SHIVA-VPN-TUNNEL-MIB

File: SHIVA-VPN-TUNNEL-MIB.mib (16383 bytes)

Imported modules

RFC1155-SMI RFC-1212 RFC1213-MIB
SHIVA-VPN-DEF

Imported symbols

TimeTicks Counter IpAddress
Gauge OBJECT-TYPE DisplayString
ifIndex vpnTunnel

Defined Types

TunnelIfExtEntry  
SEQUENCE    
  tunnelIfExtType INTEGER
  tunnelIfExtAuthentication INTEGER
  tunnelIfExtName DisplayString
  tunnelIfExtCertificateAuthority DisplayString
  tunnelIfExtCertificateSerialNumber DisplayString
  tunnelIfExtSessionKeyValidity TimeTicks
  tunnelIfExtEncryptionErrors Counter
  tunnelIfExtDecryptionErrors Counter
  tunnelIfExtPadErrors Counter
  tunnelIfExtChecksumErrors Counter
  tunnelIfExtReplayErrors Counter
  tunnelIfExtLocalIp IpAddress
  tunnelIfExtRemoteIp IpAddress
  tunnelBytesPerSecIn Gauge
  tunnelBytesPerSecOut Gauge

SecurityAssociationEntry  
SEQUENCE    
  securityAssociationIpAddress IpAddress
  securityAssociationSPI OCTET STRING
  securityAssociationProtocol INTEGER
  securityAssociationLocal INTEGER
  securityAssociationIfIndex INTEGER

Defined Values

tunnelConfig 1.3.6.1.4.1.166.6.1.1.7.1
OBJECT IDENTIFIER    

tunnelStatus 1.3.6.1.4.1.166.6.1.1.7.2
OBJECT IDENTIFIER    

tunnelActions 1.3.6.1.4.1.166.6.1.1.7.3
OBJECT IDENTIFIER    

tunnNumberSiteToSite 1.3.6.1.4.1.166.6.1.1.7.1.1
The number of site-to-site tunnels configured on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

tunnNumberRemoteUser 1.3.6.1.4.1.166.6.1.1.7.1.2
The number of single remote user tunnels configured on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

tunnNumberGroupUser 1.3.6.1.4.1.166.6.1.1.7.1.3
The number of multiple remote user (group) tunnels configured on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER 0..65535  

tunnCurrentSiteToSite 1.3.6.1.4.1.166.6.1.1.7.2.1
The number of site-to-site tunnels currently operational on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Gauge  

tunnCurrentRemoteUser 1.3.6.1.4.1.166.6.1.1.7.2.2
The number of single remote user tunnels currently operational on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Gauge  

tunnCurrentGroupUser 1.3.6.1.4.1.166.6.1.1.7.2.3
The number of multiple remote user (group) tunnels currently operational on this system.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Gauge  

tunnNoProfileErrors 1.3.6.1.4.1.166.6.1.1.7.2.4
The number of times a tunnel could not be negotiated because a profile did not exist.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnBadSigs 1.3.6.1.4.1.166.6.1.1.7.2.5
The number of times the authentication of a peer failed due to an invalid signature.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnBadCerts 1.3.6.1.4.1.166.6.1.1.7.2.6
The number of times tunnel authentication failed becasue the peer provided an invalid certificate.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnOtherFailures 1.3.6.1.4.1.166.6.1.1.7.2.7
The number of times tunnel authentication failed due to errors other than an invalid signature, an invalid certificate, or no profile.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelsLanded 1.3.6.1.4.1.166.6.1.1.7.2.8
The number of remote user tunnels formed since the VPN Gateway was last configured.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtTable 1.3.6.1.4.1.166.6.1.1.7.2.50
The (conceptual) table containing information on configured tunnels. This table augments the tunnelIfTable in TUNNEL-MIB, there will be a row for each row in that table. In turn, tunnelIfTable has a row for each entry in ifTable in IF-MIB whose ifType is tunnel(131). Note that entries in the tunnelIfTable and tunnelIfExtTable are ephemeral, so will be reset whenever the corresponding interface transitions to line state up from line state down. The MIB guarantees that, if the physical interfaces are numbered 1 to N, the site-to-site entries in the tunnelIfExtTable are numbered consecutively beginning at N+1, the tunnels for remote users appear after that, and the tunnels for remote groups appear last.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    TunnelIfExtEntry

tunnelIfExtEntry 1.3.6.1.4.1.166.6.1.1.7.2.50.1
An entry (conceptual row) containing the information on a particular configured tunnel.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  TunnelIfExtEntry  

tunnelIfExtType 1.3.6.1.4.1.166.6.1.1.7.2.50.1.1
This object indicates whether this entry represents a site-to-site, a remote user, or a group tunnel. The value of this object does not change from one tunnel instantiation to another.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER other(1), siteToSite(2), remote(3), group(4)  

tunnelIfExtAuthentication 1.3.6.1.4.1.166.6.1.1.7.2.50.1.2
This object indicates the authentication mechanism used to identify the peer. The value x509Sig(2) means that signatures based on public key cryptography were used. The value sharedSecret(3) means that a pre-shared secret was used to authenticate. The value securId(4) means SecurID was used. The value other(1) indicates another currently unsupported mechanism was used to authenticate the peer, and is provided for forward compatibility.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER other(1), x509Sig(2), sharedSecret(3), securId(4)  

tunnelIfExtName 1.3.6.1.4.1.166.6.1.1.7.2.50.1.3
This object gives the distinguished name of the peer associated with this tunnel. If the peer's name has not yet been established, this object's value is the distinguished string . If the peer used a certificate to authenticate itself, this object provides the distinguished name from the certificate. Otherwise it gives the name the peer provided to identify itself during authentication.
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString  

tunnelIfExtCertificateAuthority 1.3.6.1.4.1.166.6.1.1.7.2.50.1.4
When signatures were used to authenticate this entry's tunnel, this object provides the issuer name of the peer's X.509 certificate. When signatures were not used to authenticate this entry's tunnel, this object's value is NULL.
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString  

tunnelIfExtCertificateSerialNumber 1.3.6.1.4.1.166.6.1.1.7.2.50.1.5
When signatures were used to authenticate this entry's tunnel, this object provides the serial number from the peer's X.509 certificate. When signatures were not used to authenticate this entry's tunnel, this object's value is NULL.
Status: mandatory Access: read-only
OBJECT-TYPE    
  DisplayString  

tunnelIfExtSessionKeyValidity 1.3.6.1.4.1.166.6.1.1.7.2.50.1.6
This object provides the number of centiseconds remaining until the key for this tunnel expires, i.e., the time remaining for this tunnel's security association.
Status: mandatory Access: read-only
OBJECT-TYPE    
  TimeTicks  

tunnelIfExtEncryptionErrors 1.3.6.1.4.1.166.6.1.1.7.2.50.1.7
This object counts the number of datagrams this tunnel has discarded due to encryption errors.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtDecryptionErrors 1.3.6.1.4.1.166.6.1.1.7.2.50.1.8
This object counts the number of objects discarded due to decryption errors. The total does not include pad or checksum errors detected after decryption.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtPadErrors 1.3.6.1.4.1.166.6.1.1.7.2.50.1.9
This object counts the number of pad errors detected after decryption.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtChecksumErrors 1.3.6.1.4.1.166.6.1.1.7.2.50.1.10
This object counts the number of checksum errors detected while decapsulating a datagram emerging from this entry's interface's tunnel. Note this total can include AH failures, ESP data integrity failures, and SST checksum failures.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtReplayErrors 1.3.6.1.4.1.166.6.1.1.7.2.50.1.11
This object counts the number of datagrams discarded because they failed to pass the replay screening algorithm.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Counter  

tunnelIfExtLocalIp 1.3.6.1.4.1.166.6.1.1.7.2.50.1.12
This object provides the IP address used to address datagrams sent from this tunnel's interface.
Status: mandatory Access: read-only
OBJECT-TYPE    
  IpAddress  

tunnelIfExtRemoteIp 1.3.6.1.4.1.166.6.1.1.7.2.50.1.13
This object provides the IP address used to address datagrams sent to this tunnel's peer.
Status: mandatory Access: read-only
OBJECT-TYPE    
  IpAddress  

tunnelBytesPerSecIn 1.3.6.1.4.1.166.6.1.1.7.2.50.1.14
This is the number of bytes per second received and decrypted by this tunnel, averaged over approximately the last minute.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Gauge  

tunnelBytesPerSecOut 1.3.6.1.4.1.166.6.1.1.7.2.50.1.15
This is the number of bytes per second transmitted and encrypted by this tunnel, averaged over approximately the last minute.
Status: mandatory Access: read-only
OBJECT-TYPE    
  Gauge  

securityAssociationTable 1.3.6.1.4.1.166.6.1.1.7.2.51
The (conceptual) table mapping half-duplex security associations to tunnel interface indexes. Entries in this table are ephemeral, appearing and disappearing as security associations are formed and dropped. Note this table does not include IKE security associations, as these require a different indexing structure.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    SecurityAssociationEntry

securityAssociationEntry 1.3.6.1.4.1.166.6.1.1.7.2.51.1
The (conceptual) table entry mapping a particular security association to its tunnel interface.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  SecurityAssociationEntry  

securityAssociationIpAddress 1.3.6.1.4.1.166.6.1.1.7.2.51.1.1
This is the IP address identifying this security association.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  IpAddress  

securityAssociationSPI 1.3.6.1.4.1.166.6.1.1.7.2.51.1.2
This is the SPI identifying this security association. The bytes of the SPI are in network byte order.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  OCTET STRING Size(4)  

securityAssociationProtocol 1.3.6.1.4.1.166.6.1.1.7.2.51.1.3
This is the protocol id identifying this security association. The value esp(50) indicates this entry corresponds to an ESP security association. The value ah(51) indicates this entry represents an AH security association. The value sst(2233) means this entry corresponds to an SST security association. The value other(1) is used for all other kinds of security associations; this value exists to support future protocols that might use security associations.
Status: mandatory Access: not-accessible
OBJECT-TYPE    
  INTEGER other(1), esp(50), ah(51), sst(2233)  

securityAssociationLocal 1.3.6.1.4.1.166.6.1.1.7.2.51.1.4
This object indicates the direction of the security association. The value local(1) means the security association is from the peer system to the local system, i.e., this entry's securityAssociationIpAddress is an IP address for the local system. The value remote(2) means this entry represents a security association from the local system to the peer, and its securityAssociationIpAddress is that of the peer system. Although the distinction between local and remote security associations is artificial for IKE and SST, the securityAssociationTable includes both to provide a uniform management interface for all possible security associations.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER local(1), remote(2)  

securityAssociationIfIndex 1.3.6.1.4.1.166.6.1.1.7.2.51.1.5
This object provides the ifIndex of the tunnel interface implementing this entry's security association.
Status: mandatory Access: read-only
OBJECT-TYPE    
  INTEGER  

Generation date: July 28, 2023, 16:18:13, Copyright © 2007 - 2022 - Circitor