HM2-VPN-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
5
Rows
5
Columns
87
hm2VpnConnTable
table.1.3.6.1.4.1.248.11.120.1.2.10
·
1 row entry
·
34 columns
A list of VPN connections.
A VPN connection entry.
Indexes
hm2VpnConnIndex
| Column | Syntax | OID | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
hm2VpnConnIndex
An index that uniquely identifies the entry in the
table. |
Integer32 Constraints: range: 1-256 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.1 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeVersion
Version of the IKE protocol:
o ike: accept IKEv1/v2 as responder, start with IKEv2 as initiator o ikev1: used protocol is IKE version 1 (ISAKMP) o ikev2: used protocol is IKE version 2 |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.2 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeStartup
If this host acts as a responder it does not
initiate a key exchange (IKE) nor connection parameters negotiation. Otherwise, this host acts as an initiator - then it initiates an IKE actively. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.3 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeLifetime
Lifetime of IKE security association in seconds.
The maximum value is 24 hours (86400 seconds). |
Integer32r/w Constraints: range: 300-86400 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.4 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeDpdTimeout
If greater than zero, the local peer sends Dead
Peer Detection (DPD) messages (according to RFC 3706) to the remote peer. This value specifies the timeout in seconds, the remote peer is declared dead, if not responding.… |
Integer32r/w Constraints: range: 0-86400 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.5 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeLocalAddr
Hostname (FQDN) or IP address of local
security gateway. If the value is 'any', then the IP address of the matching interface is used. Establishing the connection may be delayed until the hostname (if specified) can be … |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.6 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeRemoteAddr
Typically the hostname (FQDN) or IP address of
remote security gateway. If this value is 'any', then any IP address is accepted when establishing an IKE-SA as responder. Also a network in CIDR notation, to be accepted w… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.7 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthType
Type of authentication to be used: pre-shared key,
individual X509 certificates (separate for CA and local identification) or one PKCS12 container with all the needed certificates (including the CA). |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.8 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthMode
The phase 1 exchange mode to be used (IKEv1).
|
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.9 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthCertCA
PEM encoded X.509 certificate file name (RFC 1422),
if authentication type in 'hm2VpnConnIkeAuthType' is 'individualx509'. This certificate is used for RSA based signature verification in local and remote certificates. … |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.10 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthCertRemote
PEM encoded X.509 certificate file name (RFC 1422),
if authentication type in 'hm2VpnConnIkeAuthType' is 'individualx509'. This certificate is used for RSA based authentication of remote peer at the local side. This cer… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.11 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthCertLocal
PEM encoded X.509 certificate file name (RFC 1422)
to be used, if authentication type in 'hm2VpnConnIkeAuthType' is 'individualx509' or 'pkcs12'. This certificate is used for authentication of local peer at the remote … |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.12 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthPrivKey
Private key file name to be used, if authentication
type in 'hm2VpnConnIkeAuthType' is 'individualx509' and the key stored on the device is encrypted with a passphrase (so it cannot automatically be matched with the ce… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.13 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthPasswd
Passphrase to be used for decryption of private key
from 'hm2VpnConnIkeAuthPrivKey' or the certificate container for 'pkcs12' type certificates which are uploaded encrypted. |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.14 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthPsk
Pre-shared key (passphrase) to be used if
authentication type in 'hm2VpnConnIkeAuthType' is 'psk'. The pre-shared key sequence cannot contain newline or double-quote characters. Alternatively to characters sequence, pr… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.15 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthLocId
Local peer identifier to be sent within ID
payload during negotiation. The ID payload is used to identify the initiator of the security association. The identity is used by the responder to determine the correct host sy… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.16 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthLocType
Type of local peer identifier in 'hm2VpnConnIkeAuthLocId':
o default: If 'hm2VpnConnIkeAuthType' is 'psk' then use the IP address or host name from 'hm2VpnConnIkeLocalAddr' as local identifier.… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.17 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthRemId
Remote peer identifier to be compared with ID
payload during negotiation. The ID payload is used to identify the initiator of the security association. The identity is used by the responder to determine the correct host… |
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.18 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAuthRemType
Type of remote peer identifier in hm2VpnConnIkeAuthRemId:
o any: received remote identifier is not checked o address: use the IP address or host name from 'hm2VpnConnIkeRemoteAddr' as remote … |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.19 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAlgDh
Diffie-Hellman key agreement algorithm to be used
for establishment of IKE-SA: o any: accept all supported algorithms as responder, use default as initiator o modp1024: RSA with 1024 bits modulus (DH Group 2) o modp1… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.20 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAlgMac
Integrity (MAC) algorithm to be used in IKEv2:
o any: accept all supported algorithms as responder, use various pre-defined as initiator o hmacmd5: HMAC-MD5 (length 96 bit) o hmacsha1: HMAC-SHA1 (length 96 bi… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.21 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeAlgEncr
Encryption algorithm to be used in IKE:
o any: accept all supported algorithms as responder, use various pre-defined as initiator o des: DES o des3: Triple-DES o aes128: AES with 128 key bits o aes192: AES … |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.22 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIkeReAuth
whether re-keying of an IKE_SA should also re-authenticate the peer.
In IKEv1, re-authentication is always done (also when set to false). In IKEv2, a value of false does re-keying without un-installing the IPsec-SAs, … |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.23 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIpsecMode
IPsec encapsulation mode.
|
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.24 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIpsecLifetime
Lifetime of IPsec security association in seconds.
The maximum value is 8 hours (28800 seconds). |
Integer32r/w Constraints: range: 300-28800 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.25 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnMargintime
How long before connection expiry or keying-channel expiry
should attempts to negotiate a replacement begin. The maximum value is half an hour (1800 seconds). The margin time needs to be at most half of the lifetime. |
Integer32r/w Constraints: range: 1-1800 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.26 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIpsecAlgDh
Diffie-Hellman key agreement algorithm to be used
for IPsec-SA session key establishment: o any: accept all supported algorithms as responder, use various pre-defined as initiator o modp1024: RSA with 1024 bit… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.27 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIpsecAlgMac
Integrity (MAC) algorithm to be used in IPsec:
o any: accept all supported algorithms as responder, use various pre-defined as initiator o hmacmd5: HMAC-MD5 (length 96 bit) o hmacsha1: HMAC-SHA1 (length 96 bi… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.28 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnIpsecAlgEncr
Encryption algorithm to be used for payload
encryption in IPsec: o any: accept all supported algorithms as responder, use various pre-defined as initiator o des: DES o des3: Triple-DES o aes128: AES-CBC with… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.29 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnOperStatus
The current operational status of the VPN
connection: o 'up': the IKE-SA and all IPsec-SAs are up; o 'down': the IKE-SA and all IPsec-SAs are down; o 'negotiation': key exchange and algorithm negotiation is in progres… |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.30 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnDesc
User defined text.
|
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.31 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnLastError
Last error notification occurred for this
connection. This is useful if the connection does not reach the up state to see if an error has occurred in the proposal exchange or when establishing the tunnel. In most cas… |
OctetString Constraints: range: 0-512 |
.1.3.6.1.4.1.248.11.120.1.2.10.1.32 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnDebug
Used for debugging purpose of the VPN connections.
May affect the performance significant. Please handle with care. If the bit is set informational(0) messages, unhandled(1) messages (not handled by the stack) are logge… |
Bitsr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.33 |
||||||||||||||||||||||||||||||||||||
|
hm2VpnConnRowStatus
The row status of this table entry. If the row
status is 'active' then it is not allowed to change any value (this applies also to active traffic selectors). The maximum number of active VPN connections is limited to hm… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.248.11.120.1.2.10.1.34 |
hm2VpnConnInfoTable
table.1.3.6.1.4.1.248.11.120.1.2.15
·
1 row entry
·
20 columns
A list of VPN connections.
A VPN connection entry.
Indexes
hm2VpnConnIndex
| Column | Syntax | OID | ||||
|---|---|---|---|---|---|---|
|
hm2VpnConnInfoIkeVersionUsed
Version of the IKE protocol used by connection:
o ikev1: used protocol is IKE version 1 (ISAKMP) o ikev2: used protocol is IKE version 2 |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.15.1.1 |
||||
|
hm2VpnConnInfoIkeProposal
Algorithms the IKE uses for key exchange.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.2 |
||||
|
hm2VpnConnInfoIpsecProposal
Algorithms IPsec uses for the data communication.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.3 |
||||
|
hm2VpnConnInfoLocalHost
Local host detected by IKE.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.4 |
||||
|
hm2VpnConnInfoRemoteHost
Remote host detected by IKE.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.5 |
||||
|
hm2VpnConnInfoEstablished
Time in seconds since the connection has been established
(is updated after IKE re-authentication). |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.6 |
||||
|
hm2VpnConnInfoIKEReauth
Time in seconds when the next IKE re-authentication
will take place. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.7 |
||||
|
hm2VpnConnInfoIKERekeying
Time in seconds when the next IKE re-keying
will take place. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.8 |
||||
|
hm2VpnConnInfoIpsecRekeying
Time in seconds when the next IPsec re-keying
will take place. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.9 |
||||
|
hm2VpnConnInfoIpsecInBytes
Number of input Bytes from this IPsec tunnel.
|
SNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.10 |
||||
|
hm2VpnConnInfoIpsecInPackets
Number of input packets from this IPsec tunnel.
|
SNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.11 |
||||
|
hm2VpnConnInfoIpsecInUse
Time in seconds since the IPsec tunnel
has last received data. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.12 |
||||
|
hm2VpnConnInfoIpsecOutBytes
Number of output Bytes to this IPsec tunnel.
|
SNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.13 |
||||
|
hm2VpnConnInfoIpsecOutPackets
Number of output packets to this IPsec tunnel.
|
SNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.14 |
||||
|
hm2VpnConnInfoIpsecOutUse
Time in seconds since the IPsec tunnel
has last sent data. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.15 |
||||
|
hm2VpnConnInfoIKEInitiatorSPI
The IKE initiator SPI (local or remote, depends on initiator settings).
|
OctetString Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.16 |
||||
|
hm2VpnConnInfoIKEResponderSPI
The IKE responder SPI (local or remote, depends on initiator settings).
|
OctetString Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.17 |
||||
|
hm2VpnConnInfoIpsecInSPI
The input IPsec SPI.
|
OctetString Constraints: range: 0-16 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.18 |
||||
|
hm2VpnConnInfoIpsecOutSPI
The output IPsec SPI.
|
OctetString Constraints: range: 0-16 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.19 |
||||
|
hm2VpnConnInfoIpsecNumTunnel
The number of IPsec tunnels (IPsec-SAs)
within this VPN connection. |
SNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.15.1.20 |
.1.3.6.1.4.1.248.11.120.1.2.16
·
1 row entry
·
14 columns
A list of IPsec tunnels (IPsec-SAs) for a VPN connection (IKE-SA).
An IPsec tunnel entry (per traffic selector).
Indexes
hm2VpnConnIndex hm2VpnConnInfoTunnelIndex
| Column | Syntax | OID | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
hm2VpnConnInfoTunnelIndex
An index that (together with the connection
index hm2VpnConnIndex) identifies the entry in the connection info tunnel table. |
Integer32 Constraints: range: 1-32 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.1 |
||||||||||||||||||||||
|
hm2VpnConnInfoTSelIndex
An index that (together with the connection
index hm2VpnConnIndex) identifies the entry in the traffic selector table which is mapped with this IPsec tunnel. This index can be choosen freely, 0 is for unknown traffic … |
Integer32 Constraints: range: 0-16 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.2 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelStatus
The current operational status of the IPsec tunnel:
o 'unknown': the IPsec-SA state is not (yet) known; o 'created': the IPsec-SA has been created; o 'routed': the SPD has been installed, but no SAD entries o 'installi… |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.2.16.1.3 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelRekeying
Time in seconds when the next IPsec re-keying
will take place for this tunnel. |
secondsSNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.4 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelInBytes
Number of input Bytes from this IPsec tunnel.
|
bytesSNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.5 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelInPackets
Number of input packets from this IPsec tunnel.
|
packetsSNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.6 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelInUse
Time in seconds since the IPsec tunnel
has last received data. |
secondsSNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.7 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelOutBytes
Number of output Bytes to this IPsec tunnel.
|
bytesSNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.8 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelOutPackets
Number of output packets to this IPsec tunnel.
|
packetsSNMPv2-SMICounter64 Textual Convention: SNMPv2-SMICounter64 Unsigned64Type Constraints: range: 0..18446744073709551615 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.9 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelOutUse
Time in seconds since the IPsec tunnel
has last sent data. |
secondsSNMPv2-SMIUnsigned32 Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.10 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelInSPI
The input IPsec SPI for this tunnel.
|
OctetString Constraints: range: 0-16 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.11 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelOutSPI
The output IPsec SPI for this tunnel.
|
OctetString Constraints: range: 0-16 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.12 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelLocalSel
The local traffic selector for this tunnel (negociated).
|
OctetString Constraints: range: 0-64 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.13 |
||||||||||||||||||||||
|
hm2VpnConnInfoTunnelRemoteSel
The remote traffic selector for this tunnel (negociated).
|
OctetString Constraints: range: 0-64 |
.1.3.6.1.4.1.248.11.120.1.2.16.1.14 |
hm2VpnTrafficSelTable
table.1.3.6.1.4.1.248.11.120.1.3.1
·
1 row entry
·
7 columns
A list of traffic selectors. For details on the role of traffic selectors in IPsec protocol see RFC 2409, section 5.5 and RFC 4306, section 2.9.
A traffic selector entry. A traffic selector
defines the subnet/host addresses for which
this VPN connection is responsible.
A VPN connection (IKE-SA) can be associated with
multiple traffic selectors. Each one will be…
defines the subnet/host addresses for which
this VPN connection is responsible.
A VPN connection (IKE-SA) can be associated with
multiple traffic selectors. Each one will be…
Indexes
hm2VpnConnIndex hm2VpnTrafficSelIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
hm2VpnTrafficSelIndex
An index that (together with the connection
index hm2VpnConnIndex) identifies the entry in the traffic selector table. This index can be choosen freely, but must be greater than 0. |
Integer32 Constraints: range: 1-16 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.1 |
||||||||||||
|
hm2VpnTrafficSelSrcAddr
Host or subnet address in CIDR notation (a.b.c.d/n)
for which this traffic descriptor (and the associated VPN connection) is responsible. This address is compared to the source address of IP packets sent, when determini… |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.2 |
||||||||||||
|
hm2VpnTrafficSelDstAddr
Host or subnet address in CIDR notation (a.b.c.d/n)
for which this traffic descriptor (and the associated VPN connection) is responsible. This address is compared to the destination address of IP packets sent, when dete… |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.3 |
||||||||||||
|
hm2VpnTrafficSelSrcRest
The optional source restrictions (names or numbers)
<protocol/port>, e.g. tcp/http which is equal to 6/80, or udp which is equal to udp/any or /53 which is equal to any/53 |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.4 |
||||||||||||
|
hm2VpnTrafficSelDstRest
The optional destination restrictions (names or numbers)
<protocol/port>, e.g. tcp/http which is equal to 6/80, or udp which is equal to udp/any or /53 which is equal to any/53 |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.5 |
||||||||||||
|
hm2VpnTrafficSelDesc
User defined text.
|
OctetStringr/w Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.3.1.1.6 |
||||||||||||
|
hm2VpnTrafficSelRowStatus
The row status of this table entry. Only traffic
selector entries with an 'active' row status will be considered if the connections row status is set 'active'. Independent of that dependency any value in this entry can … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.4.1.248.11.120.1.3.1.1.7 |
hm2VpnCertificateTable
table.1.3.6.1.4.1.248.11.120.1.4.10
·
1 row entry
·
12 columns
The list of certificates available on the device.
A certificate file entry. A certificate file which
has been copied to the device and can be used for
VPN connections.
has been copied to the device and can be used for
VPN connections.
Indexes
hm2VpnCertificateIndex
| Column | Syntax | OID | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
hm2VpnCertificateIndex
Index of the entry.
|
Integer32 Constraints: range: 1-100 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.1 |
||||||||||
|
hm2VpnCertificateSubject
Subject field of certificate.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.2 |
||||||||||
|
hm2VpnCertificateIssuer
Certificate issuer.
|
OctetString Constraints: range: 0-128 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.3 |
||||||||||
|
hm2VpnCertificateStartDate
Time and date when certificate is begining
to be valid. |
HM2-TC-MIBHmTimeSeconds1970 Textual Convention: HM2-TC-MIBHmTimeSeconds1970 Unsigned32 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.4 |
||||||||||
|
hm2VpnCertificateEndDate
Time and date when certificate will expire.
|
HM2-TC-MIBHmTimeSeconds1970 Textual Convention: HM2-TC-MIBHmTimeSeconds1970 Unsigned32 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.5 |
||||||||||
|
hm2VpnCertificateFileName
Name of the file consisting of alphanumeric
characters plus hyphen, underscore and dot. |
OctetString Constraints: range: 0-64 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.6 |
||||||||||
|
hm2VpnCertificateType
Type of the container file used.
|
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.4.10.1.7 |
||||||||||
|
hm2VpnCertificateCertUploadDate
Time and date of last write access using the
content of the variable hm2SystemTime. |
HM2-TC-MIBHmTimeSeconds1970 Textual Convention: HM2-TC-MIBHmTimeSeconds1970 Unsigned32 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.8 |
||||||||||
|
hm2VpnCertificatePrivateKeyStatus
Shows if a Peer certificate has a private
key uploaded on the device. A Peer certificate cannot be used without a private key uploaded to the device. Does not apply to CA certificates. |
Enumeration Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.4.10.1.9 |
||||||||||
|
hm2VpnCertificatePrivateKeyFile
Name of the file consisting of alphanumeric
characters plus hyphen, underscore and dot. |
OctetString Constraints: range: 0-64 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.10 |
||||||||||
|
hm2VpnCertificateNoConnections
Number of active connections that use this
certificate. The certificate cannot be deleted from the device unless there are no active connections using it (this field is set to 0). |
Integer32 Constraints: range: 0-256 |
.1.3.6.1.4.1.248.11.120.1.4.10.1.11 |
||||||||||
|
hm2VpnCertificateUserActions
Provides a way to delete unused certificate
files from the device. A certificate can only be deleted if there are no active connections using it (see hm2VpnCertificateNoConnections). Deleting a Peer certificate automat… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.4.1.248.11.120.1.4.10.1.12 |