CISCO-REMOTE-ACCESS-MONITOR-MIB

Acronyms and        Definitions
The        following acronyms and terms are used in this
document:
        
  IPSec: Secure IP Protocol
        
  VPN:   Virtual Private Network
        
  RAS:   Remote Access Service
        
  ISP:   Internet Service Provider.
        
  LAN:   Local Area        Network
        
  Group: A collection of remote access users grouped
         and managed together as a single entity for
         administrative convenience.
        
  Session: A Remote        Access Session.
        
  SVC:    SSL VPN Client
  Webvpn: VPN connection established using web browser.
        
Overview of the MIB
        
This is a MIB Module for monitoring        the structures in Virtual
Private Networks based remote access networks. The MIB seeks
to create a        common model of        Remote Access across implementations
of the service on layer 2 (PPTP, L2TP, L2F), layer 3 (IPsec) and
layer 4 (SSL) virtual private networks. The        MIB defines counters
and        objects        of interest to performance/fault monitoring in a
way        which is independent of        the technology of the remote access
implementation.
        
MIB        contains eight major groups of objects which are used
to manage Remote Access connections:
 a)        Remote Access capacity group
      This section defines metrics to gauge        the limits of
      resources on this device which are critical to RAS
      service.
        
 b)        Remote Access resource usage group
      This section defines metrics to gauge        the usage of
      resources on this device which are critical to RAS
      service service.
        
 c)        Current        activity and performance of RAS        service
      This section defines metrics to gauge        the current
      remote access        activity.
        
 d)        Remote Access Service failures
      This section defines metrics to monitor session
      failures and failures        of the service itself, measured
      at aggregate level, session level and        group level.
        
 e)        Security violations in the Remote Access service
      This section defines metrics which reflect the state
      of remote access service of interest to Security
      Operations staff in an enterprise.
        
 f)        Threshold group        (allows        definition of high water marks)
      This section allows the management entity to define
      thresholds to        set high water marks on        critical metrics.
        
 g)        Notifications
      This section defines notifications to        signal
      significant events pertaining        to the Remote Access
      Service.
    

Imported Objects

ciscoMgmtCISCO-SMI
InetAddress, InetAddressTypeINET-ADDRESS-MIB
SnmpAdminStringSNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUPSNMPv2-CONF
Unsigned32, zeroDotZero, MODULE-IDENTITY, Integer32, Gauge32, Counter64, Counter32, NOTIFICATION-TYPE, OBJECT-TYPESNMPv2-SMI
TEXTUAL-CONVENTION, TimeStamp, TruthValueSNMPv2-TC

Type Definitions (9)

Name Base Type Values/Constraints
FailureRecordIndexUnsigned32range: 1..4294967295
RasProtocolEnumerationother(1), ipsec(2), l2tp(3), l2tpoveripsec(4), pptp(5), l2f(6), ssl(7)
SessionAuthAlgoEnumerationnone(1), other(2), hmacMd5(3), hmacSha(4)
SessionCompressionAlgoEnumerationnone(1), other(2), lzs(3)
SessionEncrAlgoEnumerationnone(1), des(2), des3(3), rc4(4), rc5(5), idea(6), cast(7), blowfish(8), aes(9)
SessionIndexInteger32range: 1..2147483647
SessionStatusEnumerationinitializing(1), established(2), terminating(3)
UserAuthenMethodEnumerationnone(1), other(2), radius(3), tacacsplus(4), kerberos(5), local(6), ldap(7), ntlm(8), sdi(9)
UserAuthorMethodEnumerationnone(1), other(2), radius(3), tacacsplus(4), kerberos(5), local(6), ldap(7)

Objects

ciscoRemoteAccessMonitorMIB .1.3.6.1.4.1.9.9.392
ciscoRasMonitorMIBNotifs .1.3.6.1.4.1.9.9.392.0
ciscoRasMonitorMIBObjects .1.3.6.1.4.1.9.9.392.1
crasCapacity .1.3.6.1.4.1.9.9.392.1.1
crasMaxSessionsSupportable .1.3.6.1.4.1.9.9.392.1.1.1
crasMaxUsersSupportable .1.3.6.1.4.1.9.9.392.1.1.2
crasMaxGroupsSupportable .1.3.6.1.4.1.9.9.392.1.1.3
crasNumCryptoAccelerators .1.3.6.1.4.1.9.9.392.1.1.4
crasResourceUsage .1.3.6.1.4.1.9.9.392.1.2
crasGlobalBwUsage
.1.3.6.1.4.1.9.9.392.1.2.1
crasActivity .1.3.6.1.4.1.9.9.392.1.3
crasNumSessions
.1.3.6.1.4.1.9.9.392.1.3.1
crasGlobalOutUncompOctets
.1.3.6.1.4.1.9.9.392.1.3.10
crasGlobalInDropPkts
.1.3.6.1.4.1.9.9.392.1.3.11
crasGlobalOutDropPkts
.1.3.6.1.4.1.9.9.392.1.3.12
crasNumPrevSessions
.1.3.6.1.4.1.9.9.392.1.3.2
crasSessionTable .1.3.6.1.4.1.9.9.392.1.3.21
crasSessionEntry .1.3.6.1.4.1.9.9.392.1.3.21.1
crasUsername .1.3.6.1.4.1.9.9.392.1.3.21.1.1
crasISPAddress
.1.3.6.1.4.1.9.9.392.1.3.21.1.10
crasSessionProtocol .1.3.6.1.4.1.9.9.392.1.3.21.1.11
crasProtocolElement .1.3.6.1.4.1.9.9.392.1.3.21.1.12
crasSessionEncryptionAlgo .1.3.6.1.4.1.9.9.392.1.3.21.1.13
crasSessionPktAuthenAlgo .1.3.6.1.4.1.9.9.392.1.3.21.1.14
crasSessionCompressionAlgo .1.3.6.1.4.1.9.9.392.1.3.21.1.15
crasHeartbeatInterval .1.3.6.1.4.1.9.9.392.1.3.21.1.16
crasClientVendorString
.1.3.6.1.4.1.9.9.392.1.3.21.1.17
crasClientVersionString
.1.3.6.1.4.1.9.9.392.1.3.21.1.18
crasClientOSVendorString
.1.3.6.1.4.1.9.9.392.1.3.21.1.19
crasGroup
.1.3.6.1.4.1.9.9.392.1.3.21.1.2
crasClientOSVersionString
.1.3.6.1.4.1.9.9.392.1.3.21.1.20
crasPrimWINSServerAddrType
.1.3.6.1.4.1.9.9.392.1.3.21.1.21
crasPrimWINSServer
.1.3.6.1.4.1.9.9.392.1.3.21.1.22
crasSecWINSServerAddrType
.1.3.6.1.4.1.9.9.392.1.3.21.1.23
crasSecWINSServer
.1.3.6.1.4.1.9.9.392.1.3.21.1.24
crasPrimDNSServerAddrType
.1.3.6.1.4.1.9.9.392.1.3.21.1.25
crasPrimDNSServer
.1.3.6.1.4.1.9.9.392.1.3.21.1.26
crasSecDNSServerAddrType
.1.3.6.1.4.1.9.9.392.1.3.21.1.27
crasSecDNSServer
.1.3.6.1.4.1.9.9.392.1.3.21.1.28
crasDHCPServerAddrType
.1.3.6.1.4.1.9.9.392.1.3.21.1.29
crasSessionIndex .1.3.6.1.4.1.9.9.392.1.3.21.1.3
crasDHCPServer
.1.3.6.1.4.1.9.9.392.1.3.21.1.30
crasSessionInPkts
.1.3.6.1.4.1.9.9.392.1.3.21.1.31
crasSessionOutPkts
.1.3.6.1.4.1.9.9.392.1.3.21.1.32
crasSessionInDropPkts
.1.3.6.1.4.1.9.9.392.1.3.21.1.33
crasSessionOutDropPkts
.1.3.6.1.4.1.9.9.392.1.3.21.1.34
crasSessionInOctets
.1.3.6.1.4.1.9.9.392.1.3.21.1.35
crasSessionOutOctets
.1.3.6.1.4.1.9.9.392.1.3.21.1.36
crasSessionState .1.3.6.1.4.1.9.9.392.1.3.21.1.37
crasAuthenMethod .1.3.6.1.4.1.9.9.392.1.3.21.1.4
crasAuthorMethod .1.3.6.1.4.1.9.9.392.1.3.21.1.5
crasSessionDuration
.1.3.6.1.4.1.9.9.392.1.3.21.1.6
crasLocalAddressType
.1.3.6.1.4.1.9.9.392.1.3.21.1.7
crasLocalAddress
.1.3.6.1.4.1.9.9.392.1.3.21.1.8
crasISPAddressType
.1.3.6.1.4.1.9.9.392.1.3.21.1.9
crasActGroupTable .1.3.6.1.4.1.9.9.392.1.3.22
crasActGroupEntry .1.3.6.1.4.1.9.9.392.1.3.22.1
crasActGrpName .1.3.6.1.4.1.9.9.392.1.3.22.1.1
crasActGrNumUsers .1.3.6.1.4.1.9.9.392.1.3.22.1.2
crasActGrpInPkts
.1.3.6.1.4.1.9.9.392.1.3.22.1.3
crasActGrpOutPkts
.1.3.6.1.4.1.9.9.392.1.3.22.1.4
crasActGrpInDropPkts
.1.3.6.1.4.1.9.9.392.1.3.22.1.5
crasActGrpOutDropPkts
.1.3.6.1.4.1.9.9.392.1.3.22.1.6
crasActGrpInOctets
.1.3.6.1.4.1.9.9.392.1.3.22.1.7
crasActGrpOutOctets
.1.3.6.1.4.1.9.9.392.1.3.22.1.8
crasEmailNumSessions
.1.3.6.1.4.1.9.9.392.1.3.23
crasEmailCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.24
crasEmailPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.25
crasIPSecNumSessions
.1.3.6.1.4.1.9.9.392.1.3.26
crasIPSecCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.27
crasIPSecPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.28
crasL2LNumSessions
.1.3.6.1.4.1.9.9.392.1.3.29
crasNumUsers
.1.3.6.1.4.1.9.9.392.1.3.3
crasL2LCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.30
crasL2LPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.31
crasLBNumSessions
.1.3.6.1.4.1.9.9.392.1.3.32
crasLBCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.33
crasLBPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.34
crasSVCNumSessions
.1.3.6.1.4.1.9.9.392.1.3.35
crasSVCCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.36
crasSVCPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.37
crasWebvpnNumSessions
.1.3.6.1.4.1.9.9.392.1.3.38
crasWebvpnCumulateSessions
.1.3.6.1.4.1.9.9.392.1.3.39
crasNumGroups
.1.3.6.1.4.1.9.9.392.1.3.4
crasWebvpnPeakConcurrentSessions .1.3.6.1.4.1.9.9.392.1.3.40
crasNumPeakSessions .1.3.6.1.4.1.9.9.392.1.3.41
crasGlobalInPkts
.1.3.6.1.4.1.9.9.392.1.3.5
crasGlobalOutPkts
.1.3.6.1.4.1.9.9.392.1.3.6
crasGlobalInOctets
.1.3.6.1.4.1.9.9.392.1.3.7
crasGlobalInDecompOctets
.1.3.6.1.4.1.9.9.392.1.3.8
crasGlobalOutOctets
.1.3.6.1.4.1.9.9.392.1.3.9
crasFailures .1.3.6.1.4.1.9.9.392.1.4
crasFailuresGlobals .1.3.6.1.4.1.9.9.392.1.4.1
crasNumTotalFailures
.1.3.6.1.4.1.9.9.392.1.4.1.1
crasNumDeclinedSessions .1.3.6.1.4.1.9.9.392.1.4.1.2
crasNumSetupFailInsufResources
.1.3.6.1.4.1.9.9.392.1.4.1.3
crasNumAbortedSessions
.1.3.6.1.4.1.9.9.392.1.4.1.4
crasFailGlobalCntl .1.3.6.1.4.1.9.9.392.1.4.2
crasFailTableSize .1.3.6.1.4.1.9.9.392.1.4.2.1
crasSessFailures .1.3.6.1.4.1.9.9.392.1.4.3
crasSessFailTable .1.3.6.1.4.1.9.9.392.1.4.3.1
crasSessFailEntry .1.3.6.1.4.1.9.9.392.1.4.3.1.1
crasSessFailIndex .1.3.6.1.4.1.9.9.392.1.4.3.1.1.1
crasSessFailLocalAddrType
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.10
crasSessFailLocalAddr
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.11
crasSessFailUsername
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.2
crasSessFailGroupname
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.3
crasSessFailType .1.3.6.1.4.1.9.9.392.1.4.3.1.1.4
crasSessFailReason .1.3.6.1.4.1.9.9.392.1.4.3.1.1.5
crasSessFailTime
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.6
crasSessFailSessionIndex .1.3.6.1.4.1.9.9.392.1.4.3.1.1.7
crasSessFailISPAddrType
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.8
crasSessFailISPAddr
.1.3.6.1.4.1.9.9.392.1.4.3.1.1.9
crasFailLastFailIndex .1.3.6.1.4.1.9.9.392.1.4.3.2
crasGroupFailures .1.3.6.1.4.1.9.9.392.1.4.4
crasGrpFailTable .1.3.6.1.4.1.9.9.392.1.4.4.1
crasGrpFailEntry .1.3.6.1.4.1.9.9.392.1.4.4.1.1
crasGrpFailGroupname .1.3.6.1.4.1.9.9.392.1.4.4.1.1.1
crasGrpFailNumFailAuths
.1.3.6.1.4.1.9.9.392.1.4.4.1.1.2
crasGrpFailNumResourceFailures
.1.3.6.1.4.1.9.9.392.1.4.4.1.1.3
crasGrpFailNumDeclined
.1.3.6.1.4.1.9.9.392.1.4.4.1.1.4
crasGrpFailNumTerminatedMgmt
.1.3.6.1.4.1.9.9.392.1.4.4.1.1.5
crasGrpFailNumTerminatedOther
.1.3.6.1.4.1.9.9.392.1.4.4.1.1.6
crasSecurity .1.3.6.1.4.1.9.9.392.1.5
crasSecurityGlobals .1.3.6.1.4.1.9.9.392.1.5.1
crasNumDisabledAccounts
.1.3.6.1.4.1.9.9.392.1.5.1.1
crasThresholds .1.3.6.1.4.1.9.9.392.1.6
crasThrMaxSessions .1.3.6.1.4.1.9.9.392.1.6.1
crasThrMaxFailedAuths .1.3.6.1.4.1.9.9.392.1.6.2
crasThrMaxThroughput .1.3.6.1.4.1.9.9.392.1.6.3
crasNotifCntl .1.3.6.1.4.1.9.9.392.1.7
crasCntlTooManySessions
.1.3.6.1.4.1.9.9.392.1.7.1
crasCntlTooManyFailedAuths
.1.3.6.1.4.1.9.9.392.1.7.2
crasCntlTooHighThroughput
.1.3.6.1.4.1.9.9.392.1.7.3
ciscoRasMonitorMIBConform .1.3.6.1.4.1.9.9.392.2
ciscoRasMonitorMIBCompliances .1.3.6.1.4.1.9.9.392.2.1
ciscoRasMonitorMIBGroups .1.3.6.1.4.1.9.9.392.2.2

Notifications/Traps

NameOIDDescription
ciscoRasTooManySessions





.1.3.6.1.4.1.9.9.392.0.1
ication is generated when the managed entity
detects that the number of sessions established exceeds
the set threshold crasThrMaxSessions.
          
Once the notification        has been issued, further
notifications        are suppressed till the        value returns
below        the specified threshold.
ciscoRasTooManyFailedAuths


.1.3.6.1.4.1.9.9.392.0.2
ication is generated when the managed entity
detects that the number of login attempts (over all
users) exceeds the set threshold for throughput
(crasThrMaxFailedAuths).
          
Once the notification        has been issued, further
notifications        are suppressed till the        value returns
below        the specified threshold.
ciscoRasTooHighThroughput



.1.3.6.1.4.1.9.9.392.0.3
ication is generated when the        managed        entity
detects that the        current        throughput of the device exceeds
the set threshold for throughput        (crasThrMaxThroughput).
          
Once the        notification has been issued, further
notiifcations are suppressed till the value returns
below the specified threshold.