CISCO-IKE-CONFIGURATION-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
7
Rows
7
Columns
32
cicIkeCfgIdentityTable
table.1.3.6.1.4.1.9.9.423.1.2.1
·
1 row entry
·
2 columns
The table containing the list of Phase-1 identities used by the IKE protocol for the different Phase-2 DOIs it operates in.
Each entry represents a Phase-1 identity
used by IKE for a specific Phase-2 DOI.
used by IKE for a specific Phase-2 DOI.
Indexes
cicIkeCfgIdentityDoi
| Column | Syntax | OID | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cicIkeCfgIdentityDoi
This is the DOI type that is supported
by this IKE entity on the managed device and for which the Phase-1 identity corresponding to this conceptual row is being defined. |
CISCO-IPSEC-TCCIKEIsakmpDoi Textual Convention: CISCO-IPSEC-TCCIKEIsakmpDoi EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.2.1.1.1 |
||||||||||||||||||||||||||
|
cicIkeCfgIdentityType
The Phase I identity type used by the Phase-2 DOI
corresponding to this conceptual row. |
CISCO-IPSEC-TCCIPsecPhase1PeerIdentityTyper/w Textual Convention: CISCO-IPSEC-TCCIPsecPhase1PeerIdentityType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.2.1.1.2 |
.1.3.6.1.4.1.9.9.423.1.2.2
·
1 row entry
·
1 columns
The table providing the next available index for the cicIkeCfgInitiatorTable, in a domain of interpretation(DOI), identified by cicIkeCfgIdentityDoi. This value is only a recommended value, but the user can choose to use a different value to create an entry in the cicIkeCfgInitiatorTable.
Each entry represents a next available index
for the cicIkeCfgInitiatorTable.
for the cicIkeCfgInitiatorTable.
Indexes
No indexes recorded
| Column | Syntax | OID |
|---|---|---|
|
cicIkeCfgInitiatorNextAvailIndex
The object specifies the next available index for
object cicIkeCfgInitiatorIndex which can be used for creating an entry in cicIkeCfgInitiatorTable. |
CicIkeConfigInitiatorIndex Textual Convention: CicIkeConfigInitiatorIndex Unsigned32Type Constraints: range: 1..65535 |
.1.3.6.1.4.1.9.9.423.1.2.2.1.1 |
cicIkeCfgInitiatorTable
table.1.3.6.1.4.1.9.9.423.1.2.3
·
1 row entry
·
5 columns
The table containing the IKE version initiators for peers.
Each entry represents the IKE protocol version
initiated when connecting to a remote peer.
initiated when connecting to a remote peer.
Indexes
cicIkeCfgIdentityDoi cicIkeCfgInitiatorIndex
| Column | Syntax | OID | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cicIkeCfgInitiatorIndex
An arbitrary value identifying the configured
IKE version initiated for a peer in this domain of interpretation, identified by cicIkeCfgIdentityDoi, on a managed device. This object could have the same value as cicIkeCf… |
CicIkeConfigInitiatorIndex Textual Convention: CicIkeConfigInitiatorIndex Unsigned32Type Constraints: range: 1..65535 |
.1.3.6.1.4.1.9.9.423.1.2.3.1.1 |
||||||||||||||||||||||||||
|
cicIkeCfgInitiatorPAddrType
The Phase 1 ID type of the remote peer for which
this IKE protocol initiator is configured. This object cannot be modified while the corresponding value of cicIkeCfgInitiatorStatus is equal to 'active'. |
CISCO-IPSEC-TCCIPsecPhase1PeerIdentityTyper/w Textual Convention: CISCO-IPSEC-TCCIPsecPhase1PeerIdentityType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.2.3.1.2 |
||||||||||||||||||||||||||
|
cicIkeCfgInitiatorPAddr
This object represents the address of the remote
peer corresponding to this conceptual row. This object cannot be modified while the corresponding value of cicIkeCfgInitiatorStatus is equal to 'active'. |
OctetStringr/w Constraints: range: 1-255 |
.1.3.6.1.4.1.9.9.423.1.2.3.1.3 |
||||||||||||||||||||||||||
|
cicIkeCfgInitiatorVer
This object represents the IKE protocol version
used when connecting to a remote peer specified in cicIkeCfgInitiatorPAddr. This object cannot be modified while the corresponding value of cicIkeCfgInitiat… |
CISCO-IPSEC-TCCIPsecControlProtocolr/w Textual Convention: CISCO-IPSEC-TCCIPsecControlProtocol EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.2.3.1.4 |
||||||||||||||||||||||||||
|
cicIkeCfgInitiatorStatus
The status of this conceptual row. To configure an
IKE version initiator entry, the NMS must do a multivarbind set containing cicIkeCfgInitiatorPAddrType, cicIkeCfgInitiatorPAddr and cicIkeCfgInitiatorVer. Creation of r… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.2.3.1.5 |
.1.3.6.1.4.1.9.9.423.1.3.1
·
1 row entry
·
5 columns
The table containing the failure recovery configuration for IKE per supported DOI in the managed entity.
Each entry represents a Phase I failure recovery
configuration for the Phase 2 DOI corresponding
to the conceptual row.
configuration for the Phase 2 DOI corresponding
to the conceptual row.
Indexes
No indexes recorded
| Column | Syntax | OID | ||||||
|---|---|---|---|---|---|---|---|---|
|
cicIkeKeepAliveEnabled
This object reflects if the IKE entity in the
managed device performs keepalives with all the peers for the DOI corresponding to this conceptual row. 'true' - keepalives are performed. 'false' - no keepalives are perf… |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.3.1.1.1 |
||||||
|
cicIkeKeepAliveType
This object reflects the type of keepalives to be used
by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.9.9.423.1.3.1.1.2 |
||||||
|
cicIkeKeepAliveInterval
This object reflects the keepalive interval in
seconds used by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row. |
secondsUnsigned32r/w Constraints: range: 1-86400 |
.1.3.6.1.4.1.9.9.423.1.3.1.1.3 |
||||||
|
cicIkeKeepAliveRetryInterval
This object reflects the keepalive retry interval
in seconds used by the IKE entity on the managed device with all the peers for the DOI corresponding to this conceptual row. |
secondsUnsigned32r/w Constraints: range: 1-600 |
.1.3.6.1.4.1.9.9.423.1.3.1.1.4 |
||||||
|
cicIkeInvalidSpiNotify
This object reflects if the IKE entity on the managed
device notifies any peer when an IPsec Phase-1 or Phase-2 packet with an invalid SPI is received from that peer for the DOI corresponding to this conceptual row. 't… |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.3.1.1.5 |
.1.3.6.1.4.1.9.9.423.1.4.1.1
·
1 row entry
·
1 columns
The table providing the next available index for the cicIkeCfgPskTable, in a domain of interpretation(DOI), identified by cicIkeCfgIdentityDoi. This value is only a recommended value, but the user can choose to use a different value to create an entry in the cicIkeCfgPskTable.
Each entry represents a next available index for the
cicIkeCfgPskTable.
cicIkeCfgPskTable.
Indexes
No indexes recorded
| Column | Syntax | OID |
|---|---|---|
|
cicIkeCfgPskNextAvailIndex
The object specifies the next available index for
object cicIkeCfgPskIndex which can be used for creating an entry in cicIkeCfgPskTable. |
CicIkeConfigPskIndex Textual Convention: CicIkeConfigPskIndex Unsigned32Type Constraints: range: 1..65535 |
.1.3.6.1.4.1.9.9.423.1.4.1.1.1.1 |
cicIkeCfgPskTable
table.1.3.6.1.4.1.9.9.423.1.4.1.2
·
1 row entry
·
9 columns
The table containing the list of pre shared authentication keys configured to be used by IKE protocol catalogued by the DOI and the peer identity. It is possible to have multiple peers per DOI.
Each entry represents a configured pre-shared
authentication key for a specific peer.
authentication key for a specific peer.
Indexes
cicIkeCfgIdentityDoi cicIkeCfgPskIndex
| Column | Syntax | OID | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cicIkeCfgPskIndex
An arbitrary value identifying the configured
pre-shared keys for IKE entity in this domain of interpretation, identified by cicIkeCfgIdentityDoi, on a managed device. This object could have the same value as cicIkeCfgP… |
CicIkeConfigPskIndex Textual Convention: CicIkeConfigPskIndex Unsigned32Type Constraints: range: 1..65535 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.1 |
||||||||||||||||||||||||||
|
cicIkeCfgPskKey
The pre-shared authorization key used in
authenticating the peer corresponding to this conceptual row. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'activ… |
OctetStringr/w Constraints: range: 1-255 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.2 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdentType
The Phase 1 ID type of the remote peer identity for
which this preshared key is configured. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'active'. |
CISCO-IPSEC-TCCIPsecPhase1PeerIdentityTyper/w Textual Convention: CISCO-IPSEC-TCCIPsecPhase1PeerIdentityType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.3 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdentTypeStand
If the object 'cicIkeCfgPskRemIdentType' is one
of idIpv4Addr idIpv6Addr idIpv4AddrRange idIpv6AddrRange idIpv4AddrSubnet idIpv6AddrSubnet then this object contains the type of … |
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.4 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdentity
The Phase 1 ID identity of the peer for which
this preshared key is configured on the local entity. This object cannot be modified while the corresponding value of cicIkeCfgPskStatus is equal to 'active… |
OctetStringr/w Constraints: range: 1-255 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.5 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdAddrOrRg1OrSn
If the object cicIkeCfgPskRemIdentType is one
of idIpv4Addr idIpv6Addr idIpv4AddrRange idIpv6AddrRange idIpv4AddrSubnet idIpv6AddrSubnet then this object c… |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.6 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdAddrRange2
If the object cicIkeCfgPskRemIdentType is one
of idIpv4AddrRange idIpv6AddrRange then this object contains the second component of the Phase 1 identity. Otherwise, the value contained … |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.7 |
||||||||||||||||||||||||||
|
cicIkeCfgPskRemIdSubnetMask
If the object 'cicIkeCfgPskRemIdentType' is one of
idIpv4AddrSubnet idIpv6AddrSubnet then this object contains the second component of the Phase 1 identity. Otherwise, the value contain… |
INET-ADDRESS-MIBInetAddressPrefixLengthr/w Textual Convention: INET-ADDRESS-MIBInetAddressPrefixLength Unsigned32Type Constraints: range: 0..2040 |
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.8 |
||||||||||||||||||||||||||
|
cicIkeCfgPskStatus
The status of this conceptual row. To configure
an pre shared authentication key entry, the NMS must do a multivarbind set containing cicIkeCfgPskKey, cicIkeCfgPskRemIdentType,cicIkeCfgPskRemIdentity. Cre… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.4.1.2.1.9 |
cicIkeCfgPolicyTable
table.1.3.6.1.4.1.9.9.423.1.5.1
·
1 row entry
·
9 columns
The table containing the list of all ISAKMP policy entries configured by the operator.
Each entry contains the attributes associated with
a single ISAKMP Policy entry.
a single ISAKMP Policy entry.
Indexes
cicIkeCfgIdentityDoi cicIkeCfgPolicyPriority
| Column | Syntax | OID | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
cicIkeCfgPolicyPriority
The priority of this ISAKMP Policy entry. The policy
with lower value would take precedence over the policy with higher value in the same DOI. |
Unsigned32 Constraints: range: 1-65534 |
.1.3.6.1.4.1.9.9.423.1.5.1.1.1 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyEncr
The encryption transform specified by this
ISAKMP policy specification. The Internet Key Exchange (IKE) tunnels setup using this policy item would use the specified encryption transform to protect the ISAKMP PDUs. |
CISCO-IPSEC-TCCIPsecEncryptAlgorithmr/w Textual Convention: CISCO-IPSEC-TCCIPsecEncryptAlgorithm EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.2 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyHash
The hash transform specified by this
ISAKMP policy specification. The IKE tunnels setup using this policy item would use the specified hash transform to protect the ISAKMP PDUs. |
CISCO-IPSEC-TCCIPsecIkeHashAlgorithmr/w Textual Convention: CISCO-IPSEC-TCCIPsecIkeHashAlgorithm EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.3 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyPRF
The Pseudo Random Function algorithm specified by
this ISAKMP policy specification. The value of this object would only be used for IKEv2. |
CISCO-IPSEC-TCCIPsecIkePRFAlgorithmr/w Textual Convention: CISCO-IPSEC-TCCIPsecIkePRFAlgorithm EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.4 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyAuth
The peer authentication method specified by
this ISAKMP policy specification. If this policy entity is selected for negotiation with a peer, the local entity would authenticate the peer using the method specified by th… |
CISCO-IPSEC-TCCIPsecIkeAuthMethodr/w Textual Convention: CISCO-IPSEC-TCCIPsecIkeAuthMethod EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.5 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyDHGroup
This object specifies the Oakley group used
for Diffie Hellman exchange in the Main Mode. If this policy item is selected to negotiate Main Mode with an IKE peer, the local entity chooses the group specified by this … |
CISCO-IPSEC-TCCIPsecDiffHellmanGrpr/w Textual Convention: CISCO-IPSEC-TCCIPsecDiffHellmanGrp EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.6 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyLifetime
This object specifies the lifetime in seconds
of the IKE tunnels generated using this policy specification. |
secondsCISCO-IPSEC-TCCIKELifetimer/w Textual Convention: CISCO-IPSEC-TCCIKELifetime Unsigned32Type Constraints: range: 60..86400 |
.1.3.6.1.4.1.9.9.423.1.5.1.1.7 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyLifesize
This object specifies the life size in Kbytes
of the IKE tunnels generated using this policy specification. |
kbytesCISCO-IPSEC-TCCIKELifesizer/w Textual Convention: CISCO-IPSEC-TCCIKELifesize Unsigned32Type Constraints: range: 2560..4294967295 |
.1.3.6.1.4.1.9.9.423.1.5.1.1.8 |
||||||||||||||||||||||||||||||||||||
|
cicIkeCfgPolicyStatus
This object specifies the status of the ISAKMP
policy corresponding to this conceptual row. Creation of row can only be done via 'createAndGo'. To remove a row, set this object value to 'destroy'. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.9.9.423.1.5.1.1.9 |