CISCO-IPSEC-MIB

        The MIB module for modeling Cisco-specific 
IPsec attributes
        
Overview of Cisco IPsec MIB
        
MIB description
        
This MIB models the Cisco implementation-specific 
attributes of a Cisco entity that implements IPsec. 
This MIB is complementary to the standard IPsec MIB 
proposed jointly by Tivoli and Cisco.
        
The ciscoIPsec MIB provides the operational information 
on Cisco's IPsec tunnelling implementation.  
The following entities are managed:
1) ISAKMP Group:
a) ISAKMP global parameters
b) ISAKMP Policy Table
        
2) IPSec Group:
a) IPSec Global Parameters
b) IPSec Global Traffic Parameters
c) Cryptomap Group
- Cryptomap Set Table
- Cryptomap Table
- CryptomapSet Binding Table
        
3) System Capacity & Capability Group:
a) Capacity Parameters
b) Capability Parameters
        
4) Trap Control Group
5) Notifications Group
    

Imported Objects

ciscoExperimentCISCO-SMI
ifIndexIF-MIB
MODULE-COMPLIANCE, OBJECT-GROUPSNMPv2-CONF
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32, Gauge32, Integer32SNMPv2-SMI
DisplayString, TruthValue, TEXTUAL-CONVENTIONSNMPv2-TC

Type Definitions (12)

Name Base Type Values/Constraints
CIPsecLifesizerange: 2560..536870912
CIPsecLifetimerange: 120..86400
CIPsecNumCryptoMapsrange: 0..2147483647
CryptomapSetBindStatusunknown(0), attached(1), detached(2)
CryptomapTypecryptomapTypeNONE(0), cryptomapTypeMANUAL(1), cryptomapTypeISAKMP(2), cryptomapTypeCET(3), cryptomapTypeDYNAMIC(4), cryptomapTypeDYNAMICDISCOVERY(5)
DiffHellmanGrpnone(1), dhGroup1(2), dhGroup2(3)
EncryptAlgonone(1), des(2), des3(3)
IkeAuthMethodnone(1), preSharedKey(2), rsaSig(3), rsaEncrypt(4), revPublicKey(5)
IkeHashAlgonone(1), md5(2), sha(3)
IkeIdentityTypeisakmpIdTypeUNKNOWN(0), isakmpIdTypeADDRESS(1), isakmpIdTypeHOSTNAME(2)
IPSIpAddressrange: 4, range: 16
TrapStatusenabled(1), disabled(2)

Objects

ciscoIPsecMIB .1.3.6.1.4.1.9.10.62
ciscoIPsecMIBObjects .1.3.6.1.4.1.9.10.62.1
cipsIsakmpGroup .1.3.6.1.4.1.9.10.62.1.1
cipsIsakmpEnabled
.1.3.6.1.4.1.9.10.62.1.1.1
cipsIsakmpIdentity .1.3.6.1.4.1.9.10.62.1.1.2
cipsIsakmpKeepaliveInterval .1.3.6.1.4.1.9.10.62.1.1.3
cipsNumIsakmpPolicies .1.3.6.1.4.1.9.10.62.1.1.4
cipsIsakmpPolicyTable .1.3.6.1.4.1.9.10.62.1.1.5
cipsIsakmpPolicyEntry .1.3.6.1.4.1.9.10.62.1.1.5.1
cipsIsakmpPolPriority .1.3.6.1.4.1.9.10.62.1.1.5.1.1
cipsIsakmpPolEncr .1.3.6.1.4.1.9.10.62.1.1.5.1.2
cipsIsakmpPolHash .1.3.6.1.4.1.9.10.62.1.1.5.1.3
cipsIsakmpPolAuth .1.3.6.1.4.1.9.10.62.1.1.5.1.4
cipsIsakmpPolGroup .1.3.6.1.4.1.9.10.62.1.1.5.1.5
cipsIsakmpPolLifetime .1.3.6.1.4.1.9.10.62.1.1.5.1.6
cipsIPsecGroup .1.3.6.1.4.1.9.10.62.1.2
cipsIPsecGlobals .1.3.6.1.4.1.9.10.62.1.2.1
cipsSALifetime .1.3.6.1.4.1.9.10.62.1.2.1.1
cipsSALifesize .1.3.6.1.4.1.9.10.62.1.2.1.2
cipsNumStaticCryptomapSets .1.3.6.1.4.1.9.10.62.1.2.1.3
cipsNumCETCryptomapSets .1.3.6.1.4.1.9.10.62.1.2.1.4
cipsNumDynamicCryptomapSets .1.3.6.1.4.1.9.10.62.1.2.1.5
cipsNumTEDCryptomapSets .1.3.6.1.4.1.9.10.62.1.2.1.6
cipsIPsecStatistics .1.3.6.1.4.1.9.10.62.1.2.2
cipsNumTEDProbesReceived
.1.3.6.1.4.1.9.10.62.1.2.2.1
cipsNumTEDProbesSent
.1.3.6.1.4.1.9.10.62.1.2.2.2
cipsNumTEDFailures
.1.3.6.1.4.1.9.10.62.1.2.2.3
cipsCryptomapGroup .1.3.6.1.4.1.9.10.62.1.2.3
cipsStaticCryptomapSetTable .1.3.6.1.4.1.9.10.62.1.2.3.1
cipsStaticCryptomapSetEntry .1.3.6.1.4.1.9.10.62.1.2.3.1.1
cipsStaticCryptomapSetName
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.1
cipsStaticCryptomapSetSize
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.2
cipsStaticCryptomapSetNumIsakmp
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.3
cipsStaticCryptomapSetNumManual
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.4
cipsStaticCryptomapSetNumCET
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.5
cipsStaticCryptomapSetNumDynamic
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.6
cipsStaticCryptomapSetNumDisc
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.7
cipsStaticCryptomapSetNumSAs
.1.3.6.1.4.1.9.10.62.1.2.3.1.1.8
cipsDynamicCryptomapSetTable .1.3.6.1.4.1.9.10.62.1.2.3.2
cipsDynamicCryptomapSetEntry .1.3.6.1.4.1.9.10.62.1.2.3.2.1
cipsDynamicCryptomapSetName
.1.3.6.1.4.1.9.10.62.1.2.3.2.1.1
cipsDynamicCryptomapSetSize
.1.3.6.1.4.1.9.10.62.1.2.3.2.1.2
cipsDynamicCryptomapSetNumAssoc
.1.3.6.1.4.1.9.10.62.1.2.3.2.1.3
cipsStaticCryptomapTable .1.3.6.1.4.1.9.10.62.1.2.3.3
cipsStaticCryptomapEntry .1.3.6.1.4.1.9.10.62.1.2.3.3.1
cipsStaticCryptomapPriority .1.3.6.1.4.1.9.10.62.1.2.3.3.1.1
cipsStaticCryptomapType .1.3.6.1.4.1.9.10.62.1.2.3.3.1.2
cipsStaticCryptomapDescr
.1.3.6.1.4.1.9.10.62.1.2.3.3.1.3
cipsStaticCryptomapPeer .1.3.6.1.4.1.9.10.62.1.2.3.3.1.4
cipsStaticCryptomapNumPeers .1.3.6.1.4.1.9.10.62.1.2.3.3.1.5
cipsStaticCryptomapPfs .1.3.6.1.4.1.9.10.62.1.2.3.3.1.6
cipsStaticCryptomapLifetime .1.3.6.1.4.1.9.10.62.1.2.3.3.1.7
cipsStaticCryptomapLifesize .1.3.6.1.4.1.9.10.62.1.2.3.3.1.8
cipsStaticCryptomapLevelHost
.1.3.6.1.4.1.9.10.62.1.2.3.3.1.9
cipsCryptomapSetIfTable .1.3.6.1.4.1.9.10.62.1.2.3.4
cipsCryptomapSetIfEntry
.1.3.6.1.4.1.9.10.62.1.2.3.4.1
cipsCryptomapSetIfVirtual
.1.3.6.1.4.1.9.10.62.1.2.3.4.1.1
cipsCryptomapSetIfStatus .1.3.6.1.4.1.9.10.62.1.2.3.4.1.2
cipsSysCapacityGroup .1.3.6.1.4.1.9.10.62.1.3
cipsMaxSAs .1.3.6.1.4.1.9.10.62.1.3.1
cips3DesCapable
.1.3.6.1.4.1.9.10.62.1.3.2
cipsTrapCntlGroup .1.3.6.1.4.1.9.10.62.1.4
cipsCntlIsakmpPolicyAdded .1.3.6.1.4.1.9.10.62.1.4.1
cipsCntlIsakmpPolicyDeleted .1.3.6.1.4.1.9.10.62.1.4.2
cipsCntlCryptomapAdded .1.3.6.1.4.1.9.10.62.1.4.3
cipsCntlCryptomapDeleted .1.3.6.1.4.1.9.10.62.1.4.4
cipsCntlCryptomapSetAttached .1.3.6.1.4.1.9.10.62.1.4.5
cipsCntlCryptomapSetDetached .1.3.6.1.4.1.9.10.62.1.4.6
cipsCntlTooManySAs .1.3.6.1.4.1.9.10.62.1.4.7
ciscoIPsecMIBNotificationPrefix .1.3.6.1.4.1.9.10.62.2
cipsMIBNotifications .1.3.6.1.4.1.9.10.62.2.0
ciscoIPsecMIBConformance .1.3.6.1.4.1.9.10.62.3
cipsMIBConformances .1.3.6.1.4.1.9.10.62.3.1
cipsMIBGroups .1.3.6.1.4.1.9.10.62.3.2

Notifications/Traps

NameOIDDescription
cipsIsakmpPolicyAdded

.1.3.6.1.4.1.9.10.62.2.0.1
This trap is generated when a new ISAKMP
policy element is defined on the managed entity.
The context of the event includes the updated
number of ISAKMP policy elements currently available.
cipsIsakmpPolicyDeleted

.1.3.6.1.4.1.9.10.62.2.0.2
This trap is generated when an existing ISAKMP
policy element is deleted on the managed entity.
The context of the event includes the updated
number of ISAKMP policy elements currently available.
cipsCryptomapAdded


.1.3.6.1.4.1.9.10.62.2.0.3
This trap is generated when a new cryptomap is
added to the specified cryptomap set.
cipsCryptomapDeleted

.1.3.6.1.4.1.9.10.62.2.0.4
This trap is generated when a cryptomap is
removed from the specified cryptomap set.
cipsCryptomapSetAttached



.1.3.6.1.4.1.9.10.62.2.0.5
A cryptomap set must be attached to an interface
of the device in order for it to be operational.
This trap is generated when the cryptomap set 
attached to an active interface of the managed entity.
          
The context of the notification includes:
   Size of the attached cryptomap set,
   Number of ISAKMP cryptomaps in the set and
   Number of Dynamic cryptomaps in the set.
cipsCryptomapSetDetached

.1.3.6.1.4.1.9.10.62.2.0.6
This trap is generated when a cryptomap set is
detached from an interafce to which it was
bound earlier. The context of the event identifies the
size of the cryptomap set.
cipsTooManySAs

.1.3.6.1.4.1.9.10.62.2.0.7
This trap is generated when a new SA is attempted 
to be setup while the number of currently active SAs 
equals the maximum configurable.  The variables are:
	     cipsMaxSAs