SHIVA-VPN-TUNNEL-MIB
File:
SHIVA-VPN-TUNNEL-MIB.mib (16383 bytes)
Imported modules
Imported symbols
Defined Types
TunnelIfExtEntry |
|
SEQUENCE |
|
|
|
|
tunnelIfExtType |
INTEGER |
|
|
tunnelIfExtAuthentication |
INTEGER |
|
|
tunnelIfExtName |
DisplayString |
|
|
tunnelIfExtCertificateAuthority |
DisplayString |
|
|
tunnelIfExtCertificateSerialNumber |
DisplayString |
|
|
tunnelIfExtSessionKeyValidity |
TimeTicks |
|
|
tunnelIfExtEncryptionErrors |
Counter |
|
|
tunnelIfExtDecryptionErrors |
Counter |
|
|
tunnelIfExtPadErrors |
Counter |
|
|
tunnelIfExtChecksumErrors |
Counter |
|
|
tunnelIfExtReplayErrors |
Counter |
|
|
tunnelIfExtLocalIp |
IpAddress |
|
|
tunnelIfExtRemoteIp |
IpAddress |
|
|
tunnelBytesPerSecIn |
Gauge |
|
|
tunnelBytesPerSecOut |
Gauge |
|
SecurityAssociationEntry |
|
SEQUENCE |
|
|
|
|
securityAssociationIpAddress |
IpAddress |
|
|
securityAssociationSPI |
OCTET STRING |
|
|
securityAssociationProtocol |
INTEGER |
|
|
securityAssociationLocal |
INTEGER |
|
|
securityAssociationIfIndex |
INTEGER |
|
Defined Values
tunnNumberSiteToSite |
1.3.6.1.4.1.166.6.1.1.7.1.1 |
The number of site-to-site tunnels configured
on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
tunnNumberRemoteUser |
1.3.6.1.4.1.166.6.1.1.7.1.2 |
The number of single remote user tunnels configured
on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
tunnNumberGroupUser |
1.3.6.1.4.1.166.6.1.1.7.1.3 |
The number of multiple remote user (group) tunnels
configured on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
tunnCurrentSiteToSite |
1.3.6.1.4.1.166.6.1.1.7.2.1 |
The number of site-to-site tunnels currently
operational on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge |
|
|
tunnCurrentRemoteUser |
1.3.6.1.4.1.166.6.1.1.7.2.2 |
The number of single remote user tunnels currently
operational on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge |
|
|
tunnCurrentGroupUser |
1.3.6.1.4.1.166.6.1.1.7.2.3 |
The number of multiple remote user (group) tunnels
currently operational on this system. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge |
|
|
tunnNoProfileErrors |
1.3.6.1.4.1.166.6.1.1.7.2.4 |
The number of times a tunnel could not be negotiated
because a profile did not exist. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnBadSigs |
1.3.6.1.4.1.166.6.1.1.7.2.5 |
The number of times the authentication of a peer
failed due to an invalid signature. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnBadCerts |
1.3.6.1.4.1.166.6.1.1.7.2.6 |
The number of times tunnel authentication failed
becasue the peer provided an invalid certificate. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnOtherFailures |
1.3.6.1.4.1.166.6.1.1.7.2.7 |
The number of times tunnel authentication failed
due to errors other than an invalid signature, an invalid
certificate, or no profile. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelsLanded |
1.3.6.1.4.1.166.6.1.1.7.2.8 |
The number of remote user tunnels formed since the
VPN Gateway was last configured. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtTable |
1.3.6.1.4.1.166.6.1.1.7.2.50 |
The (conceptual) table containing information
on configured tunnels. This table augments the
tunnelIfTable in TUNNEL-MIB, there will be a row
for each row in that table. In turn, tunnelIfTable
has a row for each entry in ifTable in IF-MIB
whose ifType is tunnel(131). Note that entries in
the tunnelIfTable and tunnelIfExtTable are ephemeral,
so will be reset whenever the corresponding interface
transitions to line state up from line state down.
The MIB guarantees that, if the physical interfaces
are numbered 1 to N, the site-to-site entries
in the tunnelIfExtTable are numbered consecutively
beginning at N+1, the tunnels for remote users
appear after that, and the tunnels for remote
groups appear last. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
TunnelIfExtEntry |
|
tunnelIfExtEntry |
1.3.6.1.4.1.166.6.1.1.7.2.50.1 |
An entry (conceptual row) containing the information
on a particular configured tunnel. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
TunnelIfExtEntry |
|
|
tunnelIfExtType |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.1 |
This object indicates whether this entry represents
a site-to-site, a remote user, or a group tunnel. The
value of this object does not change from one tunnel
instantiation to another. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), siteToSite(2), remote(3), group(4) |
|
tunnelIfExtAuthentication |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.2 |
This object indicates the authentication
mechanism used to identify the peer. The value
x509Sig(2) means that signatures based on public
key cryptography were used. The value sharedSecret(3)
means that a pre-shared secret was used to
authenticate. The value securId(4) means SecurID was
used. The value other(1) indicates another currently
unsupported mechanism was used to authenticate the peer,
and is provided for forward compatibility. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), x509Sig(2), sharedSecret(3), securId(4) |
|
tunnelIfExtName |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.3 |
This object gives the distinguished name of the
peer associated with this tunnel. If the peer's
name has not yet been established, this object's value
is the distinguished string .
If the peer used a certificate to authenticate
itself, this object provides the distinguished name
from the certificate. Otherwise it gives the
name the peer provided to identify itself during
authentication. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
tunnelIfExtCertificateAuthority |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.4 |
When signatures were used to authenticate this
entry's tunnel, this object provides the issuer name
of the peer's X.509 certificate. When signatures were
not used to authenticate this entry's tunnel, this
object's value is NULL. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
tunnelIfExtCertificateSerialNumber |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.5 |
When signatures were used to authenticate this
entry's tunnel, this object provides the serial
number from the peer's X.509 certificate. When
signatures were not used to authenticate this entry's
tunnel, this object's value is NULL. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
tunnelIfExtSessionKeyValidity |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.6 |
This object provides the number of centiseconds remaining
until the key for this tunnel expires, i.e., the
time remaining for this tunnel's security association. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TimeTicks |
|
|
tunnelIfExtEncryptionErrors |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.7 |
This object counts the number of datagrams this
tunnel has discarded due to encryption errors. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtDecryptionErrors |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.8 |
This object counts the number of objects discarded
due to decryption errors. The total does not include
pad or checksum errors detected after decryption. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtPadErrors |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.9 |
This object counts the number of pad errors detected
after decryption. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtChecksumErrors |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.10 |
This object counts the number of checksum errors
detected while decapsulating a datagram emerging from
this entry's interface's tunnel. Note this total can
include AH failures, ESP data integrity failures, and
SST checksum failures. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtReplayErrors |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.11 |
This object counts the number of datagrams discarded
because they failed to pass the replay screening
algorithm. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter |
|
|
tunnelIfExtLocalIp |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.12 |
This object provides the IP address used to address
datagrams sent from this tunnel's interface. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
tunnelIfExtRemoteIp |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.13 |
This object provides the IP address used to address
datagrams sent to this tunnel's peer. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
tunnelBytesPerSecIn |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.14 |
This is the number of bytes per second received and
decrypted by this tunnel, averaged over approximately
the last minute. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge |
|
|
tunnelBytesPerSecOut |
1.3.6.1.4.1.166.6.1.1.7.2.50.1.15 |
This is the number of bytes per second transmitted and
encrypted by this tunnel, averaged over approximately
the last minute. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge |
|
|
securityAssociationTable |
1.3.6.1.4.1.166.6.1.1.7.2.51 |
The (conceptual) table mapping half-duplex security
associations to tunnel interface indexes. Entries in
this table are ephemeral, appearing and disappearing
as security associations are formed and dropped. Note
this table does not include IKE security associations,
as these require a different indexing structure. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SecurityAssociationEntry |
|
securityAssociationEntry |
1.3.6.1.4.1.166.6.1.1.7.2.51.1 |
The (conceptual) table entry mapping a particular
security association to its tunnel interface. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SecurityAssociationEntry |
|
|
securityAssociationIpAddress |
1.3.6.1.4.1.166.6.1.1.7.2.51.1.1 |
This is the IP address identifying this security
association. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
securityAssociationSPI |
1.3.6.1.4.1.166.6.1.1.7.2.51.1.2 |
This is the SPI identifying this security
association. The bytes of the SPI are in
network byte order. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(4) |
|
securityAssociationProtocol |
1.3.6.1.4.1.166.6.1.1.7.2.51.1.3 |
This is the protocol id identifying this security
association. The value esp(50) indicates this
entry corresponds to an ESP security association.
The value ah(51) indicates this entry represents
an AH security association. The value sst(2233) means
this entry corresponds to an SST security association.
The value other(1) is used for all other kinds of
security associations; this value exists to support
future protocols that might use security associations. |
Status: mandatory |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), esp(50), ah(51), sst(2233) |
|
securityAssociationLocal |
1.3.6.1.4.1.166.6.1.1.7.2.51.1.4 |
This object indicates the direction of the security
association. The value local(1) means the security
association is from the peer system to the local
system, i.e., this entry's securityAssociationIpAddress
is an IP address for the local system. The value
remote(2) means this entry represents a security
association from the local system to the peer, and
its securityAssociationIpAddress is that of the peer
system. Although the distinction between local and
remote security associations is artificial for IKE
and SST, the securityAssociationTable includes both
to provide a uniform management interface for all
possible security associations. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
local(1), remote(2) |
|
securityAssociationIfIndex |
1.3.6.1.4.1.166.6.1.1.7.2.51.1.5 |
This object provides the ifIndex of the tunnel
interface implementing this entry's security
association. |
Status: mandatory |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|