CISCO-ENHANCED-IPSEC-FLOW-MIB

CISCO-ENHANCED-IPSEC-FLOW-MIB Download

MIBs list

This is a MIB Module for monitoring the structures and status of IPSec-based networks. The MIB has been designed to be adopted as an IETF standard. Hence vendor-specific features of IPSec protocol are excluded from this MIB.

IPHost Network Monitor offer an easy way of SNMP monitoring your Cisco Servers, Routers, Switches, Bridges, Firewalls, Repeaters.

OID list for CISCO-ENHANCED-IPSEC-FLOW-MIB

ceipSecGlobalActiveTunnels
The total number of currently active IPsec Phase-2 Tunnels.
ceipSecGlobalPreviousTunnels
The total number of previously active IPsec Phase-2 Tunnels.
ceipSecGlobalInOctets
A high capacity count of the total number of octets received by all current and previous IPsec Phase-2 Tunnels. This value is accumulated BEFORE determining whether or not the packet should be decompressed.
ceipSecGlobalInDecompOctets
A high capacity count of the total number of decompressed octets received by all current and previous IPsec Phase-2 Tunnels. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ...
ceipSecGlobalInPkts
The total number of packets received by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalInDrops
The total number of packets dropped during receive processing by all current and previous IPsec Phase-2 Tunnels. This count does NOT include packets dropped due to Anti-Replay processing.
ceipSecGlobalInReplayDrops
The total number of packets dropped during receive processing due to Anti-Replay processing by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalInAuths
The total number of inbound authentication's performed by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalInAuthFails
The total number of inbound authentication's which ended in failure by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalInDecrypts
The total number of inbound decryption's performed by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalInDecryptFails
The total number of inbound decryption's which ended in failure by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalOutOctets
A high capacity count of the total number of octets sent by all current and previous IPsec Phase-2 Tunnels. This value is accumulated AFTER determining whether or not the packet should be compressed.
ceipSecGlobalOutUncompOctets
A high capacity count of the total number of uncompressed octets sent by all current and previous IPsec Phase-2 Tunnels. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ceip ...
ceipSecGlobalOutPkts
The total number of packets sent by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalOutDrops
The total number of packets dropped during send processing by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalOutAuths
The total number of outbound authentication's performed by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalOutAuthFails
The total number of outbound authentication's which ended in failure by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalOutEncrypts
The total number of outbound encryption's performed by all current and previous IPsec Phase-2 Tunnels.
ceipSecCertSubjectName
This object provides the subject name from the X.509 certificate, or the alternate subject name if it is available. The subject name is formatted as a character string matching the output of a ssh-certview command-line application, except that the applica ...
ceipSecCertSerialNumber
This object provides the serial number from the X.509 certificate. The serial number is formatted as a character string matching the output of a ssh-certview command-line application. The issuer name and the serial number identify a unique certificate. Ex ...
ceipSecCertIssuerName
This object provides the issuer name from the X.509 certificate. The issuer name is formatted as a character string matching the output of a ssh-certview command-line application, except that the application sending the notification may limit the string l ...
ceipSecCertExpiryTime
This object provides the validity notAfter time from the X.509 certificate. The notAfter time is the time after which the certificate is not valid. The time is formatted as a character string matching the output of a ssh-certview command-line application. ...
ceipSecCertRenewalStatus
This object provides the renewal status of the X.509 certificate on the application sending the notification. renewalNotNeeded(1) = certificate is OK and does not need to be renewed renewalRequestNeeded(2) = certificate renewal request is needed renew ...
ceipSecCertExpiryStatus
This object provides the expiration status of the X.509 certificate on the application sending the notification. The notification is sent when the value of this object is changed from certOK(1) to certGoingExpired(2). certOK(1) = certificate is ...
ceipSecGlobalOutEncryptFails
The total number of outbound encryption's which ended in failure by all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalProtocolUseFails
The total number of protocol use failures which occurred during processing of all current and previously active IPsec Phase-2 Tunnels.
ceipSecGlobalNoSaFails
The total number of non-existent Security Association in failures which occurred during processing of all current and previous IPsec Phase-2 Tunnels.
ceipSecGlobalSysCapFails
The total number of system capacity failures which occurred during processing of all current and previously active IPsec Phase-2 Tunnels.
ceipSecGlobalOutCompressedPkts
The cumulative number of outbound packets across all IPsec flows terminating at this device which were successfully compressed.
ceipSecGlobalOutCompSkippedPkts
The total number of outbound packets across all IPsec flows terminating at this devices that were to be compressed but which were skipped due to the compression hysteresis.
ceipSecGlobalOutCompFailPkts
The total number of outbound packets across all IPsec flows terminating at this device that failed compression because they grew in size after compression.
ceipSecGlobalOutCompTooSmallPkts
The total number of outbound packets across all IPsec flows terminating at this device that were to be compressed but were smaller than the compression threshold size. This number is cumulative since the last system start.
ceipSecTunnelTable
The IPsec Phase-2 Tunnel Table. There is one entry in this table for each active IPsec Phase-2 Tunnel.
ceipSecTunnelEntry
Each entry contains the attributes associated with an active IPsec Phase-2 Tunnel.
ceipSecTunIndex
The index of the IPsec Phase-2 Tunnel Table. The value of the index is a number which begins at 1 and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647. Since this object must correspond to a valid Phase- ...
ceipSecTunLocalAddressType
The type of the IP address of the local endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunLocalAddress
The IP address of the local endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunRemoteAddressType
The type of the IP address of the remote endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunRemoteAddress
The IP address of the remote endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunControlProtocol
Identifies the protocol used to setup and administer this Phase-2 IPsec tunnel. In case this tunnel was spawned by an IPsec signaling protocol, this MIB object contains the value of the object 'cisgIpsSgProtocol' defined in CISCO-IPSEC-SIGNALING-MIB in th ...
ceipSecTunControlTunnelIndex
The index of the associated IPsec Phase-1 Tunnel. In case this tunnel was spawned by an IPsec signaling protocol, this MIB object contains the value of the object 'cisgIpsSgTunIndex' defined in CISCO-IPSEC-SIGNALING-MIB in the table 'cisgIpsSgTunnelTable' ...
ceipSecTunControlTunnelAlive
An indicator which specifies whether or not the IPsec Phase-1 Tunnel that spawned this Phase-2 tunnel currently exists.
ceipSecTunEncapMode
The encapsulation mode used by the IPsec Phase-2 Tunnel.
ceipSecTunNATTraversalMode
The encapsulation used by the IPsec Phase-2 tunnel for NAT traversal. The value of this object is constrained based on the value of the column 'ceipSecTunEncapMode'. If the value of 'ceipSecTunEncapMode' is 'encapTransport', then this object may not assum ...
ceipSecTunLifeSize
The negotiated LifeSize of the IPsec Phase-2 Tunnel in kilobytes.
ceipSecTunLifeTime
The negotiated LifeTime of the IPsec Phase-2 Tunnel in seconds. If the tunnel was setup manually, the value of this MIB element should be 0.
ceipSecTunActiveTime
The length of time the IPsec Phase-2 Tunnel has been active in hundredths of seconds.
ceipSecTunSaLifeSizeThreshold
The security association LifeSize refresh threshold in kilobytes. If the tunnel was setup manually, the value of this MIB element should be 0.
ceipSecTunSaLifeTimeThreshold
The security association LifeTime refresh threshold in seconds. If the tunnel was setup manually, the value of this MIB element should be 0.
ceipSecTunTotalRefreshes
The total number of security association refreshes performed.
ceipSecTunExpiredSaInstances
The total number of security associations which have expired. If the tunnel was setup manually, the value of this MIB element should be 0.
ceipSecTunCurrentSaInstances
The number of security associations which are currently active or expiring.
ceipSecTunInSaDHGrp
The Diffie Hellman Group used by the inbound security association of the IPsec Phase-2 Tunnel. If the tunnel was setup manually, the value of this MIB element would be `none'.
ceipSecTunInSaEncryptAlgo
The encryption algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunInSaEncryptKeySize
The key size in bits of the negotiated key to be used with the algorithm denoted by 'ceipSecTunInSaEncryptAlgo'. For DES and 3DES the key size is respectively 56 and 168. For AES, this will denote the negotiated key size.
ceipSecTunInSaAhAuthAlgo
The authentication algorithm used by the inbound authentication header (AH) security association of the IPsec Phase-2 Tunnel.
ceipSecTunInSaEspAuthAlgo
The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the IPsec Phase-2 Tunnel.
ceipSecTunInSaDecompAlgo
The decompression algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunOutSaDHGrp
The Diffie Hellman Group used by the outbound security association of the IPsec Phase-2 Tunnel. If the tunnel was setup manually, the value of this MIB element would be 'none'.
ceipSecTunOutSaEncryptAlgo
The encryption algorithm used by the outbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunOutSaEncryptKeySize
The key size in bits of the negotiated key to be used with the algorithm denoted by 'ceipSecTunOutSaEncryptAlgo'. For DES and 3DES the key size is respectively 56 and 168. For AES, this will denote the negotiated key size.
ceipSecTunOutSaAhAuthAlgo
The authentication algorithm used by the outbound authentication header (AH) security association of the IPsec Phase-2 Tunnel.
ceipSecTunOutSaEspAuthAlgo
The authentication algorithm used by the inbound encapsulation security protocol (ESP) security association of the IPsec Phase-2 Tunnel.
ceipSecTunOutSaCompAlgo
The compression algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunPmtu
The Path MTU for this IPsec Phase-2 tunnel, which has been either learnt from the network or which has been specified by the administrator. The lower end of the range is 68 which is the minimum MTU for IPv4.
ceipSecTunInOctets
A high capacity count of the total number of octets received by this IPsec Phase-2 Tunnel. This value is accumulated BEFORE determining whether or not the packet should be decompressed.
ceipSecTunInDecompOctets
A high capacity count of the total number of decompressed octets received by this IPsec Phase-2 Tunnel. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ceipSecTunInOctets.
ceipSecTunInPkts
The total number of packets received by this IPsec Phase-2 Tunnel.
ceipSecTunInDropPkts
The total number of packets dropped during receive processing by this IPsec Phase-2 Tunnel. This count does NOT include packets dropped due to Anti-Replay processing.
ceipSecTunInReplayDropPkts
The total number of packets dropped during receive processing due to Anti-Replay processing by this IPsec Phase-2 Tunnel.
ceipSecTunInAuths
The total number of inbound authentication's performed by this IPsec Phase-2 Tunnel.
ceipSecTunInAuthFails
The total number of inbound authentication's which ended in failure by this IPsec Phase-2 Tunnel .
ceipSecTunInDecrypts
The total number of inbound decryption's performed by this IPsec Phase-2 Tunnel.
ceipSecTunInDecryptFails
The total number of inbound decryption's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunOutOctets
A high capacity count of the total number of octets sent by this IPsec Phase-2 Tunnel. This value is accumulated AFTER determining whether or not the packet should be compressed.
ceipSecTunOutUncompOctets
A high capacity count of the total number of uncompressed octets sent by this IPsec Phase-2 Tunnel. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ceipSecTunOutOctets.
ceipSecTunOutPkts
The total number of packets sent by this IPsec Phase-2 Tunnel.
ceipSecTunOutDropPkts
The total number of packets dropped during send processing by this IPsec Phase-2 Tunnel.
ceipSecTunOutAuths
The total number of outbound authentication's performed by this IPsec Phase-2 Tunnel.
ceipSecTunOutAuthFails
The total number of outbound authentication's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunOutEncrypts
The total number of outbound encryption's performed by this IPsec Phase-2 Tunnel.
ceipSecTunOutEncryptFails
The total number of outbound encryption's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunOutCompressedPkts
The total number of outbound packets which were successfully compressed.
ceipSecTunOutCompSkippedPkts
The total number of outbound packets that were to be compressed but which were skipped due to the compression hysteresis.
ceipSecTunOutCompFailPkts
The total number of outbound packets that failed compression because they grew in size after compression.
ceipSecTunOutCompTooSmallPkts
The total number of outbound packets that were to be compressed but were smaller than the compression threshold size.
ceipSecIfIndex
This object represents the ifIndex of an interface where this tunnel is created. Multiple IPsec tunnels can be created using the same interface.
ceipSecTunStatus
The status of the MIB table row. This object can be used to bring the tunnel down or force a rekeying. When the value is set to destroy(5), the SA bundle is destroyed and this row is deleted from this table. When the value is set to rekey(6), then rekeyi ...
ceipSecEndPtTable
The IPsec Phase-2 Tunnel Endpoint Table. This table contains an entry for each active endpoint associated with an IPsec Phase-2 Tunnel.
ceipSecEndPtEntry
An IPsec Phase-2 Tunnel Endpoint entry.
ceipSecEndPtIndex
The number of the Endpoint associated with the IPsec Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each Endpoint associated with an IPsec Phase-2 Tunnel. The value of this object will wrap at 4,294, ...
ceipSecEndPtLocalName
The DNS name of the local Endpoint.
ceipSecEndPtLocalType
The type of identity for the local Endpoint.
ceipSecEndPtLocalAddrType1
The type of the IP address for this local Endpoint's first IP address.
ceipSecEndPtLocalAddr1
The local Endpoint's first IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet. If the local Endpoint type is IP ...
ceipSecEndPtLocalAddrType2
The type of the IP address for this local Endpoint's second IP address.
ceipSecEndPtLocalAddr2
The local Endpoint's second IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet mask. If the local Endpoint type ...
ceipSecEndPtLocalProtocol
The protocol number of the local Endpoint's traffic.
ceipSecEndPtLocalPort
The port number of the local Endpoint's traffic.
ceipSecEndPtRemoteName
The DNS name of the remote Endpoint.
ceipSecEndPtRemoteType
The type of identity for the remote Endpoint.
ceipSecEndPtRemoteAddrType1
The type of the IP address for this remote Endpoint's first IP address.
ceipSecEndPtRemoteAddr1
The remote Endpoint's first IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet. If the remote Endpoint type i ...
ceipSecEndPtRemoteAddrType2
The type of the IP address for this remote Endpoint's second IP address.
ceipSecEndPtRemoteAddr2
The remote Endpoint's second IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet mask. If the remote Endpoint ...
ceipSecEndPtRemoteProtocol
The protocol number of the remote Endpoint's traffic.
ceipSecEndPtRemotePort
The port number of the remote Endpoint's traffic.
ceipSecSaTable
The IPsec Phase-2 Security Association Table. This table identifies the structure (in terms of component SAs) of each active Phase-2 IPsec tunnel. This table contains an entry for each active and expiring security association and maps each entry in the ac ...
ceipSecSaEntry
Each entry contains the attributes associated with active and expiring IPsec Phase-2 security associations.
ceipSecSaProtocol
This column represents the security protocol (AH, ESP or IPComp) for which this security association was setup.
ceipSecSaIndex
The object, in the context of the IPsec tunnel 'ceipSecTunIndex', is an index of security associations comprising the Phase-2 IPsec tunnel represented by the tunnel index 'ceipSecTunIndex'. The value of this index is a number which begins at 1 and is incr ...
ceipSecSaDirection
Phase-2 IPsec security associations are simplex. Hence a particular security association is used either for securing outgoing traffic or decoding incoming traffic. This column identifies the direction of the security association represented by this entry.
ceipSecSaValue
This is the value of the Security Protection Index (SPI) assigned by the system to the security association represented by this entry.
ceipSecSaStatus
This column represents the status of the security association represented by this conceptual row. If the status of the SA is 'active', the SA is ready for active use. The status 'expiring' represents any of the various states that the security association ...
ceipSecTunnelSaTable
The IPsec Phase-2 Tunnel Security Association Table. This table identifies the SAs that are currently associated with an active Phase-2 tunnel. This table contains an entry for each active or expiring security association (SA) which is associated with an ...
ceipSecTunnelSaEntry
Each entry contains the attributes and statistics associated with an active or expiring IPsec Phase-2 security associations.
ceipSecTunSaProtocol
This column represents the security protocol (AH, ESP or IPComp) for which this security association was setup.
ceipSecTunSaIndex
The object, in the context of the IPsec tunnel 'ceipSecTunIndex', is an index of security associations comprising the Phase-2 IPsec tunnel represented by the tunnel index 'ceipSecTunIndex'. The value of this index is a number which begins at 1 and is incr ...
ceipSecTunSaDirection
Phase-2 IPsec security associations are simplex. Hence a particular security association is used either for securing outgoing traffic or decoding incoming traffic. This column identifies the direction of the security association represented by this entry.
ceipSecTunSaValue
This is the value of the Security Protection Index (SPI) assigned by the system to the security association represented by this entry.
ceipSecTunSaIfIndex
This object represents the ifIndex of an interface where a tunnel with ceipSecTunIndex is created. Multiple IPsec tunnels can be created using the same interface.
ceipSecTunSaInOctets
A high capacity count of the total number of octets received by using this SA. This value is accumulated BEFORE determining whether or not the packet should be decompressed.
ceipSecTunSaInDecompOctets
A high capacity count of the total number of decompressed octets received by using this SA. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ceipSecTunSaTunInOctets.
ceipSecTunSaInPkts
The total number of packets received by using this SA.
ceipSecTunSaInDropPkts
The total number of packets dropped during receive process by using this SA. This count does NOT include packets dropped due to Anti-Replay processing.
ceipSecTunSaInReplayDropPkts
The total number of packets dropped during receive processing due to Anti-Replay processing by using this SA.
ceipSecTunSaInAuths
The total number of inbound authentication's performed by using this SA.
ceipSecTunSaInAuthFails
The total number of inbound authentication's which ended in failure by using this SA.
ceipSecTunSaInDecrypts
The total number of inbound decryption's performed by this SA.
ceipSecTunSaInDecryptFails
The total number of inbound decryption's which ended in failure by using this SA.
ceipSecTunSaOutOctets
A high capacity count of the total number of octets sent by using this SA. This value is accumulated AFTER determining whether or not the packet should be compressed.
ceipSecTunSaOutUncompOctets
A high capacity count of the total number of uncompressed octets sent by using this SA. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of ceipSecTunSaTunOutOctets.
ceipSecTunSaOutPkts
The total number of packets sent by using this SA.
ceipSecTunSaOutDropPkts
The total number of packets dropped during send processing by using this SA.
ceipSecTunSaOutAuths
The total number of outbound authentication's performed by using this SA.
ceipSecTunSaOutAuthFails
The total number of outbound authentication's which ended in failure by using this SA.
ceipSecTunSaOutEncrypts
The total number of outbound encryption's performed by using this SA.
ceipSecTunSaOutEncryptFails
The total number of outbound encryption's which ended in failure by using this SA.
ceipSecTunSaOutCompressedPkts
The total number of outbound packets which were successfully compressed by using this SA.
ceipSecTunSaOutCompSkippedPkts
The total number of outbound packets that were to be compressed but which were skipped due to the compression hysteresis when using this SA.
ceipSecTunSaOutCompFailPkts
The total number of outbound packets that failed compression because they grew in size after compression when using this SA.
ceipSecTunSaOutCompTooSmallPkts
The total number of outbound packets that were to be compressed but were smaller than the compression threshold size when using this SA.
ceipSecTunSaStatus
This column represents the status of the security association represented by this conceptual row. If the status of the SA is 'active', the SA is ready for active use. The status 'expiring' represents any of the various states that the security association ...
ceipSecIfTunnelTable
The IPsec Phase-2 Tunnels to Interface association table. This table contains an entry for each active IPsec Phase-2 Tunnel created under an interface. Multiple IPsec Phase-2 Tunnels can be created using the same interface.
ceipSecIfTunnelEntry
Each entry contains the IPsec Phase-2 Tunnel associated with an interface.
ceipSecIfTunnelStatus
This object corresponds to the status of a IPsec Phase-2 Tunnel in ceipSecTunnelTable indexed by ceipSecTunIndex. The valid status this object can have are 'active' and 'awaitCommit'.
ceipSecHistTableSize
The window size of the IPsec Phase-2 History Tables. The IPsec Phase-2 History Tables are implemented as a sliding window in which only the last 'N' entries are maintained. This object is used specify the number of entries which will be maintained in the ...
ceipSecTunnelHistTable
The IPsec Phase-2 Tunnel History Table. This table is conceptually a sliding window in which only the last 'N' entries are maintained, where 'N' is the value of the object 'ceipSecHistTableSize'. If the value of 'ceipSecHistTableSize' is 0, archiving of e ...
ceipSecTunnelHistEntry
Each entry contains the attributes associated with a previously active IPsec Phase-2 Tunnel.
ceipSecTunHistIndex
The index of the IPsec Phase-2 Tunnel History Table. The value of the index is a number which begins at one and is incremented with each tunnel that ends. The value of this object will wrap at 4,294,967,295.
ceipSecTunHistTermReason
The reason the IPsec Phase-2 Tunnel was terminated. Possible reasons include: 1 = other 2 = normal termination 3 = operator request 4 = peer delete request was received 5 = contact with peer was lost 6 = applicationInitiated (eg: L2TP requesting the termi ...
ceipSecTunHistActiveIndex
The index of the previously active IPsec Phase-2 Tunnel. This object must correspond to an expired IPsec tunnel; hence this object may not assume the value of 0.
ceipSecTunHistLocalAddressType
The type of the IP address of the local endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunHistLocalAddress
The IP address of the local endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunHistRemoteAddressType
The type of the IP address of the remote endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunHistRemoteAddress
The IP address of the remote endpoint for the IPsec Phase-2 Tunnel.
ceipSecTunHistControlProtocol
Identifies the protocol that was used to setup and administer Phase-2 IPsec tunnel.
ceipSecTunHistControlTunnelIndex
The index of the IPsec Phase-1 Tunnel that spawned this Phase-2 tunnel (in case of IKE, this value would refer to 'csikeTunIndex' in the 'csikeTunnelTable'). If the IPsec tunnel corresponding to this entry was setup manually, the value of this object shou ...
ceipSecTunHistEncapMode
The encapsulation mode used by the IPsec Phase-2 Tunnel.
ceipSecTunHistNATTraversalMode
The encapsulation used by the IPsec Phase-2 tunnel corresponding to this conceptual row for NAT traversal.
ceipSecTunHistLifeSize
The negotiated LifeSize of the IPsec Phase-2 Tunnel in kilobytes.
ceipSecTunHistLifeTime
The negotiated LifeTime of the IPsec Phase-2 Tunnel in seconds.
ceipSecTunHistStartTime
The value of sysUpTime in hundredths of seconds when the IPsec Phase-2 Tunnel was started.
ceipSecTunHistActiveTime
The length of time the IPsec Phase-2 Tunnel has been active in hundredths of seconds.
ceipSecTunHistTotalRefreshes
The total number of security association refreshes performed.
ceipSecTunHistTotalSas
The total number of security associations used during the life of the IPsec Phase-2 Tunnel.
ceipSecTunHistInSaDHGrp
The Diffie Hellman Group used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistInSaEncryptAlgo
The encryption algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistInSaEncryptKeySize
The size in bits of the key which was negotiated to be used with the encryption transform used with this tunnel denoted by ceipSecTunHistInSaEncryptAlgo. For DES and 3DES the key size is respectively 56 and 168. For AES, this will denote the negotiated ke ...
ceipSecTunHistInSaAhAuthAlgo
The authentication algorithm used by the inbound authentication header (AH) security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistInSaEspAuthAlgo
The authentication algorithm used by the inbound encapsulation security protocol (ESP) security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistInSaDecompAlgo
The decompression algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistOutSaDHGrp
The Diffie Hellman Group used by the outbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistOutSaEncryptAlgo
The encryption algorithm used by the outbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistOutSaEncryptKeySz
The size in bits of the key which was negotiated to be used with the encryption transform used with this tunnel denoted by ceipSecTunHistOutSaEncryptAlgo. For DES and 3DES the key size is respectively 56 and 168. For AES, this will denote the negotiated k ...
ceipSecTunHistOutSaAhAuthAlgo
The authentication algorithm used by the outbound authentication header (AH) security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistOutSaEspAuthAlgo
The authentication algorithm used by the inbound ecapsulation security protocol (ESP) security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistOutSaCompAlgo
The compression algorithm used by the inbound security association of the IPsec Phase-2 Tunnel.
ceipSecTunHistPmtu
The Path MTU that was determined for this IPsec Phase-2 tunnel.
ceipSecTunHistInOctets
A high capacity count of the total number of octets received by this IPsec Phase-2 Tunnel. This value is accumulated BEFORE determining whether or not the packet should be decompressed.
ceipSecTunHistInDecompOctets
A high capacity count of the total number of decompressed octets received by this IPsec Phase-2 Tunnel. This value is accumulated AFTER the packet is decompressed. If compression is not being used, this value will match the value of ceipSecTunInOctets.
ceipSecTunHistInPkts
The total number of packets received by this IPsec Phase-2 Tunnel.
ceipSecTunHistInDropPkts
The total number of packets dropped during receive processing by this IPsec Phase-2 Tunnel. This count does NOT include packets dropped due to Anti-Replay processing.
ceipSecTunHistInReplayDropPkts
The total number of packets dropped during receive processing due to Anti-Replay processing by this IPsec Phase-2 Tunnel.
ceipSecTunHistInAuths
The total number of inbound authentication's performed by this IPsec Phase-2 Tunnel.
ceipSecTunHistInAuthFails
The total number of inbound authentication's which ended in failure by this IPsec Phase-2 Tunnel .
ceipSecTunHistInDecrypts
The total number of inbound decryption's performed by this IPsec Phase-2 Tunnel.
ceipSecTunHistInDecryptFails
The total number of inbound decryption's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutOctets
A high capacity count of the total number of octets sent by this IPsec Phase-2 Tunnel. This value is accumulated AFTER determining whether or not the packet should be compressed.
ceipSecTunHistOutUncompOctets
A high capacity count of the total number of uncompressed octets sent by this IPsec Phase-2 Tunnel. This value is accumulated BEFORE the packet is compressed. If compression is not being used, this value will match the value of 'ceipSecTunOutOctets'.
ceipSecTunHistOutPkts
The total number of packets sent by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutDropPkts
The total number of packets dropped during send processing by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutAuths
The total number of outbound authentication's performed by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutAuthFails
The total number of outbound authentication's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutEncrypts
The total number of outbound encryption's performed by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutEncryptFails
The total number of outbound encryption's which ended in failure by this IPsec Phase-2 Tunnel.
ceipSecTunHistOutCompressedPkts
The total number of outbound packets which were successfully compressed.
ceipSecTunHistOutCompSkippedPkts
The total number of outbound packets that were to be compressed but which were skipped due to the compression hysteresis.
ceipSecTunHistOutCompFailPkts
The total number of outbound packets that failed compression because they grew in size after compression.
ceipSecTunHistOutCompSmallPkts
The total number of outbound packets that were to be compressed but were smaller than the compression threshold size.
ceipSecEndPtHistTable
The IPsec Phase-2 Tunnel Endpoint History Table. This table is conceptually a sliding window in which only the last 'N' entries are maintained, where 'N' is the value of the object 'ceipSecHistTableSize'. If the value of 'ceipSecHistTableSize' is 0, archi ...
ceipSecEndPtHistEntry
Each entry contains the attributes associated with a previously active IPsec Phase-2 Tunnel Endpoint.
ceipSecEndPtHistIndex
The number of the previously active Endpoint associated with a IPsec Phase-2 Tunnel Table. The value of this index is a number which begins at one and is incremented with each Endpoint associated with an IPsec Phase-2 Tunnel. The value of this object will ...
ceipSecEndPtHistTunIndex
The index of the previously active IPsec Phase-2 Tunnel Table.
ceipSecEndPtHistActiveIndex
The index of the previously active Endpoint.
ceipSecEndPtHistLocalName
The DNS name of the local Endpoint.
ceipSecEndPtHistLocalType
The type of identity for the local Endpoint.
ceipSecEndPtHistLocalAddrType1
The type of the IP address for this local Endpoint's first IP address.
ceipSecEndPtHistLocalAddr1
The local Endpoint's first IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet. If the local Endpoint type is IP ...
ceipSecEndPtHistLocalAddrType2
The type of the IP address for this local Endpoint's second IP address.
ceipSecEndPtHistLocalAddr2
The local Endpoint's second IP address specification. If the local Endpoint type is single IP address, then this is the value of the IP address. If the local Endpoint type is IP subnet, then this is the value of the subnet mask. If the local Endpoint type ...
ceipSecEndPtHistLocalProtocol
The protocol number of the local Endpoint's traffic.
ceipSecEndPtHistLocalPort
The port number of the local Endpoint's traffic.
ceipSecEndPtHistRemoteName
The DNS name of the remote Endpoint.
ceipSecEndPtHistRemoteType
The type of identity for the remote Endpoint.
ceipSecEndPtHistRemoteAddrType1
The type of the IP address for this remote Endpoint's first IP address.
ceipSecEndPtHistRemoteAddr1
The remote Endpoint's first IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet. If the remote Endpoint type i ...
ceipSecEndPtHistRemoteAddrType2
The type of the IP address for this remote Endpoint's second IP address.
ceipSecEndPtHistRemoteAddr2
The remote Endpoint's second IP address specification. If the remote Endpoint type is single IP address, then this is the value of the IP address. If the remote Endpoint type is IP subnet, then this is the value of the subnet mask. If the remote Endpoint ...
ceipSecEndPtHistRemoteProtocol
The protocol number of the remote Endpoint's traffic.
ceipSecEndPtHistRemotePort
The port number of the remote Endpoint's traffic.
ceipSecFailTableSize
The window size of the IPsec Phase-2 Failure Table. The IPsec Phase-2 Failure Tables are implemented as a sliding window in which only the last N entries are maintained. This object is used specify the number of entries which will be maintained in the IPs ...
ceipSecFailTable
The IPsec Phase-2 Failure Table. This table is implemented as a sliding window in which only the last n entries are maintained. The maximum number of entries is specified by the ceipSecFailTableSize object.
ceipSecFailEntry
Each entry contains the attributes associated with an IPsec Phase-1 failure.
ceipSecFailIndex
The IPsec Phase-2 Failure Table index. The value of the index is a number which begins at one and is incremented with each IPsec Phase-1 failure. The value of this object will wrap at 4,294,967,295.
ceipSecFailReason
The reason for the failure. Possible reasons include: 1 = other 2 = internal error occurred 3 = peer encoding error 4 = proposal failure 5 = protocol use failure 6 = non-existent security association 7 = decryption failure 8 = encryption failure 9 = inbo ...
ceipSecFailTime
The value of sysUpTime in hundredths of seconds at the time of the failure.
ceipSecFailTunnelIndex
The Phase-2 Tunnel index (ceipSecTunIndex). If this conceptual row corresponds to an operation failure (that is, the failure of an established Phase-2 IPsec tunnel), then the value of this object may not be zero.
ceipSecFailSaSpi
The security association SPI value. If this conceptual row corresponds to a setup failure (failure to establish the tunnel), the value of this MIB object is undefined.
ceipSecFailPktSrcAddressType
The type of the packet's source IP address.
ceipSecFailPktSrcAddress
The packet's source IP address.
ceipSecFailPktDstAddressType
The type of the packet's destination IP address.
ceipSecFailPktDstAddress
The packet's destination IP address.
ceipSecNotiCntlIpSecAllNotifs
This object sending any notification defined in this MIB module. That is, a particular notification 'foo' defined in this MIB module is enabled if and only if the expression (ceipSecNotiCntlIpSecAllNotifs && ceipSecNotiCntl) evaluates to 'true', wher ...
ceipSecNotifCntlIpSecTunnelStart
This object defines the administrative state of sending the IPsec Phase-2 Tunnel Start TRAP. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowTunnelStart' is enabled.
ceipSecNotifCntlIpSecTunnelStop
This object defines the administrative state of sending the IPsec Phase-2 Tunnel Stop TRAP. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowTunnelStop' is enabled.
ceipSecNotifCntlIpSecSysFailure
This object defines the administrative state of sending the IPsec Phase-2 System Failure TRAP. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowSysFailure' is enabled.
ceipSecNotifCntlIpSecSetUpFail
This object defines the administrative state of sending the IPsec Phase-2 Set Up Failure TRAP. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowSetupFail' is enabled.
ceipSecNotifCntlIpSecBadSa
This object defines the administrative state of sending the IPsec Phase-2 No Security Association trap. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowBadSa' is enabled.
ceipSecNotifCntlCertExpiry
This object defines the administrative state of sending the IPSec certificate expiry notification. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowCertExpiry' is enabled, otherwise notification 'ciscoEnhIpsecFlowCe ...
ceipSecNotifCntlCertRenewal
This object defines the administrative state of sending the IPSec X.509 certificate renewal status notification. If the value of this object is 'true', the issuing of the notification 'ciscoEnhIpsecFlowCertRenewal' is enabled, otherwise notification 'cisc ...
ciscoEnhIPsecFlowActivityGroup
This group consists of: 1) IPsec Phase-2 Global Statistics 2) IPsec Phase-2 Tunnel Table 3) IPsec Phase-2 Endpoint Table 4) IPsec Phase-2 Security Association Table
ciscoEnhIPsecFlowCoreHistGroup
This group consists of the core (mandatory) objects pertaining to maintaining history of IPsec activity.
ciscoEnhIPsecFlowHistoryGroup
This group consists of objects that pertain to maintenance of history of IPsec Phase 2 activity.
ciscoEnhIPsecFlowCoreFailGroup
This group consists of the core (mandatory) objects pertaining to maintaining history of failure IPsec activity.
ciscoEnhIPsecFlowFailureGroup
This group consists of objects that pertain to maintenance of history of failures associated with Phase 2 IPsec activity.
ciscoEnhIPsecFlowNotifCntlGroup
This group of objects controls the sending of notifications pertaining to IPsec Phase-2 processing.
ciscoEnhIPsecFlowTunnelSaGroup
This group consists of the Phase-2 IPsec tunnel Security Association and traffic information.
ciscoEnhIPsecFlowNotifCntlGroupSup01
This supplement group of objects controls the sending of X.509 certificate IPSec notifications.
ciscoEnhIPsecFlowCertObjectGroup
This group consists of objects to support X.509 certificates.

Download IPHost Network Monitor (500 monitors for 30 days, 50 monitors free forever) to start monitoring network devices right now.

MIBs list