IPSEC-POLICY-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
32
Rows
32
Columns
286
ipspEndpointToGroupTable
table.1.3.6.1.2.1.153.1.2
·
1 row entry
·
6 columns
This table is used to map policy (groupings) onto an endpoint
where traffic is to pass by. Any policy group assigned to an
endpoint is then used to control access to the traffic
passing by it.
If an endpoint has been configured with a policy group and no
contained rule matches the incoming packet, the default
action in this case shall be to drop the packet.
If no policy group has been assigned to an endpoint, then the
policy group specified by ipspSystemPolicyGroupName should be
used for the endpoint.
A mapping assigning a policy group to an endpoint.
Indexes
ipspEndGroupIdentType ipspEndGroupAddress
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspEndGroupIdentType
The Internet Protocol version of the address associated with
a given endpoint. All addresses are represented as an array of octets in network byte order. When combined with the ipspEndGroupAddress these objects can be… |
INET-ADDRESS-MIBInetAddressType Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.2.1.1 |
||||||||||||||
|
ipspEndGroupAddress
The address of a given endpoint, the format of which is
specified by the ipspEndGroupIdentType object. |
OctetString Constraints: range: 16-16range: 4-4 |
.1.3.6.1.2.1.153.1.2.1.2 |
||||||||||||||
|
ipspEndGroupName
The policy group name to apply to this endpoint. The
value of the ipspEndGroupName object should then be used as an index into the ipspGroupContentsTable to come up with a list of rules that MUST be applied to this end… |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.2.1.3 |
||||||||||||||
|
ipspEndGroupLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.2.1.4 |
||||||||||||||
|
ipspEndGroupStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.2.1.5 |
||||||||||||||
|
ipspEndGroupRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object may not be set t… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.2.1.6 |
ipspGroupContentsTable
table.1.3.6.1.2.1.153.1.3
·
1 row entry
·
8 columns
This table contains a list of rules and/or subgroups contained within a given policy group. The entries are sorted by the ipspGroupContPriority object and MUST be executed in order according to this value, starting with the lowest value. Once a group item has been processed, the processor MUST stop processing this packet if an action was executed as a result of the processing of a given group. Iterating into the next policy group item by finding the next largest ipspGroupContPriority object shall only be done if no actions were run when processing the last item for a given packet.
Defines a given sub-item within a policy group.
Indexes
ipspGroupContName ipspGroupContPriority
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspGroupContName
The administrative name of this group.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.3.1.1 |
||||||||||||
|
ipspGroupContPriority
The priority (sequence number) of the sub-component in this
group. |
Integer32 Constraints: range: 0-65536 |
.1.3.6.1.2.1.153.1.3.1.2 |
||||||||||||
|
ipspGroupContFilter
ipspGroupContFilter points to a filter which is evaluated
to determine whether the sub-component within this group should be exercised. Managers can use this object to classify groups of rules or subgroups together in … |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.3.1.3 |
||||||||||||
|
ipspGroupContComponentType
Indicates whether the ipspGroupContComponentName object is
the name of another group defined within the ipspGroupContentsTable or is the name of a rule defined within the ipspRuleDefinitionTable. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.3.1.4 |
||||||||||||
|
ipspGroupContComponentName
The name of the policy rule or subgroup contained within this
group, as indicated by the ipspGroupContComponentType object. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.3.1.5 |
||||||||||||
|
ipspGroupContLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.3.1.6 |
||||||||||||
|
ipspGroupContStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.3.1.7 |
||||||||||||
|
ipspGroupContRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object may not be set t… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.3.1.8 |
ipspRuleDefinitionTable
table.1.3.6.1.2.1.153.1.4
·
1 row entry
·
9 columns
This table defines a policy rule by associating a filter or a set of filters to an action to be executed.
A row defining a particular policy definition. A rule
definition binds a filter pointer to an action pointer.
definition binds a filter pointer to an action pointer.
Indexes
ipspRuleDefName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspRuleDefName
ipspRuleDefName is the administratively assigned name of the
rule referred to by the ipspGroupContComponentName object. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.4.1.1 |
||||||||||||
|
ipspRuleDefDescription
A user definable string. This field may be used for your
administrative tracking purposes. |
SNMP-FRAMEWORK-MIBSnmpAdminStringr/w Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.4.1.2 |
||||||||||||
|
ipspRuleDefFilter
ipspRuleDefFilter points to a filter which is used to
evaluate whether the action associated with this row should be fired or not. The action will only fire if the filter referenced by this object evaluates to TRUE aft… |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.4.1.3 |
||||||||||||
|
ipspRuleDefFilterNegated
ipspRuleDefFilterNegated specifies whether the filter
referenced by the ipspRuleDefFilter object should be negated or not. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.4.1.4 |
||||||||||||
|
ipspRuleDefAction
This column points to the action to be taken. It may, but is
not limited to, point to a row in one of the following tables: ipspCompoundActionTable ipspSaPreconfiguredActionTable ipspIkeActionTa… |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.4.1.5 |
||||||||||||
|
ipspRuleDefAdminStatus
Indicates whether the current rule definition should be
considered active. If enabled, it should be evaluated when processing packets. If disabled, packets should continue to be processed by the rest of the rules defi… |
IpspAdminStatusr/w Textual Convention: IpspAdminStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.4.1.6 |
||||||||||||
|
ipspRuleDefLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.4.1.7 |
||||||||||||
|
ipspRuleDefStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.4.1.8 |
||||||||||||
|
ipspRuleDefRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object may not be set t… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.4.1.9 |
ipspCompoundFilterTable
table.1.3.6.1.2.1.153.1.5
·
1 row entry
·
6 columns
A table defining a compound set of filters and their associated parameters. A row in this table can either be pointed to by a ipspRuleDefFilter object or by a ficSubFilter object.
An entry in the ipspCompoundFilterTable. A filter defined by
this table is considered to have a TRUE return value if and
only if:
ipspCompFiltLogicType is AND and all of the sub-filters
associated with…
this table is considered to have a TRUE return value if and
only if:
ipspCompFiltLogicType is AND and all of the sub-filters
associated with…
Indexes
ipspCompFiltName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCompFiltName
A user definable string. You may use this field for your
administrative tracking purposes. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.5.1.1 |
||||||||||||
|
ipspCompFiltDescription
A user definable string. You may use this field for your
administrative tracking purposes. |
SNMP-FRAMEWORK-MIBSnmpAdminStringr/w Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.5.1.2 |
||||||||||||
|
ipspCompFiltLogicType
Indicates whether the filters contained within this filter
are functionally ANDed or ORed together. |
IpspBooleanOperatorr/w Textual Convention: IpspBooleanOperator EnumerationType Values:
|
.1.3.6.1.2.1.153.1.5.1.3 |
||||||||||||
|
ipspCompFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.5.1.4 |
||||||||||||
|
ipspCompFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.5.1.5 |
||||||||||||
|
ipspCompFiltRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. Once active, it may not have… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.5.1.6 |
ipspSubfiltersTable
table.1.3.6.1.2.1.153.1.6
·
1 row entry
·
6 columns
This table defines a list of filters contained within a given compound filter set defined in the ipspCompoundFilterTable.
An entry into the list of filters for a given compound
filter.
filter.
Indexes
ipspCompFiltName ipspSubFiltPriority
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspSubFiltPriority
The priority of a given filter within a condition.
Implementations MAY choose to follow the ordering indicated by the manager that created the rows in order to allow the manager to intelligently construct filter lists s… |
Integer32 Constraints: range: 0-65536 |
.1.3.6.1.2.1.153.1.6.1.1 |
||||||||||||
|
ipspSubFiltSubfilter
The location of the contained filter. The value of this
column should be a VariablePointer which references the properties for the filter to be included in this compound filter. This MIB defines the foll… |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.6.1.2 |
||||||||||||
|
ipspSubFiltSubfilterIsNegated
Indicates whether the result of applying this subfilter
should be negated or not. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.6.1.3 |
||||||||||||
|
ipspSubFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.6.1.4 |
||||||||||||
|
ipspSubFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.6.1.5 |
||||||||||||
|
ipspSubFiltRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object can not be made … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.6.1.6 |
ipspIpHeaderFilterTable
table.1.3.6.1.2.1.153.1.8
·
1 row entry
·
16 columns
This table contains a list of filter definitions to be used within the ipspRuleDefinitionTable or the ipspSubfilterTable table.
A definition of a particular filter.
Indexes
ipspIpHeadFiltName
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpHeadFiltName
The administrative name for this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.8.1.1 |
||||||||||||||
|
ipspIpHeadFiltType
This defines the various tests that are used when evaluating
a given filter. The results of each test are ANDed together to produce the result of the entire filter. When processing this filter, it is recommended for e… |
Bitsr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.8.1.2 |
||||||||||||||
|
ipspIpHeadFiltIPVersion
The Internet Protocol version the addresses are to match
against. The value of this property determines the size and format of the ipspIpHeadFiltSrcAddressBegin, ipspIpHeadFiltSrcAddressEnd, ipspIpHeadFiltDstAddressBeg… |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.8.1.3 |
||||||||||||||
|
ipspIpHeadFiltSrcAddressBegin
The starting address of a source address range that the
packet must match against for this filter to be considered TRUE. This object is only used if sourceAddress is set in ipspIpHeadFiltType. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.8.1.4 |
||||||||||||||
|
ipspIpHeadFiltSrcAddressEnd
The ending address of a source address range to check a
packet against, where the starting is specified by the ipspIpHeadFiltSrcAddressBegin object. Set this column to the same value as the ipspIpHeadFiltSrcAddressBegi… |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.8.1.5 |
||||||||||||||
|
ipspIpHeadFiltDstAddressBegin
The starting address of a destination address range that the
packet must match against for this filter to be considered TRUE. This object is only used if destinationAddress is set in ipspIpHeadFiltType. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.8.1.6 |
||||||||||||||
|
ipspIpHeadFiltDstAddressEnd
The ending address of a destination address range to check a
packet against, where the first is specified by the ipspIpHeadFiltDstAddressBegin object. Set this column to the same value as the ipspIpHeadFiltDstAddressBe… |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.8.1.7 |
||||||||||||||
|
ipspIpHeadFiltSrcLowPort
The low port of the port range a packet's source must match
against. To match, the port number must be greater than or equal to this value. This object is only used if sourcePort is set in ipspIpHeadFilt… |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.8.1.8 |
||||||||||||||
|
ipspIpHeadFiltSrcHighPort
The high port of the port range a packet's source must match
against. To match, the port number must be less than or equal to this value. This object is only used if sourcePort is set in ipspIpHeadFiltTy… |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.8.1.9 |
||||||||||||||
|
ipspIpHeadFiltDstLowPort
The low port of the port range a packet's destination must
match against. To match, the port number must be greater than or equal to this value. This object is only used if destinationPort is set in ipsp… |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.8.1.10 |
||||||||||||||
|
ipspIpHeadFiltDstHighPort
The high port of the port range a packet's destination must
match against. To match, the port number must be less than or equal to this value. This object is only used if destinationPort is set in ipspIp… |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.8.1.11 |
||||||||||||||
|
ipspIpHeadFiltProtocol
The protocol number the incoming packet must match against
for this filter to be evaluated as true. This object is only used if protocol is set in ipspIpHeadFiltType. |
Integer32r/w Constraints: range: 0-255 |
.1.3.6.1.2.1.153.1.8.1.12 |
||||||||||||||
|
ipspIpHeadFiltIPv6FlowLabel
The IPv6 Flow Label that the packet must match against.
This object is only used if ipv6FlowLabel is set in ipspIpHeadFiltType. |
Integer32r/w Constraints: range: 0-1048575 |
.1.3.6.1.2.1.153.1.8.1.13 |
||||||||||||||
|
ipspIpHeadFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.8.1.14 |
||||||||||||||
|
ipspIpHeadFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.8.1.15 |
||||||||||||||
|
ipspIpHeadFiltRowStatus
This object indicates the conceptual status of this row.
This object may not be set to active if the requirements of the ipspIpHeadFiltType object are not met. In other words, if the associated value col… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.8.1.16 |
ipspIpOffsetFilterTable
table.1.3.6.1.2.1.153.1.9
·
1 row entry
·
8 columns
This table contains a list of filter definitions to be used within the ipspRuleDefinitionTable or the ipspSubfilterTable.
A definition of a particular filter.
Indexes
ipspIpOffFiltName
| Column | Syntax | OID | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpOffFiltName
The administrative name for this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.9.1.1 |
||||||||||||||||
|
ipspIpOffFiltOffset
This is the byte offset from the front of the IP packet where
the value or arithmetic comparison is done. A value of '0' indicates the first byte in the packet. |
Integer32r/w Constraints: range: 0-65536 |
.1.3.6.1.2.1.153.1.9.1.2 |
||||||||||||||||
|
ipspIpOffFiltType
This defines the various tests that are used when evaluating
a given filter. Once a row is 'active', this object's value may not be changed unless the appropriate columns, ipspIpOffFiltNumber or ipspIpOff… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.9.1.3 |
||||||||||||||||
|
ipspIpOffFiltNumber
ipspIpOffFiltNumber is used for arithmetic matching of a
packets at ipspIpOffFiltOffset. This object is only used if one of the arithmetic types is chosen in ipspIpOffFiltType. |
Integer32r/w Constraints: range: 0-65536 |
.1.3.6.1.2.1.153.1.9.1.4 |
||||||||||||||||
|
ipspIpOffFiltValue
ipspIpOffFiltValue is used for match comparisons of a packet at
ipspIpOffFiltOffset. This object is only used if one of the match types is chosen in ipspIpOffFiltType. |
OctetStringr/w Constraints: range: 0-1024 |
.1.3.6.1.2.1.153.1.9.1.5 |
||||||||||||||||
|
ipspIpOffFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.9.1.6 |
||||||||||||||||
|
ipspIpOffFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.9.1.7 |
||||||||||||||||
|
ipspIpOffFiltRowStatus
This object indicates the conceptual status of this row.
This object may not be set to active if the requirements of the ipspIpOffFiltType object are not met. In other words, if the associated value colu… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.9.1.8 |
ipspTimeFilterTable
table.1.3.6.1.2.1.153.1.10
·
1 row entry
·
11 columns
Defines a table of filters which can be used to effectively enable or disable policies based on a valid time range.
A row describing a given time frame for which a policy may be
filtered on to place the rule active or inactive.
filtered on to place the rule active or inactive.
Indexes
ipspTimeFiltName
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspTimeFiltName
An administratively assigned name for this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.10.1.1 |
||||||||||||||||||||||||
|
ipspTimeFiltPeriodStart
The starting time period for this filter. In addition to a
normal DateAndTime string, this object may be set to the OCTET STRING value THISANDPRIOR which indicates that the filter is valid from any time before now up u… |
SNMPv2-TCDateAndTimer/w Textual Convention: SNMPv2-TCDateAndTime OctetStringType Constraints: range: 8range: 11 |
.1.3.6.1.2.1.153.1.10.1.2 |
||||||||||||||||||||||||
|
ipspTimeFiltPeriodEnd
The ending time period for this filter. In addition to a
normal DateAndTime string, this object may be set to the OCTET STRING value THISANDFUTURE which indicates that the filter is valid without an ending date and/or … |
SNMPv2-TCDateAndTimer/w Textual Convention: SNMPv2-TCDateAndTime OctetStringType Constraints: range: 8range: 11 |
.1.3.6.1.2.1.153.1.10.1.3 |
||||||||||||||||||||||||
|
ipspTimeFiltMonthOfYearMask
A bit mask which overlays the ipspTimeFiltPeriodStart to
ipspTimeFiltPeriodEnd date range to further restrict the time period to a restricted set of months of the year. |
Bitsr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.10.1.4 |
||||||||||||||||||||||||
|
ipspTimeFiltDayOfMonthMask
Defines which days of the month this time period is valid
for. It is a sequence of 32 BITS, where each BIT represents a corresponding day of the month starting from the left most bit being equal to the first day of the… |
OctetStringr/w Constraints: range: 4-4 |
.1.3.6.1.2.1.153.1.10.1.5 |
||||||||||||||||||||||||
|
ipspTimeFiltDayOfWeekMask
A bit mask which overlays the ipspTimeFiltPeriodStart to
ipspTimeFiltPeriodEnd date range to further restrict the time period to a restricted set of days within a given week. |
Bitsr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.10.1.6 |
||||||||||||||||||||||||
|
ipspTimeFiltTimeOfDayMaskStart
Indicates the starting time of day for which this filter
evaluates to true. The date portions of the DateAndTime TC are ignored for purposes of evaluating this mask and only the time specific portions are used. |
SNMPv2-TCDateAndTimer/w Textual Convention: SNMPv2-TCDateAndTime OctetStringType Constraints: range: 8range: 11 |
.1.3.6.1.2.1.153.1.10.1.7 |
||||||||||||||||||||||||
|
ipspTimeFiltTimeOfDayMaskEnd
Indicates the ending time of day for which this filter
evaluates to true. The date portions of the DateAndTime TC are ignored for purposes of evaluating this mask and only the time specific portions are used. If this … |
SNMPv2-TCDateAndTimer/w Textual Convention: SNMPv2-TCDateAndTime OctetStringType Constraints: range: 8range: 11 |
.1.3.6.1.2.1.153.1.10.1.8 |
||||||||||||||||||||||||
|
ipspTimeFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.10.1.9 |
||||||||||||||||||||||||
|
ipspTimeFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.10.1.10 |
||||||||||||||||||||||||
|
ipspTimeFiltRowStatus
This object indicates the conceptual status of this row.
|
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.10.1.11 |
.1.3.6.1.2.1.153.1.11
·
1 row entry
·
7 columns
This table contains a list of IPSO header filter definitions to be used within the ipspRuleDefinitionTable or the ipspSubfilterTable. IPSO headers and their values are described in RFC1108.
A definition of a particular filter.
Indexes
ipspIpsoHeadFiltName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpsoHeadFiltName
The administrative name for this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.11.1.1 |
||||||||||||
|
ipspIpsoHeadFiltType
The IPSO header fields to match the value against.
|
Bitsr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.11.1.2 |
||||||||||||
|
ipspIpsoHeadFiltClassification
The IPSO classification header field value must match the
value in this column if the classificationLevel bit is set in the ipspIpsoHeadFiltType field. The values of these enumerations are defined by RFC1… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.11.1.3 |
||||||||||||
|
ipspIpsoHeadFiltProtectionAuth
The IPSO protection authority header field value must match
the value in this column if the protection authority bit is set in the ipspIpsoHeadFiltType field. The values of these enumerations are defined … |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.11.1.4 |
||||||||||||
|
ipspIpsoHeadFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.11.1.5 |
||||||||||||
|
ipspIpsoHeadFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.11.1.6 |
||||||||||||
|
ipspIpsoHeadFiltRowStatus
This object indicates the conceptual status of this row.
This object may not be set to active if the requirements of the ipspIpsoHeadFiltType object are not met. In other words, if the associated value c… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.11.1.7 |
.1.3.6.1.2.1.153.1.12
·
1 row entry
·
8 columns
This table defines filters which can be used to match credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They may be X.509 certificates, Kerberos tickets, etc...
A row defining a particular credential filter
Indexes
ipspCredFiltName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCredFiltName
The administrative name of this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.12.1.1 |
||||||||||||
|
ipspCredFiltCredentialType
The credential type that is expected for this filter to
succeed. |
IpspCredentialTyper/w Textual Convention: IpspCredentialType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.12.1.2 |
||||||||||||
|
ipspCredFiltMatchFieldName
The piece of the credential to match against. Examples:
serialNumber, signatureAlgorithm, issuerName or subjectName. For credential types without fields (e.g. shared secrec), this field should be left em… |
OctetStringr/w Constraints: range: 0-256 |
.1.3.6.1.2.1.153.1.12.1.3 |
||||||||||||
|
ipspCredFiltMatchFieldValue
The value that the field indicated by the
ipspCredFiltMatchFieldName must match against for the filter to be considered TRUE. |
OctetStringr/w Constraints: range: 1-4096 |
.1.3.6.1.2.1.153.1.12.1.4 |
||||||||||||
|
ipspCredFiltAcceptCredFrom
This value is used to look up a row in the
ipspIpsecCredMngServiceTable for the Certificate Authority (CA) Information. This value is empty if there is no CA used for this filter. |
OctetStringr/w Constraints: range: 1-117 |
.1.3.6.1.2.1.153.1.12.1.5 |
||||||||||||
|
ipspCredFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.12.1.6 |
||||||||||||
|
ipspCredFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.12.1.7 |
||||||||||||
|
ipspCredFiltRowStatus
This object indicates the conceptual status of this row.
|
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.12.1.8 |
.1.3.6.1.2.1.153.1.13
·
1 row entry
·
6 columns
This table defines filters which can be used to match credentials of IKE peers, where the credentials in question have been obtained from an IKE phase 1 exchange. They may be X.509 certificates, Kerberos tickets, etc...
A row defining a particular credential filter
Indexes
ipspPeerIdFiltName
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspPeerIdFiltName
The administrative name of this filter.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.13.1.1 |
||||||||||||||||||||||||
|
ipspPeerIdFiltIdentityType
The type of identity field in the peer ID payload to match
against. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentTyper/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.13.1.2 |
||||||||||||||||||||||||
|
ipspPeerIdFiltIdentityValue
The string representation of the value that the peer ID
payload value must match against. Wildcard mechanisms MUST be supported such that: - a ipspPeerIdFiltIdentityValue of '*@example.com' will match a… |
IpspIdentityFilterr/w Textual Convention: IpspIdentityFilter OctetStringType Constraints: range: 1..256 |
.1.3.6.1.2.1.153.1.13.1.3 |
||||||||||||||||||||||||
|
ipspPeerIdFiltLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.13.1.4 |
||||||||||||||||||||||||
|
ipspPeerIdFiltStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.13.1.5 |
||||||||||||||||||||||||
|
ipspPeerIdFiltRowStatus
This object indicates the conceptual status of this row.
This object can not be considered active unless the ipspPeerIdFiltIdentityType and ipspPeerIdFiltIdentityValue column values are defined. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.13.1.6 |
ipspCompoundActionTable
table.1.3.6.1.2.1.153.1.14
·
1 row entry
·
5 columns
Table used to allow multiple actions to be associated with a rule. It uses the ipspSubactionsTable to do this.
A row in the ipspCompoundActionTable.
Indexes
ipspCompActName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCompActName
This is an administratively assigned name of this compound
action. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.14.1.1 |
||||||||||||
|
ipspCompActExecutionStrategy
This object indicates how the sub-actions are executed based
on the success of the actions as they finish executing. doAll - run each sub-action regardless of the exit status o… |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.14.1.2 |
||||||||||||
|
ipspCompActLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.14.1.3 |
||||||||||||
|
ipspCompActStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.14.1.4 |
||||||||||||
|
ipspCompActRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. Once a row in the ipspCompou… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.14.1.5 |
ipspSubactionsTable
table.1.3.6.1.2.1.153.1.15
·
1 row entry
·
5 columns
This table contains a list of the sub-actions within a given compound action. Compound actions executing these actions MUST execute them in series based on the ipspSubActPriority value, with the lowest value executing first.
A row containing a reference to a given compound-action
sub-action.
sub-action.
Indexes
ipspCompActName ipspSubActPriority
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspSubActPriority
The priority of a given sub-action within a compound action.
The order in which sub-actions should be executed are based on the value from this column, with the lowest numeric value executing first. |
Integer32 Constraints: range: 0-65536 |
.1.3.6.1.2.1.153.1.15.1.1 |
||||||||||||
|
ipspSubActSubActionName
This column points to the action to be taken. It may, but is
not limited to, point to a row in one of the following tables: ipspCompoundActionTable - Allowing recursion ipspSaPreconfigured… |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.15.1.2 |
||||||||||||
|
aiipspCompActLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.15.1.3 |
||||||||||||
|
aiipspCompActStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.15.1.4 |
||||||||||||
|
aiipspCompActRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.15.1.5 |
.1.3.6.1.2.1.153.1.17
·
1 row entry
·
22 columns
This table is a list of non-negotiated IPsec actions (SAs) that can be performed and contains or indicates the data necessary to create such an SA.
One entry in the ipspSaPreconfiguredActionTable.
Indexes
ipspSaPreActActionName ipspSaPreActSADirection
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspSaPreActActionName
This object contains the name of this
SaPreconfiguredActionEntry. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.17.1.1 |
||||||||||||
|
ipspSaPreActSADirection
This object indicates whether a row should apply to outgoing
or incoming SAs |
IpspSADirection Textual Convention: IpspSADirection EnumerationType Values:
|
.1.3.6.1.2.1.153.1.17.1.2 |
||||||||||||
|
ipspSaPreActActionDescription
An administratively assigned string which may be used
to describe what the action does. |
SNMP-FRAMEWORK-MIBSnmpAdminStringr/w Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.17.1.3 |
||||||||||||
|
ipspSaPreActActionLifetimeSec
ipspSaPreActActionLifetimeSec specifies how long in seconds the
security association derived from this action should be used. The default lifetime is 8 hours. Note: the actual lifetime of the preconfigured SA will be th… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.17.1.4 |
||||||||||||
|
ipspSaPreActActionLifetimeKB
ipspSaPreActActionLifetimeKB specifies how long the
security association derived from this action should be used. After this value in KiloBytes has passed through the security association, it should no longer be used. … |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.17.1.5 |
||||||||||||
|
ipspSaPreActDoActionLogging
ipspSaPreActDoActionLogging specifies whether or not an audit
message should be logged when a preconfigured SA is created. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.17.1.6 |
||||||||||||
|
ipspSaPreActDoPacketLogging
ipspSaPreActDoPacketLogging specifies whether or not an audit
message should be logged and if there is logging, how many bytes of the packet to place in the notification. |
IpspIPPacketLoggingr/w Textual Convention: IpspIPPacketLogging Integer32Type Constraints: range: -1..65536 |
.1.3.6.1.2.1.153.1.17.1.7 |
||||||||||||
|
ipspSaPreActDFHandling
This object specifies how to process the DF bit in packets
sent through the preconfigured SA. This object is not used for transport SAs. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.17.1.8 |
||||||||||||
|
ipspSaPreActActionType
This object specifies the encapsulation mode to use for the
preconfigured SA: tunnel or transport mode. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiEncapsulationModer/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiEncapsulationMode EnumerationType Values:
|
.1.3.6.1.2.1.153.1.17.1.9 |
||||||||||||
|
ipspSaPreActAHSPI
This object represents the SPI value for the AH SA.
|
SNMPv2-SMIInteger32r/w Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.2.1.153.1.17.1.10 |
||||||||||||
|
ipspSaPreActAHTransformName
This object is the name of the AH transform to use as an
index into the AHTransformTable. A zero length value indicates no transform of this type is used. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.11 |
||||||||||||
|
ipspSaPreActAHSharedSecretName
This object contains a name value to be used as an index into
the ipspCredentialTable which holds the pertinent keying information for the AH SA. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.12 |
||||||||||||
|
ipspSaPreActESPSPI
This object represents the SPI value for the ESP SA.
|
SNMPv2-SMIInteger32r/w Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.2.1.153.1.17.1.13 |
||||||||||||
|
ipspSaPreActESPTransformName
This object is the name of the ESP transform to use as an
index into the ESPTransformTable. A zero length value indicates no transform of this type is used. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.14 |
||||||||||||
|
ipspSaPreActESPEncSecretName
This object contains a name value to be used as an index into
the ipspCredentialTable which holds the pertinent keying information for the encryption algorithm of the ESP SA. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.15 |
||||||||||||
|
ipspSaPreActESPAuthSecretName
This object contains a name value to be used as an index into
the ipspCredentialTable which holds the pertinent keying information for the authentication algorithm of the ESP SA. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.16 |
||||||||||||
|
ipspSaPreActIPCompSPI
This object represents the SPI value for the IPComp SA.
|
SNMPv2-SMIInteger32r/w Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.2.1.153.1.17.1.17 |
||||||||||||
|
ipspSaPreActIPCompTransformName
This object is the name of the IPComp transform to use as an
index into the IPCompTransformTable. A zero length value indicates no transform of this type is used. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.18 |
||||||||||||
|
ipspSaPreActPeerGatewayIdName
This object indicates the peer id name of the peer
gateway. This object can be used to look up the peer gateway address in the ipspPeerIdentityTable. This object is only used when initiating a tunnel SA,… |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.17.1.19 |
||||||||||||
|
ipspSaPreActLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.17.1.20 |
||||||||||||
|
ipspSaPreActStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.17.1.21 |
||||||||||||
|
ipspSaPreActRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.17.1.22 |
.1.3.6.1.2.1.153.1.18
·
1 row entry
·
9 columns
This table contains reusable parameters that can be pointed to by the ipspIkeActionTable and ipspIpsecActionTable. These parameters are reusable since it is likely an administrator will want to make global policy changes to lifetime parameters that apply to multiple actions. This table allows multiple rows in the other actions tables to reuse global lifetime parameters in this table by repeatedly pointing to a row cointained within this table.
Contains the attributes of one row in the
ipspSaNegotiationParametersTable.
ipspSaNegotiationParametersTable.
Indexes
ipspSaNegParamName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspSaNegParamName
This object contains the administrative name of this
SaNegotiationParametersEntry. This row can be referred to by this name in other policy action tables. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.18.1.1 |
||||||||||||
|
ipspSaNegParamMinLifetimeSecs
ipspSaNegParamMinLifetimeSecs specifies the minimum seconds
lifetime that will be accepted from the peer. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.18.1.2 |
||||||||||||
|
ipspSaNegParamMinLifetimeKB
ipspSaNegParamMinLifetimeKB specifies the minimum kilobyte
lifetime that will be accepted from the peer. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.18.1.3 |
||||||||||||
|
ipspSaNegParamRefreshThreshSecs
ipspSaNegParamRefreshThreshSecs specifies what percentage of
the seconds lifetime can expire before IKE should attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentage. … |
Unsigned32r/w Constraints: range: 1-100 |
.1.3.6.1.2.1.153.1.18.1.4 |
||||||||||||
|
ipspSaNegParamRefreshThresholdKB
ipspSaNegParamRefreshThresholdKB specifies what percentage of
the kilobyte lifetime can expire before IKE should attempt to renegotiate the IPsec security association. A value between 1 and 100 representing a percentag… |
Unsigned32r/w Constraints: range: 1-100 |
.1.3.6.1.2.1.153.1.18.1.5 |
||||||||||||
|
ipspSaNegParamIdleDurationSecs
ipspSaNegParamIdleDurationSecs specifies how many seconds a
security association may remain idle (i.e., no traffic protected using the security association) before it is deleted. A value of zero indicates that idle det… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.18.1.6 |
||||||||||||
|
ipspSaNegParamLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.18.1.7 |
||||||||||||
|
ipspSaNegParamStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.18.1.8 |
||||||||||||
|
ipspSaNegParamRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object may not be set t… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.18.1.9 |
ipspIkeActionTable
table.1.3.6.1.2.1.153.1.19
·
1 row entry
·
14 columns
The ipspIkeActionTable contains a list of the parameters used for an IKE phase 1 SA DOI negotiation. See the corresponding table ipspIkeActionProposalsTable for a list of proposals contained within a given IKE Action.
The ipspIkeActionEntry lists the IKE negotiation attributes.
Indexes
ipspIkeActName
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIkeActName
This object contains the name of this ikeAction entry.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.19.1.1 |
||||||||||||||||||||||||
|
ipspIkeActParametersName
This object is administratively assigned to reference a row
in the ipspSaNegotiationParametersTable where additional parameters affecting this action may be found. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.19.1.2 |
||||||||||||||||||||||||
|
ipspIkeActThresholdDerivedKeys
ipspIkeActThresholdDerivedKeys specifies what percentage
of the derived key limit (see the LifetimeDerivedKeys property of IKEProposal) can expire before IKE should attempt to renegotiate the IKE phase 1 security associ… |
Integer32r/w Constraints: range: 0-100 |
.1.3.6.1.2.1.153.1.19.1.3 |
||||||||||||||||||||||||
|
ipspIkeActExchangeMode
ipspIkeActExchangeMode specifies the IKE Phase 1 negotiation
mode. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.19.1.4 |
||||||||||||||||||||||||
|
ipspIkeActAgressiveModeGroupId
The values to be used for Diffie-Hellman exchange.
|
IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescriptionr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescription EnumerationType Values:
|
.1.3.6.1.2.1.153.1.19.1.5 |
||||||||||||||||||||||||
|
ipspIkeActIdentityType
This column along with ipspIkeActIdentityContext and endpoint
information is used to refer an ipspIkeIdentityEntry in the ipspIkeIdentityTable. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentTyper/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.19.1.6 |
||||||||||||||||||||||||
|
ipspIkeActIdentityContext
This column, along with ipspIkeActIdentityType and endpoint
information, is used to refer to an ipspIkeIdentityEntry in the ipspIkeIdentityTable. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.19.1.7 |
||||||||||||||||||||||||
|
ipspIkeActPeerName
This object indicates the peer id name of the IKE peer. This
object can be used to look up the peer id value, address, credentials and other values in the ipspPeerIdentityTable. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.19.1.8 |
||||||||||||||||||||||||
|
ipspIkeActDoActionLogging
ikeDoActionLogging specifies whether or not an audit
message should be logged when this ike SA is created. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.19.1.9 |
||||||||||||||||||||||||
|
ipspIkeActDoPacketLogging
ikeDoPacketLogging specifies whether or not an audit message
should be logged and if there is logging, how many bytes of the packet to place in the notification. |
IpspIPPacketLoggingr/w Textual Convention: IpspIPPacketLogging Integer32Type Constraints: range: -1..65536 |
.1.3.6.1.2.1.153.1.19.1.10 |
||||||||||||||||||||||||
|
ipspIkeActVendorId
Vendor ID Payload. A value of NULL means that Vendor ID
payload will be neither generated nor accepted. A non-NULL value means that a Vendor ID payload will be generated (when acting as an initiator) or is expected (w… |
OctetStringr/w Constraints: range: 0-65535 |
.1.3.6.1.2.1.153.1.19.1.11 |
||||||||||||||||||||||||
|
ipspIkeActLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.19.1.12 |
||||||||||||||||||||||||
|
ipspIkeActStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.19.1.13 |
||||||||||||||||||||||||
|
ipspIkeActRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This object may not be set t… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.19.1.14 |
.1.3.6.1.2.1.153.1.20
·
1 row entry
·
5 columns
This table contains a list of all ike proposal names found within a given IKE Action.
a row containing one ike proposal reference
Indexes
ipspIkeActName ipspIkeActPropPriority
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIkeActPropPriority
The numeric priority of a given contained proposal inside an
ike Action. This index should be used to order the proposals in an IKE Phase I negotiation, lowest value first. |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.2.1.153.1.20.1.1 |
||||||||||||
|
ipspIkeActPropName
The administratively assigned name that can be used to
reference a set of values contained within the ipspIkeProposalTable. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.20.1.2 |
||||||||||||
|
ipspIkeActPropLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.20.1.3 |
||||||||||||
|
ipspIkeActPropStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.20.1.4 |
||||||||||||
|
ipspIkeActPropRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.20.1.5 |
ipspIkeProposalTable
table.1.3.6.1.2.1.153.1.21
·
1 row entry
·
14 columns
This table contains a list of IKE proposals which are used in an IKE negotiation.
One IKE proposal entry.
Indexes
ipspIkeActPropName
| Column | Syntax | OID | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIkePropLifetimeDerivedKeys
ipspIkePropLifetimeDerivedKeys specifies the number of times
that a phase 1 key will be used to derive a phase 2 key before the phase 1 security association needs renegotiated. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.21.1.1 |
||||||||||||||||
|
ipspIkePropCipherAlgorithm
ipspIkePropCipherAlgorithm specifies the proposed phase 1
security association encryption algorithm. |
IPSEC-ISAKMP-IKE-DOI-TCIkeEncryptionAlgorithmr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeEncryptionAlgorithm EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.2 |
||||||||||||||||
|
ipspIkePropCipherKeyLength
This object specifies, in bits, the key length for
the cipher algorithm used in IKE Phase 1 negotiation. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.21.1.3 |
||||||||||||||||
|
ipspIkePropCipherKeyRounds
This object specifies the number of key rounds for
the cipher algorithm used in IKE Phase 1 negotiation. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.21.1.4 |
||||||||||||||||
|
ipspIkePropHashAlgorithm
ipspIkePropHashAlgorithm specifies the proposed phase 1
security assocation hash algorithm. |
IPSEC-ISAKMP-IKE-DOI-TCIkeHashAlgorithmr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeHashAlgorithm EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.5 |
||||||||||||||||
|
ipspIkePropPrfAlgorithm
ipPRFAlgorithm specifies the proposed phase 1 security
association psuedo-random function. Note: currently no prf algorithms are defined. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.21.1.6 |
||||||||||||||||
|
ipspIkePropVendorId
The VendorID property is used to identify vendor-defined key
exchange GroupIDs. |
OctetStringr/w Constraints: range: 0-255 |
.1.3.6.1.2.1.153.1.21.1.7 |
||||||||||||||||
|
ipspIkePropDhGroup
This object specifies the proposed phase 1 security
association Diffie-Hellman group |
IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescriptionr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescription EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.8 |
||||||||||||||||
|
ipspIkePropAuthenticationMethod
This object specifies the proposed authentication
method for the phase 1 security association. |
IPSEC-ISAKMP-IKE-DOI-TCIkeAuthMethodr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeAuthMethod EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.9 |
||||||||||||||||
|
ipspIkePropMaxLifetimeSecs
ipspIkePropMaxLifetimeSecs specifies the maximum amount of
time to propose a security association remain valid. A value of 0 indicates that the default lifetime of 8 hours should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.21.1.10 |
||||||||||||||||
|
ipspIkePropMaxLifetimeKB
ipspIkePropMaxLifetimeKB specifies the maximum kilobyte
lifetime to propose a security association remain valid. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.21.1.11 |
||||||||||||||||
|
ipspIkePropProposalLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.21.1.12 |
||||||||||||||||
|
ipspIkePropProposalStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.13 |
||||||||||||||||
|
ipspIkePropProposalRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.21.1.14 |
ipspIpsecActionTable
table.1.3.6.1.2.1.153.1.22
·
1 row entry
·
16 columns
The ipspIpsecActionTable contains a list of the parameters used for an IKE phase 2 IPsec DOI negotiation.
The ipspIpsecActionEntry lists the IPsec negotiation
attributes.
attributes.
Indexes
ipspIpsecActName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpsecActName
ipspIpsecActName is the name of the ipsecAction entry.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.22.1.1 |
||||||||||||
|
ipspIpsecActParametersName
This object is used to reference a row in the
ipspSaNegotiationParametersTable where additional parameters affecting this action may be found. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.22.1.2 |
||||||||||||
|
ipspIpsecActProposalsName
This object is used to reference one or more rows in the
ipspIpsecProposalsTable where an ordered list of proposals affecting this action may be found. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.22.1.3 |
||||||||||||
|
ipspIpsecActUsePfs
This MIB object specifies whether or not perfect forward
secrecy should be used when refreshing keys. A value of true indicates that PFS should be used. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.4 |
||||||||||||
|
ipspIpsecActVendorId
The VendorID property is used to identify vendor-defined key
exchange GroupIDs. |
OctetStringr/w Constraints: range: 0-255 |
.1.3.6.1.2.1.153.1.22.1.5 |
||||||||||||
|
ipspIpsecActGroupId
This object specifies the Diffie-Hellman group to use for
phase 2 when the object ipspIpsecActUsePfs is true and the object ipspIpsecActUseIkeGroup is false. If the GroupID number is from the vendor-specific range (327… |
IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescriptionr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIkeGroupDescription EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.6 |
||||||||||||
|
ipspIpsecActPeerGatewayIdName
This object indicates the peer id name of the peer
gateway. This object can be used to look up the peer id value, address and other values in the ipspPeerIdentityTable. This object is used when initiating a tunnel SA. … |
OctetStringr/w Constraints: range: 0-116 |
.1.3.6.1.2.1.153.1.22.1.7 |
||||||||||||
|
ipspIpsecActUseIkeGroup
This object specifies whether or not to use the same GroupId
for phase 2 as was used in phase 1. If UsePFS is false, this entry should be ignored. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.8 |
||||||||||||
|
ipspIpsecActGranularity
This object specifies how the proposed selector for the
security association will be created. The selector is created by using the FilterList information. The selector can be subnet, address, porotocol, or port. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.22.1.9 |
||||||||||||
|
ipspIpsecActMode
This object specifies the encapsulation of the IPsec SA
to be negotiated. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.22.1.10 |
||||||||||||
|
ipspIpsecActDFHandling
This object specifies the processing of DF bit by the
negotiated IPsec tunnel. 1 - DF bit is copied. 2 - DF bit is set. 3 - DF bit is cleared. |
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.22.1.11 |
||||||||||||
|
ipspIpsecActDoActionLogging
ipspIpsecActDoActionLogging specifies whether or not an audit
message should be logged when this ipsec SA is created. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.12 |
||||||||||||
|
ipspIpsecActDoPacketLogging
ipspIpsecActDoPacketLogging specifies whether or not an audit
message should be logged and if there is logging, how many bytes of the packet to place in the notification. |
IpspIPPacketLoggingr/w Textual Convention: IpspIPPacketLogging Integer32Type Constraints: range: -1..65536 |
.1.3.6.1.2.1.153.1.22.1.13 |
||||||||||||
|
ipspIpsecActLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.22.1.14 |
||||||||||||
|
ipspIpsecActStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.15 |
||||||||||||
|
ipspIpsecActRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.22.1.16 |
ipspIpsecProposalsTable
table.1.3.6.1.2.1.153.1.23
·
1 row entry
·
7 columns
This table lists one or more IPsec proposals for IPsec actions.
An entry containing (possibly a portion of) a proposal.
Indexes
ipspIpsecPropName ipspIpsecPropPriority ipspIpsecPropProtocolId
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpsecPropName
The name of this proposal.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.23.1.1 |
||||||||||||
|
ipspIpsecPropPriority
The priority level (AKA sequence level) of this proposal.
A lower number indicates a higher precedence. |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.2.1.153.1.23.1.2 |
||||||||||||
|
ipspIpsecPropProtocolId
The protocol Id for the transforms for this proposal. The
protoIsakmp(1) value is not valid for this object. This object, along with the ipspIpsecPropTransformsName, is the index into the ipspIpsecTransformsTable. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiSecProtocolId Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiSecProtocolId EnumerationType Values:
|
.1.3.6.1.2.1.153.1.23.1.3 |
||||||||||||
|
ipspIpsecPropTransformsName
The name of the transform or group of transforms for this
protocol. This object, along with the ipspIpsecPropProtocolId, is the index into the ipspIpsecTransformsTable. |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.23.1.4 |
||||||||||||
|
ipspIpsecPropLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.23.1.5 |
||||||||||||
|
ipspIpsecPropStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.23.1.6 |
||||||||||||
|
ipspIpsecPropRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This row may not be set to a… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.23.1.7 |
ipspIpsecTransformsTable
table.1.3.6.1.2.1.153.1.24
·
1 row entry
·
7 columns
This table lists the IPsec proposals contained within a given IPsec action and the transforms within each of those proposals. These proposals and transforms can then be used to create phase 2 negotiation proposals.
An entry containing the information on an IPsec transform.
Indexes
ipspIpsecTranType ipspIpsecTranName ipspIpsecTranPriority
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpsecTranType
The protocol type for this transform. The protoIsakmp(1)
value is not valid for this object. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiSecProtocolId Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiSecProtocolId EnumerationType Values:
|
.1.3.6.1.2.1.153.1.24.1.1 |
||||||||||||
|
ipspIpsecTranName
The name for this transform or group of transforms.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.24.1.2 |
||||||||||||
|
ipspIpsecTranPriority
The priority level (AKA sequence level) of the this transform
within the group of transforms. This indicates the preference for which algorithms are requested when the list of transforms are sent to the remote host. A… |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.2.1.153.1.24.1.3 |
||||||||||||
|
ipspIpsecTranTransformName
The name for the given transform. Depending on the value of
ipspIpsecTranType, this value should be used to lookup the transform's specific parameters in the ipspAhTransformTable, the ipspEspTransformTable or the ipspI… |
OctetStringr/w Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.24.1.4 |
||||||||||||
|
ipspIpsecTranLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.24.1.5 |
||||||||||||
|
ipspIpsecTranStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.24.1.6 |
||||||||||||
|
ipspIpsecTranRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. This row may not be set to a… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.24.1.7 |
ipspAhTransformTable
table.1.3.6.1.2.1.153.1.25
·
1 row entry
·
9 columns
This table lists all the AH transforms which can be used to build IPsec proposals.
This entry contains the attributes of one AH transform.
Indexes
ipspAhTranName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspAhTranName
This object contains the name of this AH transform. This row
will be referred to by an ipspIpsecTransformsEntry. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.25.1.1 |
||||||||||||
|
ipspAhTranMaxLifetimeSec
ipspAhTranMaxLifetimeSec specifies how long in seconds the
security association derived from this transform should be used. A value of 0 indicates that the default lifetime of 8 hours should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.25.1.2 |
||||||||||||
|
ipspAhTranMaxLifetimeKB
ipspAhTranMaxLifetimeKB specifies how long in kilobytes the
security association derived from this transform should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.25.1.3 |
||||||||||||
|
ipspAhTranAlgorithm
This object specifies the AH algorithm for this transform.
|
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiAuthAlgorithmr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiAuthAlgorithm EnumerationType Values:
|
.1.3.6.1.2.1.153.1.25.1.4 |
||||||||||||
|
ipspAhTranReplayProtection
ipspAhTranReplayProtection indicates whether or not anti replay
service is to be provided by this SA. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.25.1.5 |
||||||||||||
|
ipspAhTranReplayWindowSize
ipspAhTranReplayWindowSize indicates the size, in bits, of
the replay window to use if replay protection is true for this transform. The window size is assumed to be a power of two. If Replay Protection is false, this… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.25.1.6 |
||||||||||||
|
ipspAhTranLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.25.1.7 |
||||||||||||
|
ipspAhTranStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.25.1.8 |
||||||||||||
|
ipspAhTranRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.25.1.9 |
ipspEspTransformTable
table.1.3.6.1.2.1.153.1.26
·
1 row entry
·
12 columns
This table lists all the ESP transforms which can be used to build IPsec proposals
This entry contains the attributes of one ESP transform.
Indexes
ipspEspTranName
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspEspTranName
The name of this particular espTransform be referred to by an
ipspIpsecTransformsEntry. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.26.1.1 |
||||||||||||||||||||||||
|
ipspEspTranMaxLifetimeSec
ipspEspTranMaxLifetimeSec specifies how long in seconds the
security association derived from this transform should be used. A value of 0 indicates that the default lifetime of 8 hours should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.26.1.2 |
||||||||||||||||||||||||
|
ipspEspTranMaxLifetimeKB
ipspEspTranMaxLifetimeKB specifies how long in kilobytes the
security association derived from this transform should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.26.1.3 |
||||||||||||||||||||||||
|
ipspEspTranCipherTransformId
This object specifies the transform ID of the ESP cipher
algorithm. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiEspTransformr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiEspTransform EnumerationType Values:
|
.1.3.6.1.2.1.153.1.26.1.4 |
||||||||||||||||||||||||
|
ipspEspTranCipherKeyLength
This object specifies, in bits, the key length for
the ESP cipher algorithm. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.26.1.5 |
||||||||||||||||||||||||
|
ipspEspTranCipherKeyRounds
This object specifies the number of key rounds for
the ESP cipher algorithm. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.26.1.6 |
||||||||||||||||||||||||
|
ipspEspTranIntegrityAlgorithmId
This object specifies the ESP integrity algorithm ID.
|
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiAuthAlgorithmr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiAuthAlgorithm EnumerationType Values:
|
.1.3.6.1.2.1.153.1.26.1.7 |
||||||||||||||||||||||||
|
ipspEspTranReplayPrevention
ipspEspTranReplayPrevention indicates whether or not
anti-replay service is to be provided by this SA. |
SNMPv2-TCTruthValuer/w Textual Convention: SNMPv2-TCTruthValue EnumerationType Values:
|
.1.3.6.1.2.1.153.1.26.1.8 |
||||||||||||||||||||||||
|
ipspEspTranReplayWindowSize
ipspEspTranReplayWindowSize indicates the size, in bits, of
the replay window to use if replay protection is true for this transform. The window size is assumed to be a power of two. If Replay Protection is false, thi… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.26.1.9 |
||||||||||||||||||||||||
|
ipspEspTranLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.26.1.10 |
||||||||||||||||||||||||
|
ipspEspTranStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.26.1.11 |
||||||||||||||||||||||||
|
ipspEspTranRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.26.1.12 |
ipspIpcompTransformTable
table.1.3.6.1.2.1.153.1.27
·
1 row entry
·
9 columns
This table lists all the IP compression transforms which can be used to build IPsec proposals during negotiation of a phase 2 SA.
This entry contains the attributes of one IP compression
transform.
transform.
Indexes
ipspIpcompTranName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIpcompTranName
The name of this ipspIpcompTransformEntry.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.27.1.1 |
||||||||||||
|
ipspIpcompTranMaxLifetimeSec
ipspIpcompTranMaxLifetimeSec specifies how long in seconds
the security association derived from this transform should be used. A value of 0 indicates that the default lifetime of 8 hours should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.27.1.2 |
||||||||||||
|
ipspIpcompTranMaxLifetimeKB
ipspIpcompTranMaxLifetimeKB specifies how long in kilobytes
the security association derived from this transform should be used. |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.27.1.3 |
||||||||||||
|
ipspIpcompTranAlgorithm
ipspIpcompTranAlgorithm specifies the transform ID of the IP
compression algorithm. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIpcompTransformr/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIpcompTransform EnumerationType Values:
|
.1.3.6.1.2.1.153.1.27.1.4 |
||||||||||||
|
ipspIpcompTranDictionarySize
If the algorithm in ipspIpcompTranAlgorithm requires a
dictionary size configuration parameter, then this is the place to put it. This object specifies the log2 maximum size of the dictionary for the compression algori… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.27.1.5 |
||||||||||||
|
ipspIpcompTranPrivateAlgorithm
If ipspIpcompTranPrivateAlgorithm has a value other zero,
then it is up to the vendors implementation to determine the meaning of this field and substitute a data compression algorithm in place of ipspIpcompTranAlgorith… |
SNMPv2-SMIUnsigned32r/w Textual Convention: SNMPv2-SMIUnsigned32 Unsigned32Type Constraints: range: 0..4294967295 |
.1.3.6.1.2.1.153.1.27.1.6 |
||||||||||||
|
ipspIpcompTranLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.27.1.7 |
||||||||||||
|
ipspIpcompTranStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.27.1.8 |
||||||||||||
|
ipspIpcompTranRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.27.1.9 |
ipspIkeIdentityTable
table.1.3.6.1.2.1.153.1.28
·
1 row entry
·
4 columns
IKEIdentity is used to represent the identities that may be used for an IPProtocolEndpoint (or collection of IPProtocolEndpoints) to identify itself in IKE phase 1 negotiations. The column ikeIdentityName in an ipspIkeActionEntry together with the ipspEndGroupIdentType and the ipspEndGroupAddress in the PolicyEndpointToGroupTable specifies the unique identity to use in a negotiation exchange.
ikeIdentity lists the attributes of an IKE identity.
Indexes
ipspEndGroupIdentType ipspEndGroupAddress ipspIkeActIdentityType ipspIkeActIdentityContext
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIkeIdCredentialName
This value is used as an index into the ipspCredentialTable to
look up the actual credential value and other credential information. For ID's without associated credential information, this value is left … |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.28.1.1 |
||||||||||||
|
ipspIkeIdLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.28.1.2 |
||||||||||||
|
ipspIkeIdStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.28.1.3 |
||||||||||||
|
ipspIkeIdRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.28.1.4 |
ipspPeerIdentityTable
table.1.3.6.1.2.1.153.1.29
·
1 row entry
·
10 columns
PeerIdentity is used to represent the identities that may be used for peers to identify themselves in IKE phase I/II negotiations. PeerIdentityTable aggregates the table entries that provide mappings between identities and their addresses.
peerIdentity matches a peer's identity to its address.
Indexes
ipspPeerIdName ipspPeerIdPriority
| Column | Syntax | OID | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspPeerIdName
This is an administratively assigned value that, together
with ipspPeerIdPriority, uniquely identifies an entry in this table. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.29.1.1 |
||||||||||||||||||||||||
|
ipspPeerIdPriority
This object, along with ipspPeerIdName, uniquely identifies an
entry in this table. The priority also indicates the order of peer gateways to initiate or accept SAs from (i.e. try until success). |
Integer32 Constraints: range: 0-2147483647 |
.1.3.6.1.2.1.153.1.29.1.2 |
||||||||||||||||||||||||
|
ipspPeerIdType
ipspPeerIdType is an enumeration identifying the type of the
Identity value. |
IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentTyper/w Textual Convention: IPSEC-ISAKMP-IKE-DOI-TCIpsecDoiIdentType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.29.1.3 |
||||||||||||||||||||||||
|
ipspPeerIdValue
ipspPeerIdValue contains an Identity filter to be used to match
against the identity payload in an IKE request. If this value matches the value in the identity payload, the credential for the peer can be found using the… |
IpspIdentityFilterr/w Textual Convention: IpspIdentityFilter OctetStringType Constraints: range: 1..256 |
.1.3.6.1.2.1.153.1.29.1.4 |
||||||||||||||||||||||||
|
ipspPeerIdAddressType
The property ipspPeerIdAddressType specifies the format of the
ipspPeerIdAddress property value. |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.29.1.5 |
||||||||||||||||||||||||
|
ipspPeerIdAddress
The property PeerAddress specifies the IP address of the
peer. The format is specified by the ipspPeerIdAddressType. Values of unknown, ipv4z, ipv6z and dns are not legal values for this object. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.29.1.6 |
||||||||||||||||||||||||
|
ipspPeerIdCredentialName
This value is used as an index into the ipspCredentialTable to
look up the actual credential value and other credential information. For peer IDs that have no associated credential information, this value is left blank. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.29.1.7 |
||||||||||||||||||||||||
|
ipspPeerIdLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.29.1.8 |
||||||||||||||||||||||||
|
ipspPeerIdStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.29.1.9 |
||||||||||||||||||||||||
|
ipspPeerIdRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.29.1.10 |
ipspAutostartIkeTable
table.1.3.6.1.2.1.153.1.30
·
1 row entry
·
11 columns
The parameters in the autostart IKE Table are used to automatically initiate IKE phaes I and II (i.e. IPsec) negotiations on startup. It also will initiate IKE phase I and II negotiations for a row at the time of that row's creation
autostart ike provides the set of parameters to automatically
start IKE and IPsec SA's.
start IKE and IPsec SA's.
Indexes
ipspAutoIkePriority
| Column | Syntax | OID | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspAutoIkePriority
ipspAutoIkePriority is an index into the autostartIkeAction
table and can be used to order the autostart IKE actions. |
Integer32 Constraints: range: 0-65535 |
.1.3.6.1.2.1.153.1.30.1.1 |
||||||||||||||
|
ipspAutoIkeAction
This pointer is used to point to the action or compound
action that should be initiated by this row. |
SNMPv2-TCVariablePointerr/w Textual Convention: SNMPv2-TCVariablePointer ObjectIdentifier |
.1.3.6.1.2.1.153.1.30.1.2 |
||||||||||||||
|
ipspAutoIkeAddressType
The property ipspAutoIkeAddressType specifies the format of the
autoIke source and destination Address values. Values of unknown, ipv4z, ipv6z and dns are not legal values for this object. |
INET-ADDRESS-MIBInetAddressTyper/w Textual Convention: INET-ADDRESS-MIBInetAddressType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.30.1.3 |
||||||||||||||
|
ipspAutoIkeSourceAddress
The property autoIkeSourecAddress specifies Source IP address
for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipspAutoIkeAddressType property. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.30.1.4 |
||||||||||||||
|
ipspAutoIkeSourcePort
The property ipspAutoIkeSourcePort specifies the port number
for the source port for auotstarting IKE SA's. The value of 0 for this object is illegal. |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.30.1.5 |
||||||||||||||
|
ipspAutoIkeDestAddress
The property ipspAutoIkeDestAddress specifies the Destination
IP address for autostarting IKE SA's, formatted according to the appropriate convention as defined in the ipspAutoIkeAddressType property. |
INET-ADDRESS-MIBInetAddressr/w Textual Convention: INET-ADDRESS-MIBInetAddress OctetStringType Constraints: range: 0..255 |
.1.3.6.1.2.1.153.1.30.1.6 |
||||||||||||||
|
ipspAutoIkeDestPort
The property ipspAutoIkeDestPort specifies the port number for
the destination port for auotstarting IKE SA's. The value of 0 for this object is illegal. |
INET-ADDRESS-MIBInetPortNumberr/w Textual Convention: INET-ADDRESS-MIBInetPortNumber Unsigned32Type Constraints: range: 0..65535 |
.1.3.6.1.2.1.153.1.30.1.7 |
||||||||||||||
|
ipspAutoIkeProtocol
The property Protocol specifies the protocol number used in
comparing with policy filter entries and used in any phase 2 negotiations. |
Unsigned32r/w Constraints: range: 0-255 |
.1.3.6.1.2.1.153.1.30.1.8 |
||||||||||||||
|
ipspAutoIkeLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.30.1.9 |
||||||||||||||
|
ipspAutoIkeStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.30.1.10 |
||||||||||||||
|
ipspAutoIkeRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.30.1.11 |
.1.3.6.1.2.1.153.1.31
·
1 row entry
·
8 columns
A table of Credential Management Service values. This table is usually used for credential/certificate values that are used with a management service (e.g. Certificate Authorities).
A row in the ipspIpsecCredMngServiceTable.
Indexes
ipspIcmsName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspIcmsName
This is an administratively assigned string used to index
this table. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.31.1.1 |
||||||||||||
|
ipspIcmsDistinguishedName
This value represents the Distinguished Name of the
Credential Management Service. |
OctetStringr/w Constraints: range: 1-256 |
.1.3.6.1.2.1.153.1.31.1.2 |
||||||||||||
|
ipspIcmsPolicyStatement
This Value represents the Credential Management Service
Policy Statement, or a reference describing how to obtain it (e.g., a URL). If one doesn't exist, this value can be left blank |
OctetStringr/w Constraints: range: 0-1024 |
.1.3.6.1.2.1.153.1.31.1.3 |
||||||||||||
|
ipspIcmsMaxChainLength
This value is the maximum length of the chain allowble from
the Credential Management Service to the credential in question. |
Integer32r/w Constraints: range: 0-255 |
.1.3.6.1.2.1.153.1.31.1.4 |
||||||||||||
|
ipspIcmsCredentialName
This value is used as an index into the ipspCredentialTable
to look up the actual credential value. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.31.1.5 |
||||||||||||
|
ipspIcmsLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.31.1.6 |
||||||||||||
|
ipspIcmsStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.31.1.7 |
||||||||||||
|
ipspIcmsRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.31.1.8 |
ipspCredMngCRLTable
table.1.3.6.1.2.1.153.1.32
·
1 row entry
·
7 columns
A table of the Credential Revocation Lists (CRL) for credential managment services.
A row in the ipspCredMngCRLTable.
Indexes
ipspIcmsName ipspCmcCRLName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCmcCRLName
This is an administratively assigned string used to index
this table. It represents a CRL for a given CA from a given distribution point. |
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.32.1.1 |
||||||||||||
|
ipspCmcDistributionPoint
This Value represents a Distribution Point for a Credential
Revocation List. It can be relative to the Credential Management Service or a full name (URL, e-mail, etc...). |
OctetStringr/w Constraints: range: 0-256 |
.1.3.6.1.2.1.153.1.32.1.2 |
||||||||||||
|
ipspCmcThisUpdate
This value is the issue date of this CRL. This
should be in utctime or generalizedtime. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.32.1.3 |
||||||||||||
|
ipspCmcNextUpdate
This value indicates the date the next version of this CRL
will be issued. This should be in utctime or generalizedtime. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.32.1.4 |
||||||||||||
|
ipspCmcLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.32.1.5 |
||||||||||||
|
ipspCmcStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.32.1.6 |
||||||||||||
|
ipspCmcRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.32.1.7 |
.1.3.6.1.2.1.153.1.33
·
1 row entry
·
6 columns
A table of Credentials revoked by credential managment services. That is, this table is a table of Certificates that are on CRL's, Credential Revocation Lists.
A row in the ipspRevokedCertificateTable.
Indexes
ipspCmcCRLName ipspRctCertSerialNumber
| Column | Syntax | OID | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspRctCertSerialNumber
This value is the serial number of the revoked certificate.
|
Unsigned32 Constraints: range: 0-4294967295 |
.1.3.6.1.2.1.153.1.33.1.1 |
||||||||||||||||||
|
ipspRctRevokedDate
This value is the revocation date of the certificate. This
should be in utctime or generaltime. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.33.1.2 |
||||||||||||||||||
|
ipspRctRevokedReason
This value is the reason this certificate was revoked.
|
Enumerationr/w Enumerated Values:
|
.1.3.6.1.2.1.153.1.33.1.3 |
||||||||||||||||||
|
ipspRctLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.33.1.4 |
||||||||||||||||||
|
ipspRctStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.33.1.5 |
||||||||||||||||||
|
ipspRctRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.33.1.6 |
ipspCredentialTable
table.1.3.6.1.2.1.153.1.34
·
1 row entry
·
10 columns
A table of credential values. Example of Credentials are shared secrets, certificates or kerberos tickets.
A row in the ipspCredentialTable.
Indexes
ipspCredName
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCredName
This object represents the name for an entry in this table.
|
OctetString Constraints: range: 1-32 |
.1.3.6.1.2.1.153.1.34.1.1 |
||||||||||||
|
ipspCredType
This object represents the type of the credential for this
row. |
IpspCredentialTyper/w Textual Convention: IpspCredentialType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.34.1.2 |
||||||||||||
|
ipspCredCredential
This object represents the credential value.
If the size of the credential is greater than 1024, the credential must be configured via the ipspCredSegmentTable. For credential type where th… |
OctetStringr/w Constraints: range: 0-1024 |
.1.3.6.1.2.1.153.1.34.1.3 |
||||||||||||
|
ipspCredSize
This value represents the size of the credential.
If this value is greater than 1024, the ipspCreCredential column will return an empty (0 length) string. In this case, the value of the credential must be… |
SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.1.3.6.1.2.1.153.1.34.1.4 |
||||||||||||
|
ipspCredMngName
This value is used as an index into the
ipspIpsecCredMngServiceTable. For IDs that have no credential management service, this value is left blank. |
OctetStringr/w Constraints: range: 0-32 |
.1.3.6.1.2.1.153.1.34.1.5 |
||||||||||||
|
ipspCredRemoteID
This object represents the Identification (e.g. user name) of
the user of the key information on the remote site. If there is no ID associated with this credential, the value of this object should be the null string. |
OctetStringr/w Constraints: range: 0-256 |
.1.3.6.1.2.1.153.1.34.1.6 |
||||||||||||
|
ipspCredAdminStatus
Indicates whether this credential should be considered active.
Rows with a disabled status must not be used for any purpose, including IKE or IPSEC processing. For credentials whose size does not execeed … |
IpspAdminStatusr/w Textual Convention: IpspAdminStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.34.1.7 |
||||||||||||
|
ipspCredLastChanged
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external means. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.34.1.8 |
||||||||||||
|
ipspCredStorageType
The storage type for this row. Rows in this table which were
created through an external process may have a storage type of readOnly or permanent. |
SNMPv2-TCStorageTyper/w Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.34.1.9 |
||||||||||||
|
ipspCredRowStatus
This object indicates the conceptual status of this row.
The value of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object must … |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.34.1.10 |
.1.3.6.1.2.1.153.1.35
·
1 row entry
·
5 columns
A table of credential segments. This table is used for credentials which are larger than the maximum size allowed for ipspCredCredential.
A row in the ipspCredentialSegmentTable.
Indexes
ipspCredName ipspCredSegIndex
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ipspCredSegIndex
This object represents the segment number for this segment.
By default, each segment will be 1024 octets. However, when this table is accessed using a context of 'ipsp4096', 'ipsp8192' or 'ipsp16384' a se… |
Integer32 Constraints: range: 1-65535 |
.1.3.6.1.2.1.153.1.35.1.1 |
||||||||||||
|
ipspCredSegValue
This object represents one segment of the credential.
By default, each complete segment will be 1024 octets. (The last row for a given credential might be smaller, if the credential size is not a multipl… |
OctetStringr/w | .1.3.6.1.2.1.153.1.35.1.2 |
||||||||||||
|
ipspCredSegLastChanged
The value of sysUpTime when this credential was last modified
or created either through SNMP SETs or by some other external means. Note that the last changed type will be the same for all segemnts of the credential. |
SNMPv2-TCTimeStamp Textual Convention: SNMPv2-TCTimeStamp Unsigned32 |
.1.3.6.1.2.1.153.1.35.1.3 |
||||||||||||
|
ipspCredSegStorageType
The storage type for this row. This object is read-only. Rows
in this table have the same value as the ipspCredStorageType for the corresponding row in the ipspCredentialTable. |
SNMPv2-TCStorageType Textual Convention: SNMPv2-TCStorageType EnumerationType Values:
|
.1.3.6.1.2.1.153.1.35.1.4 |
||||||||||||
|
ipspCredSegRowStatus
This object indicates the conceptual status of this row.
The segment of this object has no effect on whether other objects in this conceptual row can be modified. If active, this object mus… |
SNMPv2-TCRowStatusr/w Textual Convention: SNMPv2-TCRowStatus EnumerationType Values:
|
.1.3.6.1.2.1.153.1.35.1.5 |