CISCO-IPSEC-MIB
The MIB module for modeling Cisco-specific
IPsec attributes
Overview of Cisco IPsec MIB
MIB description
This MIB models the Cisco implementation-specific
attributes of a Cisco entity that implements IPsec.
This MIB is complementary to the standard IPsec MIB
proposed jointly by Tivoli and Cisco.
The ciscoIPsec MIB provides the operational information
on Cisco's IPsec tunnelling implementation.
The following entities are managed:
1) ISAKMP Group:
a) ISAKMP global parameters
b) ISAKMP Policy Table
2) IPSec Group:
a) IPSec Global Parameters
b) IPSec Global Traffic Parameters
c) Cryptomap Group
- Cryptomap Set Table
- Cryptomap Table
- CryptomapSet Binding Table
3) System Capacity & Capability Group:
a) Capacity Parameters
b) Capability Parameters
4) Trap Control Group
5) Notifications Group
|
Imported Objects
| ciscoExperiment | CISCO-SMI |
| ifIndex | IF-MIB |
| MODULE-COMPLIANCE, OBJECT-GROUP | SNMPv2-CONF |
| MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32, Gauge32, Integer32 | SNMPv2-SMI |
| DisplayString, TruthValue, TEXTUAL-CONVENTION | SNMPv2-TC |
Type Definitions (12)
| Name | Base Type | Values/Constraints |
|---|---|---|
 CIPsecLifesize | range: 2560..536870912 | |
| CIPsecLifetime | range: 120..86400 | |
| CIPsecNumCryptoMaps | range: 0..2147483647 | |
| CryptomapSetBindStatus | unknown(0), attached(1), detached(2) | |
| CryptomapType | cryptomapTypeNONE(0), cryptomapTypeMANUAL(1), cryptomapTypeISAKMP(2), cryptomapTypeCET(3), cryptomapTypeDYNAMIC(4), cryptomapTypeDYNAMICDISCOVERY(5) | |
| DiffHellmanGrp | none(1), dhGroup1(2), dhGroup2(3) | |
| EncryptAlgo | none(1), des(2), des3(3) | |
| IkeAuthMethod | none(1), preSharedKey(2), rsaSig(3), rsaEncrypt(4), revPublicKey(5) | |
| IkeHashAlgo | none(1), md5(2), sha(3) | |
| IkeIdentityType | isakmpIdTypeUNKNOWN(0), isakmpIdTypeADDRESS(1), isakmpIdTypeHOSTNAME(2) | |
| IPSIpAddress | range: 4, range: 16 | |
| TrapStatus | enabled(1), disabled(2) |
Objects
  ciscoIPsecMIB  | .1.3.6.1.4.1.9.10.62 | |
| ciscoIPsecMIBObjects | .1.3.6.1.4.1.9.10.62.1 | |
| cipsIsakmpGroup | .1.3.6.1.4.1.9.10.62.1.1 | |
 cipsIsakmpEnabled | .1.3.6.1.4.1.9.10.62.1.1.1 | |
| cipsIsakmpIdentity | .1.3.6.1.4.1.9.10.62.1.1.2 | |
| cipsIsakmpKeepaliveInterval | .1.3.6.1.4.1.9.10.62.1.1.3 | |
| cipsNumIsakmpPolicies | .1.3.6.1.4.1.9.10.62.1.1.4 | |
 cipsIsakmpPolicyTable | .1.3.6.1.4.1.9.10.62.1.1.5 | |
 cipsIsakmpPolicyEntry | .1.3.6.1.4.1.9.10.62.1.1.5.1 | |
 cipsIsakmpPolPriority | .1.3.6.1.4.1.9.10.62.1.1.5.1.1 | |
| cipsIsakmpPolEncr | .1.3.6.1.4.1.9.10.62.1.1.5.1.2 | |
| cipsIsakmpPolHash | .1.3.6.1.4.1.9.10.62.1.1.5.1.3 | |
| cipsIsakmpPolAuth | .1.3.6.1.4.1.9.10.62.1.1.5.1.4 | |
| cipsIsakmpPolGroup | .1.3.6.1.4.1.9.10.62.1.1.5.1.5 | |
| cipsIsakmpPolLifetime | .1.3.6.1.4.1.9.10.62.1.1.5.1.6 | |
| cipsIPsecGroup | .1.3.6.1.4.1.9.10.62.1.2 | |
| cipsIPsecGlobals | .1.3.6.1.4.1.9.10.62.1.2.1 | |
| cipsSALifetime | .1.3.6.1.4.1.9.10.62.1.2.1.1 | |
| cipsSALifesize | .1.3.6.1.4.1.9.10.62.1.2.1.2 | |
| cipsNumStaticCryptomapSets | .1.3.6.1.4.1.9.10.62.1.2.1.3 | |
| cipsNumCETCryptomapSets | .1.3.6.1.4.1.9.10.62.1.2.1.4 | |
| cipsNumDynamicCryptomapSets | .1.3.6.1.4.1.9.10.62.1.2.1.5 | |
| cipsNumTEDCryptomapSets | .1.3.6.1.4.1.9.10.62.1.2.1.6 | |
| cipsIPsecStatistics | .1.3.6.1.4.1.9.10.62.1.2.2 | |
| cipsNumTEDProbesReceived | .1.3.6.1.4.1.9.10.62.1.2.2.1 | |
| cipsNumTEDProbesSent | .1.3.6.1.4.1.9.10.62.1.2.2.2 | |
| cipsNumTEDFailures | .1.3.6.1.4.1.9.10.62.1.2.2.3 | |
| cipsCryptomapGroup | .1.3.6.1.4.1.9.10.62.1.2.3 | |
| cipsStaticCryptomapSetTable | .1.3.6.1.4.1.9.10.62.1.2.3.1 | |
| cipsStaticCryptomapSetEntry | .1.3.6.1.4.1.9.10.62.1.2.3.1.1 | |
| cipsStaticCryptomapSetName | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.1 | |
| cipsStaticCryptomapSetSize | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.2 | |
| cipsStaticCryptomapSetNumIsakmp | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.3 | |
| cipsStaticCryptomapSetNumManual | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.4 | |
| cipsStaticCryptomapSetNumCET | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.5 | |
| cipsStaticCryptomapSetNumDynamic | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.6 | |
| cipsStaticCryptomapSetNumDisc | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.7 | |
| cipsStaticCryptomapSetNumSAs | .1.3.6.1.4.1.9.10.62.1.2.3.1.1.8 | |
| cipsDynamicCryptomapSetTable | .1.3.6.1.4.1.9.10.62.1.2.3.2 | |
| cipsDynamicCryptomapSetEntry | .1.3.6.1.4.1.9.10.62.1.2.3.2.1 | |
| cipsDynamicCryptomapSetName | .1.3.6.1.4.1.9.10.62.1.2.3.2.1.1 | |
| cipsDynamicCryptomapSetSize | .1.3.6.1.4.1.9.10.62.1.2.3.2.1.2 | |
| cipsDynamicCryptomapSetNumAssoc | .1.3.6.1.4.1.9.10.62.1.2.3.2.1.3 | |
| cipsStaticCryptomapTable | .1.3.6.1.4.1.9.10.62.1.2.3.3 | |
| cipsStaticCryptomapEntry | .1.3.6.1.4.1.9.10.62.1.2.3.3.1 | |
| cipsStaticCryptomapPriority | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.1 | |
| cipsStaticCryptomapType | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.2 | |
| cipsStaticCryptomapDescr | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.3 | |
| cipsStaticCryptomapPeer | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.4 | |
| cipsStaticCryptomapNumPeers | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.5 | |
| cipsStaticCryptomapPfs | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.6 | |
| cipsStaticCryptomapLifetime | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.7 | |
| cipsStaticCryptomapLifesize | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.8 | |
| cipsStaticCryptomapLevelHost | .1.3.6.1.4.1.9.10.62.1.2.3.3.1.9 | |
| cipsCryptomapSetIfTable | .1.3.6.1.4.1.9.10.62.1.2.3.4 | |
| cipsCryptomapSetIfEntry | .1.3.6.1.4.1.9.10.62.1.2.3.4.1 | |
| cipsCryptomapSetIfVirtual | .1.3.6.1.4.1.9.10.62.1.2.3.4.1.1 | |
| cipsCryptomapSetIfStatus | .1.3.6.1.4.1.9.10.62.1.2.3.4.1.2 | |
| cipsSysCapacityGroup | .1.3.6.1.4.1.9.10.62.1.3 | |
| cipsMaxSAs | .1.3.6.1.4.1.9.10.62.1.3.1 | |
| cips3DesCapable | .1.3.6.1.4.1.9.10.62.1.3.2 | |
| cipsTrapCntlGroup | .1.3.6.1.4.1.9.10.62.1.4 | |
| cipsCntlIsakmpPolicyAdded | .1.3.6.1.4.1.9.10.62.1.4.1 | |
| cipsCntlIsakmpPolicyDeleted | .1.3.6.1.4.1.9.10.62.1.4.2 | |
| cipsCntlCryptomapAdded | .1.3.6.1.4.1.9.10.62.1.4.3 | |
| cipsCntlCryptomapDeleted | .1.3.6.1.4.1.9.10.62.1.4.4 | |
| cipsCntlCryptomapSetAttached | .1.3.6.1.4.1.9.10.62.1.4.5 | |
| cipsCntlCryptomapSetDetached | .1.3.6.1.4.1.9.10.62.1.4.6 | |
| cipsCntlTooManySAs | .1.3.6.1.4.1.9.10.62.1.4.7 | |
| ciscoIPsecMIBNotificationPrefix | .1.3.6.1.4.1.9.10.62.2 | |
| cipsMIBNotifications | .1.3.6.1.4.1.9.10.62.2.0 | |
| ciscoIPsecMIBConformance | .1.3.6.1.4.1.9.10.62.3 | |
| cipsMIBConformances | .1.3.6.1.4.1.9.10.62.3.1 | |
| cipsMIBGroups | .1.3.6.1.4.1.9.10.62.3.2 |
Notifications/Traps
| Name | OID | Description |
|---|---|---|
 cipsIsakmpPolicyAdded | .1.3.6.1.4.1.9.10.62.2.0.1 | This trap is generated when a new ISAKMP policy element is defined on the managed entity. The context of the event includes the updated number of ISAKMP policy elements currently available. |
| cipsIsakmpPolicyDeleted | .1.3.6.1.4.1.9.10.62.2.0.2 | This trap is generated when an existing ISAKMP policy element is deleted on the managed entity. The context of the event includes the updated number of ISAKMP policy elements currently available. |
| cipsCryptomapAdded | .1.3.6.1.4.1.9.10.62.2.0.3 | This trap is generated when a new cryptomap is added to the specified cryptomap set. |
| cipsCryptomapDeleted | .1.3.6.1.4.1.9.10.62.2.0.4 | This trap is generated when a cryptomap is removed from the specified cryptomap set. |
| cipsCryptomapSetAttached | .1.3.6.1.4.1.9.10.62.2.0.5 | A cryptomap set must be attached to an interface
of the device in order for it to be operational.
This trap is generated when the cryptomap set
attached to an active interface of the managed entity.
The context of the notification includes:
Size of the attached cryptomap set,
Number of ISAKMP cryptomaps in the set and
Number of Dynamic cryptomaps in the set. |
| cipsCryptomapSetDetached | .1.3.6.1.4.1.9.10.62.2.0.6 | This trap is generated when a cryptomap set is detached from an interafce to which it was bound earlier. The context of the event identifies the size of the cryptomap set. |
| cipsTooManySAs | .1.3.6.1.4.1.9.10.62.2.0.7 | This trap is generated when a new SA is attempted to be setup while the number of currently active SAs equals the maximum configurable. The variables are: cipsMaxSAs |