  
Role of the local endpoint in negotiating the IPsec Phase-1 IKE security association. It can be either Initiator or Responder.
TEXTUAL-CONVENTION    
  INTEGER initiator(1), responder(2)  

JnxIkeNegState  
State of the Phase-1 IKE negotiation.
TEXTUAL-CONVENTION    
  INTEGER matured(1), notmatured(2)  

JnxDiffHellmanGrp  
The Diffie Hellman Group used in negotiations. modp768 -- 768-bit MODP modp1024 -- 1024-bit MODP modp1536 -- 1536-bit MODP modp2048 -- 2048-bit MODP ec-modp256 -- 256-bit EC-MODP ec-modp384 -- 384-bit EC-MODP
TEXTUAL-CONVENTION    
  INTEGER unknown(0), modp768(1), modp1024(2), modp1536(5), modp2048(14), ecmodp256(19), ecmodp384(20)  

JnxKeyType  
The type of key used by an IPsec Phase-2 Tunnel.
TEXTUAL-CONVENTION    
  INTEGER unknown(0), keyIke(1), keyManual(2)  

JnxEncapMode  
The encapsulation mode used by an IPsec Phase-2 Tunnel.
TEXTUAL-CONVENTION    
  INTEGER unknown(0), tunnel(1), transport(2)  

JnxEncryptAlgo  
The encryption algorithm used in negotiations.
TEXTUAL-CONVENTION    
  INTEGER espDes(1), esp3des(2), espNull(3), espAes128(4), espAes192(5), espAes256(6)  

JnxSpi  
The type of the SPI associated with IPsec Phase-2 security associations.
TEXTUAL-CONVENTION    
  Unsigned32 256..4294967295  

JnxAuthAlgo  
The authentication algorithm used by a security association of an IPsec Phase-2 Tunnel.
TEXTUAL-CONVENTION    
  INTEGER unknown(0), hmacMd5(2), hmacSha(3), hmacSha256(4)  

JnxRemotePeerType  
The type of the remote peer gateway (endpoint). It can be one of the following two types: - static (Remote peer whose IP address is known beforehand) - dynamic (Remote peer whose IP address is not known beforehand)
TEXTUAL-CONVENTION    
  INTEGER unknown(0), static(1), dynamic(2)  

JnxSAType  
SA Type manual or dynamic
TEXTUAL-CONVENTION    
  INTEGER unknown(0), manual(1), dynamic(2)  

JnxIkeTunnelEntry  
SEQUENCE    
  jnxIkeTunIndex Integer32
  jnxIkeTunLocalRole JnxIkePeerRole
  jnxIkeTunNegState JnxIkeNegState
  jnxIkeTunInitiatorCookie DisplayString
  jnxIkeTunResponderCookie DisplayString
  jnxIkeTunLocalIdType JnxIkePeerType
  jnxIkeTunLocalIdValue DisplayString
  jnxIkeTunLocalGwAddrType InetAddressType
  jnxIkeTunLocalGwAddr InetAddress
  jnxIkeTunLocalCertName DisplayString
  jnxIkeTunRemoteIdType JnxIkePeerType
  jnxIkeTunRemoteIdValue DisplayString
  jnxIkeTunRemoteGwAddrType InetAddressType
  jnxIkeTunRemoteGwAddr InetAddress
  jnxIkeTunNegoMode JnxIkeNegoMode
  jnxIkeTunDiffHellmanGrp JnxDiffHellmanGrp
  jnxIkeTunEncryptAlgo JnxEncryptAlgo
  jnxIkeTunHashAlgo JnxIkeHashAlgo
  jnxIkeTunAuthMethod JnxIkeAuthMethod
  jnxIkeTunLifeTime Integer32
  jnxIkeTunActiveTime TimeInterval
  jnxIkeTunInOctets Counter64
  jnxIkeTunInPkts Counter32
  jnxIkeTunOutOctets Counter64
  jnxIkeTunOutPkts Counter32

JnxIpSecTunnelEntry  
SEQUENCE    
  jnxIpSecTunIndex Integer32
  jnxIpSecRuleName DisplayString
  jnxIpSecTermName DisplayString
  jnxIpSecTunLocalGwAddrType InetAddressType
  jnxIpSecTunLocalGwAddr InetAddress
  jnxIpSecTunRemoteGwAddrType InetAddressType
  jnxIpSecTunRemoteGwAddr InetAddress
  jnxIpSecTunLocalProxyId DisplayString
  jnxIpSecTunRemoteProxyId DisplayString
  jnxIpSecTunKeyType JnxKeyType
  jnxIpSecRemotePeerType JnxRemotePeerType
  jnxIpSecTunMtu Integer32
  jnxIpSecTunOutEncryptedBytes Counter64
  jnxIpSecTunOutEncryptedPkts Counter64
  jnxIpSecTunInDecryptedBytes Counter64
  jnxIpSecTunInDecryptedPkts Counter64
  jnxIpsSecTunAHInBytes Counter64
  jnxIpsSecTunAHInPkts Counter64
  jnxIpsSecTunAHOutBytes Counter64
  jnxIpsSecTunAHOutPkts Counter64
  jnxIpSecTunReplayDropPkts Counter64
  jnxIpSecTunAhAuthFails Counter64
  jnxIpSecTunEspAuthFails Counter64
  jnxIpSecTunDecryptFails Counter64
  jnxIpSecTunBadHeaders Counter64
  jnxIpSecTunBadTrailers Counter64
  jnxIpSecTunDroppedPkts Counter64

JnxIpSecSaEntry  
SEQUENCE    
  jnxIpSecSaProtocol INTEGER
  jnxIpSecSaIndex Integer32
  jnxIpSecSaInSpi JnxSpi
  jnxIpSecSaOutSpi JnxSpi
  jnxIpSecSaInAuxSpi JnxSpi
  jnxIpSecSaOutAuxSpi JnxSpi
  jnxIpSecSaType JnxSAType
  jnxIpSecSaEncapMode JnxEncapMode
  jnxIpSecSaLifeSize Integer32
  jnxIpSecSaLifeTime Integer32
  jnxIpSecSaActiveTime TimeInterval
  jnxIpSecSaLifeSizeThreshold Integer32
  jnxIpSecSaLifeTimeThreshold Integer32
  jnxIpSecSaEncryptAlgo JnxEncryptAlgo
  jnxIpSecSaAuthAlgo JnxAuthAlgo
  jnxIpSecSaState INTEGER

Defined Values

jnxIpSecMonitorMIB 1.3.6.1.4.1.2636.3.22
MODULE-IDENTITY    

jnxIpSecMIBObjects 1.3.6.1.4.1.2636.3.22.1
OBJECT IDENTIFIER    

jnxIpSecLevels 1.3.6.1.4.1.2636.3.22.1.1
OBJECT IDENTIFIER    

jnxIpSecPhaseOne 1.3.6.1.4.1.2636.3.22.1.2
OBJECT IDENTIFIER    

jnxIpSecPhaseTwo 1.3.6.1.4.1.2636.3.22.1.3
OBJECT IDENTIFIER    

jnxIpSecMibLevel 1.3.6.1.4.1.2636.3.22.1.1.1
The version of the IPsec MIB.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 1..4096  

jnxIkeTunnelTable 1.3.6.1.4.1.2636.3.22.1.2.1
The IPsec Phase-1 Internet Key Exchange Tunnel Table. There is one entry in this table for each active IPsec Phase-1 IKE Tunnel.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    JnxIkeTunnelEntry

jnxIkeTunnelEntry 1.3.6.1.4.1.2636.3.22.1.2.1.1
Each entry contains the attributes associated with an active IPsec Phase-1 IKE Tunnel.
Status: current Access: not-accessible
OBJECT-TYPE    
  JnxIkeTunnelEntry  

jnxIkeTunIndex 1.3.6.1.4.1.2636.3.22.1.2.1.1.1
The index of the IPsec Phase-1 IKE Tunnel Table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647.
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 1..2147483647  

jnxIkeTunLocalRole 1.3.6.1.4.1.2636.3.22.1.2.1.1.2
The role of local peer identity. The Role of the local peer can be: 1. initiator. 2. or responder.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkePeerRole  

jnxIkeTunNegState 1.3.6.1.4.1.2636.3.22.1.2.1.1.3
The state of the current negotiation , It can be 1. matured 2. not matured
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkeNegState  

jnxIkeTunInitiatorCookie 1.3.6.1.4.1.2636.3.22.1.2.1.1.4
Cookie as generated by the peer that initiated the IKE Phase-1 negotiation. This cookie is carried in the ISAKMP header.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIkeTunResponderCookie 1.3.6.1.4.1.2636.3.22.1.2.1.1.5
Cookie as generated by the peer responding to the IKE Phase-1 negotiation initiated by the remote peer. This cookie is carried in the ISAKMP header.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIkeTunLocalIdType 1.3.6.1.4.1.2636.3.22.1.2.1.1.6
The type of local peer identity. The local peer may be identified by: 1. an IP address, or 2. or a fully qualified domain name string. 3. or a distinguished name string.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkePeerType  

jnxIkeTunLocalIdValue 1.3.6.1.4.1.2636.3.22.1.2.1.1.7
The value of the local peer identity. If the local peer type is an IP Address, then this is the IP Address used to identify the local peer. If the local peer type is id_fqdn, then this is the FQDN of the remote peer. If the local peer type is a id_dn, then this is the distinguished name string of the local peer.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIkeTunLocalGwAddrType 1.3.6.1.4.1.2636.3.22.1.2.1.1.8
The IP address type of the local endpoint (gateway) for the IPsec Phase-1 IKE Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

jnxIkeTunLocalGwAddr 1.3.6.1.4.1.2636.3.22.1.2.1.1.9
The IP address of the local endpoint (gateway) for the IPsec Phase-1 IKE Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

jnxIkeTunLocalCertName 1.3.6.1.4.1.2636.3.22.1.2.1.1.10
Name of the certificate used for authentication of the local tunnel endpoint. This object will have some valid value only if negotiated IKE authentication method is other than pre-saherd key. If the IKE negotiation do not use certificate based authentication method, then the value of this object will be a NULL string.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIkeTunRemoteIdType 1.3.6.1.4.1.2636.3.22.1.2.1.1.11
The type of remote peer identity. The remote peer may be identified by: 1. an IP address, or 2. or a fully qualified domain name string. 3. or a distinguished name string.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkePeerType  

jnxIkeTunRemoteIdValue 1.3.6.1.4.1.2636.3.22.1.2.1.1.12
The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer. If the remote peer type is id_fqdn, then this is the FQDN of the remote peer. If the remote peer type is a id_dn, then this is the distinguished named string of the remote peer.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIkeTunRemoteGwAddrType 1.3.6.1.4.1.2636.3.22.1.2.1.1.13
The IP address type of the remote gateway (endpoint) for the IPsec Phase-1 IKE Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

jnxIkeTunRemoteGwAddr 1.3.6.1.4.1.2636.3.22.1.2.1.1.14
The IP address of the remote gateway (endpoint) for the IPsec Phase-1 IKE Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

jnxIkeTunNegoMode 1.3.6.1.4.1.2636.3.22.1.2.1.1.15
The negotiation mode of the IPsec Phase-1 IKE Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkeNegoMode  

jnxIkeTunDiffHellmanGrp 1.3.6.1.4.1.2636.3.22.1.2.1.1.16
The Diffie Hellman Group used in IPsec Phase-1 IKE negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  JnxDiffHellmanGrp  

jnxIkeTunEncryptAlgo 1.3.6.1.4.1.2636.3.22.1.2.1.1.17
The encryption algorithm used in IPsec Phase-1 IKE negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  JnxEncryptAlgo  

jnxIkeTunHashAlgo 1.3.6.1.4.1.2636.3.22.1.2.1.1.18
The hash algorithm used in IPsec Phase-1 IKE negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkeHashAlgo  

jnxIkeTunAuthMethod 1.3.6.1.4.1.2636.3.22.1.2.1.1.19
The authentication method used in IPsec Phase-1 IKE negotiations.
Status: current Access: read-only
OBJECT-TYPE    
  JnxIkeAuthMethod  

jnxIkeTunLifeTime 1.3.6.1.4.1.2636.3.22.1.2.1.1.20
The negotiated LifeTime of the IPsec Phase-1 IKE Tunnel in seconds.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32 1..2147483647  

jnxIkeTunActiveTime 1.3.6.1.4.1.2636.3.22.1.2.1.1.21
The length of time the IPsec Phase-1 IKE tunnel has been active in hundredths of seconds.
Status: current Access: read-only
OBJECT-TYPE    
  TimeInterval  

jnxIkeTunInOctets 1.3.6.1.4.1.2636.3.22.1.2.1.1.22
The total number of octets received by this IPsec Phase-1 IKE security association.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIkeTunInPkts 1.3.6.1.4.1.2636.3.22.1.2.1.1.23
The total number of packets received by this IPsec Phase-1 IKE security association.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

jnxIkeTunOutOctets 1.3.6.1.4.1.2636.3.22.1.2.1.1.24
The total number of octets sent by this IPsec Phase-1 IKE security association.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIkeTunOutPkts 1.3.6.1.4.1.2636.3.22.1.2.1.1.25
The total number of packets sent by this IPsec Phase-1 IKE security association.
Status: current Access: read-only
OBJECT-TYPE    
  Counter32  

jnxIpSecTunnelTable 1.3.6.1.4.1.2636.3.22.1.3.1
The IPsec Phase-2 Tunnel Table. There is one entry in this table for each active IPsec Phase-2 Tunnel.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    JnxIpSecTunnelEntry

jnxIpSecTunnelEntry 1.3.6.1.4.1.2636.3.22.1.3.1.1
Each entry contains the attributes associated with an active IPsec Phase-2 Tunnel.
Status: current Access: not-accessible
OBJECT-TYPE    
  JnxIpSecTunnelEntry  

jnxIpSecTunIndex 1.3.6.1.4.1.2636.3.22.1.3.1.1.1
The index of the IPsec Phase-2 Tunnel Table. The value of the index is a number which begins at one and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647.
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 1..2147483647  

jnxIpSecRuleName 1.3.6.1.4.1.2636.3.22.1.3.1.1.2
Name of the rule configured in IPSec configuration.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIpSecTermName 1.3.6.1.4.1.2636.3.22.1.3.1.1.3
Name of the term configured under IPSec rule.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIpSecTunLocalGwAddrType 1.3.6.1.4.1.2636.3.22.1.3.1.1.4
The IP address type of the local gateway (endpoint) for the IPsec Phase-2 Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

jnxIpSecTunLocalGwAddr 1.3.6.1.4.1.2636.3.22.1.3.1.1.5
The IP address of the local gateway (endpoint) for the IPsec Phase-2 Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

jnxIpSecTunRemoteGwAddrType 1.3.6.1.4.1.2636.3.22.1.3.1.1.6
The IP address type of the remote gateway (endpoint) for the IPsec Phase-2 Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddressType  

jnxIpSecTunRemoteGwAddr 1.3.6.1.4.1.2636.3.22.1.3.1.1.7
The IP address of the remote gateway (endpoint) for the IPsec Phase-2 Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  InetAddress  

jnxIpSecTunLocalProxyId 1.3.6.1.4.1.2636.3.22.1.3.1.1.8
Identifier for the local end.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIpSecTunRemoteProxyId 1.3.6.1.4.1.2636.3.22.1.3.1.1.9
Identifier for the remote end.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

jnxIpSecTunKeyType 1.3.6.1.4.1.2636.3.22.1.3.1.1.10
The type of key used by the IPsec Phase-2 Tunnel. It can be one of the following two types: - IKE negotiated - Manually installed
Status: current Access: read-only
OBJECT-TYPE    
  JnxKeyType  

jnxIpSecRemotePeerType 1.3.6.1.4.1.2636.3.22.1.3.1.1.11
The type of the remote peer gateway (endpoint). It can be one of the following two types: - static (Remote peer whose IP address is known beforehand) - dynamic (Remote peer whose IP address is not known beforehand)
Status: current Access: read-only
OBJECT-TYPE    
  JnxRemotePeerType  

jnxIpSecTunMtu 1.3.6.1.4.1.2636.3.22.1.3.1.1.12
MTU value of this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

jnxIpSecTunOutEncryptedBytes 1.3.6.1.4.1.2636.3.22.1.3.1.1.13
Number of bytes encrypted by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunOutEncryptedPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.14
Number of packets encrypted by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunInDecryptedBytes 1.3.6.1.4.1.2636.3.22.1.3.1.1.15
Number of bytes decrypted by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunInDecryptedPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.16
Number of packets decrypted by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpsSecTunAHInBytes 1.3.6.1.4.1.2636.3.22.1.3.1.1.17
Number of incoming bytes authenticated using AH by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpsSecTunAHInPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.18
Number of incoming packets authenticated using AH by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpsSecTunAHOutBytes 1.3.6.1.4.1.2636.3.22.1.3.1.1.19
Number of outgoing bytes applied AH by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpsSecTunAHOutPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.20
Number of outgoing packets applied AH by this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunReplayDropPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.21
Number of packets dropped by this Phase-2 tunnel due to anti replay check failure.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunAhAuthFails 1.3.6.1.4.1.2636.3.22.1.3.1.1.22
Number of packets received by this Phase-2 tunnel that failed AH authentication.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunEspAuthFails 1.3.6.1.4.1.2636.3.22.1.3.1.1.23
Number of packets received by this Phase-2 tunnel that failed ESP authentication.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunDecryptFails 1.3.6.1.4.1.2636.3.22.1.3.1.1.24
Number of packets received by this Phase-2 tunnel that failed decryption.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunBadHeaders 1.3.6.1.4.1.2636.3.22.1.3.1.1.25
Number of packets received by this Phase-2 tunnel that failed due to bad headers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunBadTrailers 1.3.6.1.4.1.2636.3.22.1.3.1.1.26
Number of packets received by this Phase-2 tunnel that failed due to bad ESP trailers.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecTunDroppedPkts 1.3.6.1.4.1.2636.3.22.1.3.1.1.27
Total number of dropped packets for this Phase-2 tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  Counter64  

jnxIpSecSaTable 1.3.6.1.4.1.2636.3.22.1.3.2
The IPsec Phase-2 Security Association Table. This table identifies the structure (in terms of component SAs) of each active Phase-2 IPsec tunnel. This table contains an entry for each active and expiring security association and maps each entry in the active Phase-2 tunnel table (ipSecTunTable) into a number of entries in this table. The index of this table reflects the rule for identifying Security Associations.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    JnxIpSecSaEntry

jnxIpSecSaEntry 1.3.6.1.4.1.2636.3.22.1.3.2.1
Each entry contains the attributes associated with active and expiring IPsec Phase-2 security associations.
Status: current Access: not-accessible
OBJECT-TYPE    
  JnxIpSecSaEntry  

jnxIpSecSaProtocol 1.3.6.1.4.1.2636.3.22.1.3.2.1.1
The index, represents the security protocol (AH, ESP or IPComp) for which this security association was setup.
Status: current Access: not-accessible
OBJECT-TYPE    
  INTEGER ah(1), esp(2)  

jnxIpSecSaIndex 1.3.6.1.4.1.2636.3.22.1.3.2.1.2
The index, in the context of the IPsec tunnel ipSecTunIndex, of the security association represented by this table entry. The value of this index is a number which begins at one and is incremented with each SPI associated with an IPsec Phase-2 Tunnel. The value of this object will wrap at 2,147,483,647.
Status: current Access: not-accessible
OBJECT-TYPE    
  Integer32 1..2147483647  

jnxIpSecSaInSpi 1.3.6.1.4.1.2636.3.22.1.3.2.1.3
The value of the incoming SPI.
Status: current Access: read-only
OBJECT-TYPE    
  JnxSpi  

jnxIpSecSaOutSpi 1.3.6.1.4.1.2636.3.22.1.3.2.1.4
The value of the outgoing SPI.
Status: current Access: read-only
OBJECT-TYPE    
  JnxSpi  

jnxIpSecSaInAuxSpi 1.3.6.1.4.1.2636.3.22.1.3.2.1.5
The value of the incoming auxiliary SPI. This is valid for AH and ESP bundles.
Status: current Access: read-only
OBJECT-TYPE    
  JnxSpi  

jnxIpSecSaOutAuxSpi 1.3.6.1.4.1.2636.3.22.1.3.2.1.6
The value of the outgoing auxiliary SPI. This is valid for AH and ESP bundles.
Status: current Access: read-only
OBJECT-TYPE    
  JnxSpi  

jnxIpSecSaType 1.3.6.1.4.1.2636.3.22.1.3.2.1.7
This field represents the type of security associations which can be either manual or dynamic
Status: current Access: read-only
OBJECT-TYPE    
  JnxSAType  

jnxIpSecSaEncapMode 1.3.6.1.4.1.2636.3.22.1.3.2.1.8
The encapsulation mode used by an IPsec Phase-2 Tunnel.
Status: current Access: read-only
OBJECT-TYPE    
  JnxEncapMode  

jnxIpSecSaLifeSize 1.3.6.1.4.1.2636.3.22.1.3.2.1.9
The negotiated LifeSize of the IPsec Phase-2 Tunnel in kilobytes.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

jnxIpSecSaLifeTime 1.3.6.1.4.1.2636.3.22.1.3.2.1.10
The negotiated LifeTime of the IPsec Phase-2 Tunnel in seconds.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

jnxIpSecSaActiveTime 1.3.6.1.4.1.2636.3.22.1.3.2.1.11
The length of time the IPsec Phase-2 Tunnel has been active in seconds.
Status: current Access: read-only
OBJECT-TYPE    
  TimeInterval  

jnxIpSecSaLifeSizeThreshold 1.3.6.1.4.1.2636.3.22.1.3.2.1.12
The security association LifeSize refresh threshold in kilobytes.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

jnxIpSecSaLifeTimeThreshold 1.3.6.1.4.1.2636.3.22.1.3.2.1.13
The security association LifeTime refresh threshold in seconds.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

jnxIpSecSaEncryptAlgo 1.3.6.1.4.1.2636.3.22.1.3.2.1.14
The Encryption algorithm used to encrypt the packets which can be either es-cbc or 3des-cbc.
Status: current Access: read-only
OBJECT-TYPE    
  JnxEncryptAlgo  

jnxIpSecSaAuthAlgo 1.3.6.1.4.1.2636.3.22.1.3.2.1.15
The algorithm used for authentication of packets which can be hmac-md5-96 or hmac-sha1-96
Status: current Access: read-only
OBJECT-TYPE    
  JnxAuthAlgo  

jnxIpSecSaState 1.3.6.1.4.1.2636.3.22.1.3.2.1.16
This column represents the status of the security association represented by this table entry. If the status of the SA is 'active', the SA is ready for active use. The status 'expiring' represents any of the various states that the security association transitions through before being purged.
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER unknown(0), active(1), expiring(2)