CISCO-IPSEC-PROVISIONING-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
6
Rows
6
Columns
39
cipsIPsecXformSetTable
table.1.3.6.1.4.1.9.9.431.1.2.1
·
1 row entry
·
9 columns
This table contains the list of all the transform sets configured on the managed entity. A transform set is usually configured by a management console before a cryptomap is created. Multiple transform sets could be assigned to a cryptomap configuration.
Each entry represents a single configured
IPsec transform set.
IPsec transform set.
Indexes
cipsXformSetName
| Column | Syntax | OID | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cipsXformSetName
This object contains the name of the transform set
corresponding to this conceptual row. |
OctetString Constraints: range: 1-80 |
.1.3.6.1.4.1.9.9.431.1.2.1.1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetId
This is the sequence number of the transform set that
uniquely identifies the transform set. Distinct transform sets must have distinct sequence numbers. |
Unsigned32 Constraints: range: 1-2147483647 |
.1.3.6.1.4.1.9.9.431.1.2.1.1.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetSuite
This object represents the suite of Phase-2 security
protocols of this transform set. |
CISCO-IPSEC-TCCIPsecSecuritySuiter/w Textual Convention: CISCO-IPSEC-TCCIPsecSecuritySuite EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetEncryptionXform
This object represents the transform used for
ESP encryption. The only values this object may assume are 'xformNONE', 'xformEspNULL', 'xformEspDES', 'xformEsp3DES', 'xformEspAES128', 'xformEspAES192', '… |
CISCO-IPSEC-TCCIPsecTransformr/w Textual Convention: CISCO-IPSEC-TCCIPsecTransform EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetIntegrityXformEsp
This object represents the transform used to
implement integrity check with ESP protocol. If the value of the corresponding instance of cipsXformSetSuite is 'suiteIntegAh', 'suiteIntegAhComp' or 'suiteOt… |
CISCO-IPSEC-TCCIPsecTransformr/w Textual Convention: CISCO-IPSEC-TCCIPsecTransform EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.5 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetIntegrityXformAh
This object represents the transform used to
implement integrity check with AH protocol. If the value of the corresponding instance of cipsXformSetSuite is neither 'suiteIntegAh' nor 'suiteIntegAhComp', … |
CISCO-IPSEC-TCCIPsecTransformr/w Textual Convention: CISCO-IPSEC-TCCIPsecTransform EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetCompressionXform
This object represents the transform used to
implement packet compression. If the value of the corresponding instance of cipsXformSetSuite is 'suiteConf', 'suiteIntegEsp', 'suiteIntegAh', 'suiteConfAh', '… |
CISCO-IPSEC-TCCIPsecTransformr/w Textual Convention: CISCO-IPSEC-TCCIPsecTransform EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.7 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetMode
This object represents the encapsulation mode of the
transform set. |
CISCO-IPSEC-TCCIPsecEncapModer/w Textual Convention: CISCO-IPSEC-TCCIPsecEncapMode EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.8 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
cipsXformSetStatus
This object represents the status of the
transform set entry. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.2.1.1.9 |
.1.3.6.1.4.1.9.9.431.1.4.1
·
1 row entry
·
6 columns
This read-only table contains the list of all
cryptomap sets that are fully configured.
The operator may include different types of
cryptomaps in such a set - manual, ISAKMP or
dynamic.
An entry is added to (removed from) this table
automatically by the agent when the first (last)
'active' entry with the corresponding
cipsStaticCryptomapSetName is added to
(removed from) cipsStaticCryptomapTable.
Each entry contains the attributes
associated with a single static cryptomap set.
associated with a single static cryptomap set.
Indexes
cipsStaticCryptomapSetName
| Column | Syntax | OID |
|---|---|---|
|
cipsStaticCryptomapSetSize
This object reflects the total number of cryptomap
templates contained in this cryptomap set. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.1 |
|
cipsStaticCryptomapSetNumIsakmp
This object reflects the number of cryptomaps
associated with this cryptomap set that use ISAKMP protocol to do key exchange. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.2 |
|
cipsStaticCryptomapSetNumManual
This object reflects the number of cryptomaps
associated with this cryptomap set that require the operator to manually setup the keys and SPIs. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.3 |
|
cipsStaticCryptomapSetNumDynamic
This object reflects the number of dynamic
cryptomap templates linked to this cryptomap set. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.4 |
|
cipsStaticCryptomapSetNumTED
This object reflects the number of dynamic
cryptomap templates linked to this cryptomap set that have Tunnel Endpoint Discovery (TED) enabled. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.5 |
|
cipsStaticCryptomapSetNumSAs
This object reflects the number of IPsec Security
Associations that are active and were setup using this cryptomap set. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.1.1.6 |
cipsStaticCryptomapTable
table.1.3.6.1.4.1.9.9.431.1.4.3
·
1 row entry
·
17 columns
The table listing the member cryptomaps
of the cryptomap sets that are configured
on the managed entity.
This table does not include the members
of dynamic cryptomap sets that may be
linked with the parent static cryptomap set.
Deletion of a cipsStaticCryptomapEntry will
fail if the cipsStaticCryptomapSetName this
cipsStaticCryptomapEntry belongs to is referred
by a cipsCryptomapSetIfEntry.
Each entry contains the attributes associated with a
single static (fully specified) cryptomap entry,
identified by its priority.
single static (fully specified) cryptomap entry,
identified by its priority.
Indexes
cipsStaticCryptomapSetName cipsStaticCryptomapPriority
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cipsStaticCryptomapSetName
The index of the static cryptomap table. The value
of the string is the name string assigned by the NMS when defining a cryptomap set. |
OctetString Constraints: range: 1-80 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.1 |
||||||||||||||||||||||||
|
cipsStaticCryptomapPriority
The priority of the cryptomap entry in the
cryptomap set. A cryptomap entry with smaller cipsStaticCryptomapPriority value takes precedence over the ones with larger values. |
Unsigned32 Constraints: range: 1-65535 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.2 |
||||||||||||||||||||||||
|
cipsStaticCryptomapType
The type of the cryptomap entry. This can be an ISAKMP
cryptomap or manual. Dynamic cryptomaps are not counted in this table. |
CISCO-IPSEC-TCCIPsecCryptomapTyper/w Textual Convention: CISCO-IPSEC-TCCIPsecCryptomapType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.3 |
||||||||||||||||||||||||
|
cipsStaticCryptomapDescr
The description string created by the SNMP agent
while creating this cryptomap. The string generally identifies a description and the purpose of this policy. |
OctetString Constraints: range: 1-127 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.4 |
||||||||||||||||||||||||
|
cipsStaticCryptomapIpFilter
This object specifies an IP protocol filter,
cippfIpProfileName (defined in CISCO-IP-PROTOCOL-FILTER-MIB), to be secured using this cryptomap entry. When this object has a value of zero-length string, thi… |
OctetStringr/w Constraints: range: 0-64 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.5 |
||||||||||||||||||||||||
|
cipsStaticCryptomapXformSetList
The list of cipsXformSetId that are members
of this CipsStaticCryptomapEntry. The value of this object is a concatenation of zero or more 4-octet strings, where each 4-octet string contains a 32-bit cipsX… |
OctetStringr/w Constraints: range: 0-255 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.6 |
||||||||||||||||||||||||
|
cipsStaticCryptomapNumPeers
This object reflects the number of peers associated
with this cryptomap entry. The other peers listed in table cipsIPsecCryMapPeerTable are backup peers. |
Unsigned32 Constraints: range: 0-50 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.7 |
||||||||||||||||||||||||
|
cipsStaticCryotomapNextPIndex
This object specifies the next available index for object
cipsCryMapPeerIndex which can be used for creating an entry in cipsIPsecCryMapPeerTable. |
Unsigned32 Constraints: range: 1-50 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.8 |
||||||||||||||||||||||||
|
cipsStaticCryptomapCurPAddrType
This object represents the address type of
cipsStaticCryptomapCurPAddr to which this cryptomap entry is currently connected. |
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.9 |
||||||||||||||||||||||||
|
cipsStaticCryptomapCurPAddr
The IP address of the peer to which this cryptomap
entry is currently connected. The value of cipsStaticCryptomapCurPAddrType is 'unknown' and this MIB object is a zero-length string when no tunnels are … |
INET-ADDRESS-MIBInetAddress Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.10 |
||||||||||||||||||||||||
|
cipsStaticCryptomapPfs
This object identifies if the tunnels instantiated
due to this policy item should use Perfect Forward Secrecy (PFS) and if so, what group of Oakley they should use. |
CISCO-IPSEC-TCCIPsecDiffHellmanGrpr/w Textual Convention: CISCO-IPSEC-TCCIPsecDiffHellmanGrp EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.11 |
||||||||||||||||||||||||
|
cipsStaticCryptomapLifetime
This object specifies the lifetime of the IPsec
Security Associations (SA) created using this IPsec policy entry. The default value of this object is the current value of the object cipsTunnelLifetime. … |
secondsCISCO-IPSEC-TCCIPsecLifetimer/w Textual Convention: CISCO-IPSEC-TCCIPsecLifetime Unsigned32Type Constraints: range: 0range: 120..86400 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.12 |
||||||||||||||||||||||||
|
cipsStaticCryptomapLifesize
This object identifies the lifesize (maximum traffic
in bytes that may be carried) of the IPSec SAs created using this IPSec policy entry. When a Security Association (SA) is created using this IPsec policy entry, its l… |
KBytesCISCO-IPSEC-TCCIPsecLifesizer/w Textual Convention: CISCO-IPSEC-TCCIPsecLifesize Unsigned32Type Constraints: range: 0range: 2560..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.13 |
||||||||||||||||||||||||
|
cipsStaticCryptomapLevelHost
This object specifies the granularity of the
IPSec SAs created using this IPSec policy entry. If this value is 'true', distinct SA bundles are created for distinct hosts at the end of the application traffic. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.14 |
||||||||||||||||||||||||
|
cipsStaticCryptomapIdleTimeout
This object specifies the idle time (lack of traffic)
in seconds of a tunnel spawned by this cryptomap after which the tunnel will be torn down. The default value of this object is the current value of c… |
CISCO-IPSEC-TCCIPsecTunnelIdleTimer/w Textual Convention: CISCO-IPSEC-TCCIPsecTunnelIdleTime Unsigned32Type Constraints: range: 0range: 60..86400 |
.1.3.6.1.4.1.9.9.431.1.4.3.1.15 |
||||||||||||||||||||||||
|
cipsStaticCryptomapAutoPeer
If 'true' the destination address is taken as the
peer address, while creating the tunnel. If 'false' the value shown by the object cipsStaticCryptomapCurPAddr is being used as the peer address. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.16 |
||||||||||||||||||||||||
|
cipsStaticCryptomapStatus
This object identifies the status of the cryptomap
entry represented by this conceptual row. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.3.1.17 |
cipsIPsecCryMapPeerTable
table.1.3.6.1.4.1.9.9.431.1.4.4
·
1 row entry
·
5 columns
The table containing the binding of peers to
cryptomap entries.
An entry is removed from this table
automatically by the agent when the last
'active' entry with the corresponding
cipsStaticCryptomapSetName is removed from
cipsStaticCryptomapTable.
Each entry represents the binding of
an IPsec peer address to the specified
cryptomap.
an IPsec peer address to the specified
cryptomap.
Indexes
cipsStaticCryptomapSetName cipsStaticCryptomapPriority cipsCryMapPeerIndex
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cipsCryMapPeerIndex
This arbitrary number represents the index number
in the cryptomap entry of the peer corresponding to this conceptual row. This object could have the same value as cipsStaticCryotomapNextPIndex. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.9.9.431.1.4.4.1.1 |
||||||||||||||
|
cipsCryMapPeerAddrType
This object represents the address type of
cipsCryMapPeerAddr. This object cannot be modified while the corresponding value of cipsCryMapPeerStatus is equal to 'active'. |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.4.1.2 |
||||||||||||||
|
cipsCryMapPeerAddr
This object represents the address of the peer
corresponding to this conceptual row. This object cannot be modified while the corresponding value of cipsCryMapPeerStatus is equal to 'active'. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.9.9.431.1.4.4.1.3 |
||||||||||||||
|
cipsCryMapPeerOrder
This object represents the order in the cryptomap
entry of the peer corresponding to this conceptual row. The peer with the lowest order number is applied first, that is cipsCryMapPeerOrder '1'. |
Unsigned32 Constraints: range: 1-50 |
.1.3.6.1.4.1.9.9.431.1.4.4.1.4 |
||||||||||||||
|
cipsCryMapPeerStatus
This object specifies the status column used for
creating and deleting instances of the columnar objects in the table. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.4.1.5 |
cipsCryptomapSetIfTable
table.1.3.6.1.4.1.9.9.431.1.4.5
·
1 row entry
·
1 columns
The table lists the binding of cryptomap sets
to the interfaces of the managed entity.
One interface can be bound to only one cryptomap set
while one cryptomap set can be bound to multiple
interfaces.
Any interface (with any ifType) which supports
IPsec can be used in this table.
Each entry lists the association between an interface
and a cryptomap set (static) that is defined
on the managed entity.
and a cryptomap set (static) that is defined
on the managed entity.
Indexes
cipsStaticCryptomapSetName IF-MIBifIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cipsCryptomapSetIfStatus
This object identifies the status of the binding
of the specified cryptomap set with the specified interface. Detaching a cryptomap from an interface: ---------------------------------------- When se… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.431.1.4.5.1.1 |
.1.3.6.1.4.1.9.9.431.1.4.6
·
1 row entry
·
1 columns
The table lists the binding information of a
interface to a cryptomap sets on the managed entity.
One interface can be bound to only one cryptomap set
while one cryptomap set can be bound to multiple
interfaces.
An entry is added to cipsIfCryptomapSetInfoTable when
a static cryptomap set is successfully assigned to an
interface (of any ifType) in cipsCryptomapSetIfTable.
An entry is deleted from cipsIfCryptomapSetInfoTable
when its assignment is removed
from cipsIfCryptomapSetInfoTable.
Each entry lists the binding between an interface
and a cryptomap set (static) that is defined
on the managed entity.
and a cryptomap set (static) that is defined
on the managed entity.
Indexes
IF-MIBifIndex
| Column | Syntax | OID |
|---|---|---|
|
cipsIfStaticCryptomapSetName
The name of a static cryptomap set which is bound
to this interface. The value of the string is one of the entries in cipsStaticCryptomapSetTable indexed by cipsStaticCryptomapSetName. |
OctetString Constraints: range: 1-80 |
.1.3.6.1.4.1.9.9.431.1.4.6.1.1 |