VPNPOLICY-MIB DEFINITIONS ::= BEGIN -- ---------------------------------------------------------------------------- -- IBM VPN Policy MIB -- ---------------------------------------------------------------------------- -- -- This modules defines the objects used to manage -- VPN Policies. -- -- Last Change Date: 4/14/99 -- Level 1: Initial Version - cc5 -- -- CONTACT-INFO -- Skip Booth -- Postal: IBM Corporation -- 800 Park, Highway 54 -- Research Triangle Park, NC 27709-9990 -- Tel: +1 919 543 3186 -- Email: sbooth@us.ibm.com" -- ---------------------------------------------------------------------------- IMPORTS TimeTicks, Counter, enterprises FROM RFC1155-SMI OBJECT-TYPE FROM RFC-1212 DisplayString FROM RFC1213-MIB; -- ---------------------------------------------------------------------------- -- Local Textual Conventions -- ---------------------------------------------------------------------------- VpIpAddress ::= OCTET STRING(SIZE(4 | 16)) -- IP V4 or V6 Address -- ---------------------------------------------------------------------------- -- The VPN Policy MIB consists of the following major groups: -- 1) The System Group -- 2) The Policy Group -- 3) The Conditions Group -- 4) The Actions Group -- 5) The Test Group -- ---------------------------------------------------------------------------- ibmIROCVPNpolicy OBJECT IDENTIFIER ::= { enterprises ibm(2) ibmProd(6) ibmIROC(119) ibmIROCrouting(4) 15 } vpSystem OBJECT IDENTIFIER ::= { ibmIROCVPNpolicy 1 } vpPolicy OBJECT IDENTIFIER ::= { ibmIROCVPNpolicy 2 } vpConditions OBJECT IDENTIFIER ::= { ibmIROCVPNpolicy 3 } vpActions OBJECT IDENTIFIER ::= { ibmIROCVPNpolicy 4 } vpTests OBJECT IDENTIFIER ::= { ibmIROCVPNpolicy 5 } -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The System Group consists of a: -- 1) Set of Global System Objects -- 2) Set of Global LDAP Objects -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- vpSystemGlobal OBJECT IDENTIFIER ::= { vpSystem 1} vpSystemLdap OBJECT IDENTIFIER ::= { vpSystem 2} -- ---------------------------------------------------------------------------- -- The Global System Objects -- ---------------------------------------------------------------------------- vpSysMibLevel OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The level of the IBM VPN Policy MIB." ::= { vpSystemGlobal 1 } vpSysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The length of time in hundredths of a second that the policy definitions have been active." ::= { vpSystemGlobal 2 } vpSysCurTime OBJECT-TYPE SYNTAX OCTET STRING(SIZE(4)) ACCESS read-only STATUS mandatory DESCRIPTION "The current time in seconds since 1900." ::= { vpSystemGlobal 3 } vpSysHoursFromCut OBJECT-TYPE SYNTAX INTEGER { utcMinus0(1), utcMinus1(2), utcMinus2(3), utcMinus3(4), utcMinus4(5), utcMinus5(6), utcMinus6(7), utcMinus7(8), utcMinus8(9), utcMinus9(10), utcMinus10(11), utcMinus11(12), utcPlus1(13), utcPlus2(14), utcPlus3(15), utcPlus4(16), utcPlus5(17), utcPlus6(18), utcPlus7(19), utcPlus8(20), utcPlus9(21), utcPlus10(22), utcPlus11(23), utcPlus12(24) } ACCESS read-only STATUS mandatory DESCRIPTION "The number of hours from Coordinated Universal Time which is abbreviated UTC as specified by the International Telecommunications Union. 1 = (UTC -0)...Coordinated Universal Time; United Kingdom 2 = (UTC -1)...Azores; Cape Verde 3 = (UTC -2)...Falkland Islands 4 = (UTC -3)...Greenland; East Brazil 5 = (UTC -4)...Central Brazil 6 = (UTC -5)...Eastern U.S.; Colombia 7 = (UTC -6)...Central U.S.; Honduras 8 = (UTC -7)...Mountain U.S. 9 = (UTC -8)...Pacific U.S.; Yukon 10 = (UTC -9)...Alaska 11 = (UTC-10)...Hawaii; Aleutian 12 = (UTC-11)...Bering Straits 13 = (UTC +1)...Norway; France 14 = (UTC +2)...Finland; South Africa 15 = (UTC +3)...Turkey; Saudi Arabia 16 = (UTC +4)...Gorki; Central Asia; Oman 17 = (UTC +5)...Pakistan 18 = (UTC +6)...Tashkent; Central Asia 19 = (UTC +7)...Thailand 20 = (UTC +8)...Western Australia 21 = (UTC +9)...Japan; Korea 22 = (UTC+10)...Eastern Australia 23 = (UTC+11)...Solomon Islands 24 = (UTC+12)...New Zealand" ::= { vpSystemGlobal 4 } vpSysCurConfigSource OBJECT-TYPE SYNTAX INTEGER { refreshInProgress(1), none(2), allSources(3), sram(4), ldap(5) } ACCESS read-only STATUS mandatory DESCRIPTION "The current configuration source location(s). 1 = policy refresh in progress 2 = no policies were found in any source location 3 = policies were found in all source locations 4 = policies were found in SRAM 5 = policies were found in LDAP." ::= { vpSystemGlobal 5 } vpSysRefreshConfig OBJECT-TYPE SYNTAX INTEGER { fromOperDefs(1), fromAdminDefs(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This object provides the ability to refresh the system's policies when set and provides the source of the last refresh when read. 1 = refresh policies from the operational (active) policy source location(s) 2 = refresh policies from the administrative (configured) policy source location(s)." ::= { vpSystemGlobal 6 } -- ---------------------------------------------------------------------------- -- The Global LDAP Objects -- -- This set of objects consists of: -- 1) global operational (active) LDAP parameters -- 2) global administrative (configured) LDAP parameters -- ---------------------------------------------------------------------------- vpLdapGlobal OBJECT IDENTIFIER ::= { vpSystemLdap 1} vpLdapGlobalOper OBJECT IDENTIFIER ::= { vpLdapGlobal 1} vpLdapGlobalAdmin OBJECT IDENTIFIER ::= { vpLdapGlobal 2} -- ---------------------------------------------------------------------------- -- The Global Operational (Active) LDAP Objects -- ---------------------------------------------------------------------------- vpLdapGblOperLdapStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The current status of the LDAP Operational parameter values." ::= { vpLdapGlobalOper 1 } vpLdapGblOperPrimServerAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the IP Address for the Primary LDAP Server." ::= { vpLdapGlobalOper 2 } vpLdapGblOperSecServerAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the IP Address for the Secondary LDAP Server." ::= { vpLdapGlobalOper 3 } vpLdapGblOperServerLdapLvl OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the LDAP Server Level." ::= { vpLdapGlobalOper 4 } vpLdapGblOperPolicyBaseName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the Base Name to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalOper 5 } vpLdapGblOperPortNumber OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the Port Number to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalOper 6 } vpLdapGblOperTimeOut OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the Time-Out Period to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalOper 7 } vpLdapGblOperRetryInterval OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the Retry Interval to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalOper 8 } vpLdapGblOperUserId OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The current operational value of the User ID to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalOper 9 } -- ---------------------------------------------------------------------------- -- The Global Administrative (Configured) LDAP Objects -- ---------------------------------------------------------------------------- vpLdapGblAdminLdapStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The configured status of the LDAP Administrative parameter values." ::= { vpLdapGlobalAdmin 1 } vpLdapGblAdminPrimServerAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The configured IP Address of the current Primary LDAP Server." ::= { vpLdapGlobalAdmin 2 } vpLdapGblAdminSecServerAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The configured IP Address of the current Secondary LDAP Server." ::= { vpLdapGlobalAdmin 3 } vpLdapGblAdminServerLdapLvl OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The configured LDAP Server level." ::= { vpLdapGlobalAdmin 4 } vpLdapGblAdminPolicyBaseName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The configured Base Name to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalAdmin 5 } vpLdapGblAdminPortNumber OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The configured Port Number to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalAdmin 6 } vpLdapGblAdminTimeOut OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The configured Time-Out period in seconds to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalAdmin 7 } vpLdapGblAdminRetryInterval OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The configured Retry Interval in seconds to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalAdmin 8 } vpLdapGblAdminUserId OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The configured User ID to use when retrieving policies from the LDAP Server." ::= { vpLdapGlobalAdmin 9 } -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Policy Group consists of a: -- 1) Policy Table -- 2) Policy Rules Priority Table -- 3) Policy Correlation Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Policy Table -- ---------------------------------------------------------------------------- vpPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF VpPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The VPN Policy Table." ::= { vpPolicy 1 } vpPolicyEntry OBJECT-TYPE SYNTAX VpPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A VPN Policy Table entry." INDEX { vpPolName } ::= { vpPolicyTable 1} VpPolicyEntry ::= SEQUENCE { vpPolName DisplayString, vpPolStatus INTEGER, vpPolPriority INTEGER, vpPolValidity INTEGER, vpPolTrafficProfileRef DisplayString, vpPolValidityPeriodRef DisplayString, vpPolRsvpActionRef DisplayString, vpPolDiffServActionRef DisplayString, vpPolIsakmpActionRef DisplayString, vpPolSecurityActionRef DisplayString, vpPolIpsecManualTunId INTEGER, vpPolMatches Counter } vpPolName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The VPN Policy Name." ::= { vpPolicyEntry 1 } vpPolStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The current status of the VPN Policy. 1 = enabled 2 = disabled." ::= { vpPolicyEntry 2 } vpPolPriority OBJECT-TYPE SYNTAX INTEGER(1..65535) ACCESS read-only STATUS mandatory DESCRIPTION "The priority of VPN Policy." ::= { vpPolicyEntry 3 } vpPolValidity OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The validity of VPN Policy." ::= { vpPolicyEntry 4 } vpPolTrafficProfileRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Traffic Profile for the VPN Policy. This name can be used to index directly into the vpTrafficProfileTable." ::= { vpPolicyEntry 5 } vpPolValidityPeriodRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Validity Period for the VPN Policy. This name can be used to index directly into the vpValidityPeriodTable." ::= { vpPolicyEntry 6 } vpPolRsvpActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the RSVP Action for the VPN Policy. This name can be used to index directly into the vpRsvpActionTable." ::= { vpPolicyEntry 7 } vpPolDiffServActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Differential Services Action for the VPN Policy. This name can be used to index directly into the vpDiffServActionTable." ::= { vpPolicyEntry 8 } vpPolIsakmpActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ISAKMP Action for the VPN Policy. This name can be used to index directly into the vpIsakmpActionTable." ::= { vpPolicyEntry 9 } vpPolSecurityActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Security Action for the VPN Policy. This name can be used to index directly into the vpSecurityActionTable." ::= { vpPolicyEntry 10 } vpPolIpsecManualTunId OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The ID of manually configured IPSec Phase-2 Tunnel." ::= { vpPolicyEntry 11 } vpPolMatches OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packet matches for this VPN Policy." ::= { vpPolicyEntry 12 } -- ---------------------------------------------------------------------------- -- The Policy Rules Priority Table -- ---------------------------------------------------------------------------- vpPolicyRulePriTable OBJECT-TYPE SYNTAX SEQUENCE OF VpPolicyRulePriEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The VPN Policy Rule Priority Table." ::= { vpPolicy 2 } vpPolicyRulePriEntry OBJECT-TYPE SYNTAX VpPolicyRulePriEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A VPN Policy Rule Priority Table entry." INDEX { vpPolRulePriOrder } ::= { vpPolicyRulePriTable 1} VpPolicyRulePriEntry ::= SEQUENCE { vpPolRulePriOrder INTEGER, vpPolRulePriName DisplayString, vpPolRulePriStatus INTEGER, vpPolRulePriPriority INTEGER, vpPolRulePriTrafficProfileRef DisplayString, vpPolRulePriValidityPeriodRef DisplayString, vpPolRulePriRsvpActionRef DisplayString, vpPolRulePriDiffServActionRef DisplayString, vpPolRulePriIsakmpActionRef DisplayString, vpPolRulePriSecurityActionRef DisplayString, vpPolRulePriIpsecManualTunId INTEGER } vpPolRulePriOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The priority of this VPN Rule relative to all VPN Rules." ::= { vpPolicyRulePriEntry 1 } vpPolRulePriName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The VPN Policy Rule Name." ::= { vpPolicyRulePriEntry 2 } vpPolRulePriStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The current status of the VPN Policy Rule. 1 = enabled 2 = disabled." ::= { vpPolicyRulePriEntry 3 } vpPolRulePriPriority OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The VPN Policy Rule Priority." ::= { vpPolicyRulePriEntry 4 } vpPolRulePriTrafficProfileRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Traffic Profile for the VPN Policy Rule. This name can be used to index directly into the vpTrafficProfileTable." ::= { vpPolicyRulePriEntry 5 } vpPolRulePriValidityPeriodRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Validity Period for the VPN Policy. This name can be used to index directly into the vpValidityPeriodTable." ::= { vpPolicyRulePriEntry 6 } vpPolRulePriRsvpActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the RSVP Action for the VPN Policy. This name can be used to index directly into the vpRsvpActionTable." ::= { vpPolicyRulePriEntry 7 } vpPolRulePriDiffServActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Differential Services Action for the VPN Policy. This name can be used to index directly into the vpDiffServActionTable." ::= { vpPolicyRulePriEntry 8 } vpPolRulePriIsakmpActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ISAKMP Action for the VPN Policy. This name can be used to index directly into the vpIsakmpActionTable." ::= { vpPolicyRulePriEntry 9 } vpPolRulePriSecurityActionRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Security Action for the VPN Policy. This name can be used to index directly into the vpSecurityActionTable." ::= { vpPolicyRulePriEntry 10 } vpPolRulePriIpsecManualTunId OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The ID of manually configured IPSec Phase-2 Tunnel." ::= { vpPolicyRulePriEntry 11 } -- ---------------------------------------------------------------------------- -- The Policy Correlation Table -- ---------------------------------------------------------------------------- vpPolicyCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpPolicyCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The VPN Policy Correlation Table. This table can be used to correlate VPN Policies with VPN Policy Rules. A VPN Policy may be associated with one or more VPN Policy Rules." ::= { vpPolicy 3 } vpPolicyCorEntry OBJECT-TYPE SYNTAX VpPolicyCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A VPN Policy Correlation Table entry." INDEX { vpPolName, -- from the vpPolicyTable vpPolCorRuleOrder } ::= { vpPolicyCorTable 1} VpPolicyCorEntry ::= SEQUENCE { vpPolCorRuleOrder INTEGER, vpPolCorRulePriOrder INTEGER } vpPolCorRuleOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The order of this VPN Rule relative to other VPN Rules for this VPN Policy." ::= { vpPolicyCorEntry 1 } vpPolCorRulePriOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The priority of this VPN Rule relative to all VPN Rules. This number can be used to index directly into the vpPolicyRulePriTable." ::= { vpPolicyCorEntry 2 } -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Conditions Group consists of a: -- 1) Traffic Profile Table -- 2) Traffic Interface Table -- 3) Traffic Remote Identification Table -- 4) Validity Period Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- vpTrafficProfile OBJECT IDENTIFIER ::= { vpConditions 1 } vpValidityPeriod OBJECT IDENTIFIER ::= { vpConditions 2 } -- ---------------------------------------------------------------------------- -- The Traffic Profile Table -- ---------------------------------------------------------------------------- vpTrafficProfileTable OBJECT-TYPE SYNTAX SEQUENCE OF VpTrafficProfileEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Traffic Profile Table." ::= { vpTrafficProfile 1 } vpTrafficProfileEntry OBJECT-TYPE SYNTAX VpTrafficProfileEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Traffic Profile Table entry." INDEX { vpTrafProfName } ::= { vpTrafficProfileTable 1} VpTrafficProfileEntry ::= SEQUENCE { vpTrafProfName DisplayString, vpTrafProfHiProtocol INTEGER, vpTrafProfLoProtocol INTEGER, vpTrafProfSrcHiAddr VpIpAddress, vpTrafProfSrcLoAddr VpIpAddress, vpTrafProfSrcHiPort INTEGER, vpTrafProfSrcLoPort INTEGER, vpTrafProfDstHiAddr VpIpAddress, vpTrafProfDstLoAddr VpIpAddress, vpTrafProfDstHiPort INTEGER, vpTrafProfDstLoPort INTEGER, vpTrafProfRcvTosByteMask OCTET STRING, vpTrafProfRcvTosByteMatch OCTET STRING, vpTrafProfLocIdType INTEGER, vpTrafProfLocIdValue DisplayString, vpTrafProfRemGroup DisplayString } vpTrafProfName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Traffic Profile." ::= { vpTrafficProfileEntry 1 } vpTrafProfHiProtocol OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The high protocol number for this Traffic Profile." ::= { vpTrafficProfileEntry 2 } vpTrafProfLoProtocol OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The low protocol number for this Traffic Profile." ::= { vpTrafficProfileEntry 3 } vpTrafProfSrcHiAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The high source IP Address for this Traffic Profile." ::= { vpTrafficProfileEntry 4 } vpTrafProfSrcLoAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The low source IP Address for this Traffic Profile." ::= { vpTrafficProfileEntry 5 } vpTrafProfSrcHiPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The high source port number for this Traffic Profile." ::= { vpTrafficProfileEntry 6 } vpTrafProfSrcLoPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The low source port number for this Traffic Profile." ::= { vpTrafficProfileEntry 7 } vpTrafProfDstHiAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The high destination IP Address for this Traffic Profile." ::= { vpTrafficProfileEntry 8 } vpTrafProfDstLoAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The low destination IP Address for this Traffic Profile." ::= { vpTrafficProfileEntry 9 } vpTrafProfDstHiPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The high destination port number for this Traffic Profile." ::= { vpTrafficProfileEntry 10 } vpTrafProfDstLoPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The low destination port number for this Traffic Profile." ::= { vpTrafficProfileEntry 11 } vpTrafProfRcvTosByteMask OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-only STATUS mandatory DESCRIPTION "The Type of Service (TOS) Byte Mask Value. This is a 8-bit mask which is be applied to an incoming packet's TOS byte." ::= { vpTrafficProfileEntry 12 } vpTrafProfRcvTosByteMatch OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-only STATUS mandatory DESCRIPTION "The Type of Service (TOS) Byte Match Value. This is a 8-bit pattern which is used to compare to the value of the result of the ANDing of the incoming TOS byte and the mask value." ::= { vpTrafficProfileEntry 13 } vpTrafProfLocIdType OBJECT-TYPE SYNTAX INTEGER { ipV4Addr(1), fqdn(2), userFqdn(3), dn(9), gn(10), keyId(11), any(99) } ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Local Identification Type. This value is used in interpreting the Traffic Local Identification Value. 1 = IP V4 Address 2 = Fully Qualified Domain Name 3 = User Fully Qualified Domain Name 9 = Domain Name 10 = Global Name 11 = Key ID 99 = Any" ::= { vpTrafficProfileEntry 14 } vpTrafProfLocIdValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Local Identification Value. See vpTrafProfLocIdType for more information." ::= { vpTrafficProfileEntry 15 } vpTrafProfRemGroup OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Remote Group Name." ::= { vpTrafficProfileEntry 16 } -- ---------------------------------------------------------------------------- -- The Traffic Interface Table -- ---------------------------------------------------------------------------- vpTrafficIfTable OBJECT-TYPE SYNTAX SEQUENCE OF VpTrafficIfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Traffic Interface Table." ::= { vpTrafficProfile 2 } vpTrafficIfEntry OBJECT-TYPE SYNTAX VpTrafficIfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Traffic Interface Table entry." INDEX { vpTrafProfName, -- from the vpTrafficProfileTable vpTrafIfIndex } ::= { vpTrafficIfTable 1} VpTrafficIfEntry ::= SEQUENCE { vpTrafIfIndex INTEGER, vpTrafIfInAddr VpIpAddress, vpTrafIfOutAddr VpIpAddress } vpTrafIfIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Interface index." ::= { vpTrafficIfEntry 1 } vpTrafIfInAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Interface Inbound IP Address." ::= { vpTrafficIfEntry 2 } vpTrafIfOutAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Interface Outbound IP Address." ::= { vpTrafficIfEntry 3 } -- ---------------------------------------------------------------------------- -- The Traffic Remote Identification Table -- ---------------------------------------------------------------------------- vpTrafficRemIdTable OBJECT-TYPE SYNTAX SEQUENCE OF VpTrafficRemIdEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Traffic Remote Identification Table." ::= { vpTrafficProfile 3 } vpTrafficRemIdEntry OBJECT-TYPE SYNTAX VpTrafficRemIdEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Traffic Remote Identification Table entry." INDEX { vpTrafProfRemGroup, -- from the vpTrafficProfileTable vpTrafRemIdIndex } ::= { vpTrafficRemIdTable 1} VpTrafficRemIdEntry ::= SEQUENCE { vpTrafRemIdIndex INTEGER, vpTrafRemIdType INTEGER, vpTrafRemIdValue DisplayString, vpTrafRemIdAuthMode INTEGER } vpTrafRemIdIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Remote Identification Index." ::= { vpTrafficRemIdEntry 1 } vpTrafRemIdType OBJECT-TYPE SYNTAX INTEGER { ipV4Addr(1), fqdn(2), userFqdn(3), dn(9), gn(10), keyId(11) } ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Remote Identification Type. This value is used in interpreting the Traffic Remote Identification Value. 1 = IP V4 Address 2 = Fully Qualified Domain Name 3 = User Fully Qualified Domain Name 9 = Domain Name 10 = Global Name 11 = Key ID" ::= { vpTrafficRemIdEntry 2 } vpTrafRemIdValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Remote Identification Value. See vpTrafRemIdValueType for more information." ::= { vpTrafficRemIdEntry 3 } vpTrafRemIdAuthMode OBJECT-TYPE SYNTAX INTEGER { preShareKey(1), cert(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Traffic Remote Identification Authentication Mode. 1 = preshared key 2 = certificate" ::= { vpTrafficRemIdEntry 4 } -- ---------------------------------------------------------------------------- -- The Validity Period Table -- ---------------------------------------------------------------------------- vpValidityPeriodTable OBJECT-TYPE SYNTAX SEQUENCE OF VpValidityPeriodEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Validity Period Table." ::= { vpValidityPeriod 1 } vpValidityPeriodEntry OBJECT-TYPE SYNTAX VpValidityPeriodEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Validity Period Table entry." INDEX { vpValPrdName } ::= { vpValidityPeriodTable 1} VpValidityPeriodEntry ::= SEQUENCE { vpValPrdName DisplayString, vpValPrdStartTime OCTET STRING, vpValPrdEndTime OCTET STRING, vpValPrdMonthMask OCTET STRING, vpValPrdDaysMask OCTET STRING, vpValPrdStartTod OCTET STRING, vpValPrdStopTod OCTET STRING } vpValPrdName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Validity Period." ::= { vpValidityPeriodEntry 1 } vpValPrdStartTime OBJECT-TYPE SYNTAX OCTET STRING(SIZE(4)) ACCESS read-only STATUS mandatory DESCRIPTION "The Validity Start Time in seconds since 1900. A value of xFF:FF:FF:FF signifies forever." ::= { vpValidityPeriodEntry 2 } vpValPrdEndTime OBJECT-TYPE SYNTAX OCTET STRING(SIZE(4)) ACCESS read-only STATUS mandatory DESCRIPTION "The Validity End Time in seconds since 1900. A value of xFF:FF:FF:FF signifies forever." ::= { vpValidityPeriodEntry 3 } vpValPrdMonthMask OBJECT-TYPE SYNTAX OCTET STRING(SIZE(2)) ACCESS read-only STATUS mandatory DESCRIPTION "The Month Mask for this Validity Period. Each Bit in the Mask represents a month. Octet 2 Octet 1 ---------------------- ------------------------------- 7-4 3 2 1 0 7 6 5 4 3 2 1 0 0's Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec" ::= { vpValidityPeriodEntry 4 } vpValPrdDaysMask OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-only STATUS mandatory DESCRIPTION "The Days-Of-The-Week Mask for this Validity Period. Each Bit in the Mask represents a day. Octet 1 ------------------------------- 7 6 5 4 3 2 1 0 0 Mon Tue Wed Thr Fri Sat Sun" ::= { vpValidityPeriodEntry 5 } vpValPrdStartTod OBJECT-TYPE SYNTAX OCTET STRING(SIZE(4)) ACCESS read-only STATUS mandatory DESCRIPTION "The Validity Period Start Time-Of-Day. It is represented in the number of seconds since 00:00 AM. A value of xFF:FF:FF:FF signifies all day." ::= { vpValidityPeriodEntry 6 } vpValPrdStopTod OBJECT-TYPE SYNTAX OCTET STRING(SIZE(4)) ACCESS read-only STATUS mandatory DESCRIPTION "The Validity Period End Time-Of-Day. It is represented in the number of seconds since 00:00 AM. A value of xFF:FF:FF:FF signifies all day." ::= { vpValidityPeriodEntry 7 } -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Action Group consists of a: -- 1) RSVP Action -- 2) Differential Services Action -- 3) ISAKMP Action -- 4) Security Action -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- vpRsvpAction OBJECT IDENTIFIER ::= { vpActions 1 } vpDiffServAction OBJECT IDENTIFIER ::= { vpActions 2 } vpIsakmpAction OBJECT IDENTIFIER ::= { vpActions 3 } vpSecurityAction OBJECT IDENTIFIER ::= { vpActions 4 } -- ---------------------------------------------------------------------------- -- The RSVP Action Table -- ---------------------------------------------------------------------------- vpRsvpActionTable OBJECT-TYPE SYNTAX SEQUENCE OF VpRsvpActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The RSVP Action Table." ::= { vpRsvpAction 1 } vpRsvpActionEntry OBJECT-TYPE SYNTAX VpRsvpActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A RSVP Action Table entry." INDEX { vpRsvpActName } ::= { vpRsvpActionTable 1} VpRsvpActionEntry ::= SEQUENCE { vpRsvpActName DisplayString, vpRsvpActPermission INTEGER, vpRsvpActMaxRatePerFlow INTEGER, vpRsvpActMaxTokenBucketPerFlow INTEGER, vpRsvpActMaxFlowDuration INTEGER, vpRsvpActMinDelay INTEGER, vpRsvpActDiffSvrRef DisplayString, vpRsvpActMatches Counter } vpRsvpActName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the RSVP Action." ::= { vpRsvpActionEntry 1 } vpRsvpActPermission OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Permit or deny RSVP requests of with the type of vpRsvpActFlowSvrType." ::= { vpRsvpActionEntry 2 } vpRsvpActMaxRatePerFlow OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Maximum Amount of Bandwidth in Kbytes-Per-Second that RSVP should be allowed to allocate for one individual flow." ::= { vpRsvpActionEntry 3 } vpRsvpActMaxTokenBucketPerFlow OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Maximum Token Bucket to allocate for a RSVP flow." ::= { vpRsvpActionEntry 4 } vpRsvpActMaxFlowDuration OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Maximum Amount of Time in seconds that RSVP should allow a reservation to be active." ::= { vpRsvpActionEntry 5 } vpRsvpActMinDelay OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Minimum Delay in milliseconds that RSVP should be allowed to reserve for an individual RSVP reservation." ::= { vpRsvpActionEntry 6 } vpRsvpActDiffSvrRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Differential Services Action for this RSVP Action. This name can be used to index directly into the vpDiffServActionTable." ::= { vpRsvpActionEntry 7 } vpRsvpActMatches OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packet matches for this RSVP Action." ::= { vpRsvpActionEntry 8 } -- ---------------------------------------------------------------------------- -- The Differential Services Action Table -- ---------------------------------------------------------------------------- vpDiffServActionTable OBJECT-TYPE SYNTAX SEQUENCE OF VpDiffServActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Differential Services Action Table." ::= { vpDiffServAction 1 } vpDiffServActionEntry OBJECT-TYPE SYNTAX VpDiffServActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Differential Services Action Table entry." INDEX { vpDifSrvActName } ::= { vpDiffServActionTable 1 } VpDiffServActionEntry ::= SEQUENCE { vpDifSrvActName DisplayString, vpDifSrvActPermission INTEGER, vpDifSrvActQuePriority INTEGER, vpDifSrvActBwType INTEGER, vpDifSrvActBwShare INTEGER, vpDifSrvActTransTosByteMask OCTET STRING, vpDifSrvActTransTosByteMatch OCTET STRING, vpDifSrvActMatches Counter } vpDifSrvActName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Differential Services Action." ::= { vpDiffServActionEntry 1 } vpDifSrvActPermission OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Permit or Deny traffic matching the Traffic Profile. This parameter is used as a filter rule to control which IP traffic is allowed to be forwarded." ::= { vpDiffServActionEntry 2 } vpDifSrvActQuePriority OBJECT-TYPE SYNTAX INTEGER { premium(1), bestEffort(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Queue Priority to be used for traffic." ::= { vpDiffServActionEntry 3 } vpDifSrvActBwType OBJECT-TYPE SYNTAX INTEGER { absolute(1), percent(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Specifies whether the bandwidth share is a percentage of the output bandwidth or an absolute number in Kbytes-Per-Second. See also vpDifSrvActBwShare." ::= { vpDiffServActionEntry 4 } vpDifSrvActBwShare OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The amount of bandwidth to allocate for packets matching this Differential Services Action. Bandwidth may be specified by percentage of output bandwidth or by an absolute number in Kbytes-Per-Second. See also vpDifSrvActBwType." ::= { vpDiffServActionEntry 5 } vpDifSrvActTransTosByteMask OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-only STATUS mandatory DESCRIPTION "The Type of Service (TOS) Byte Mask Value. This is a 8-bit mask which is be applied to an incoming packet's TOS byte." ::= { vpDiffServActionEntry 6 } vpDifSrvActTransTosByteMatch OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-only STATUS mandatory DESCRIPTION "The Type of Service (TOS) Byte Match Value. This is a 8-bit pattern which is used to compare to the value of the result of the ANDing of the incoming TOS byte and the mask value." ::= { vpDiffServActionEntry 7 } vpDifSrvActMatches OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packet matches for this Differential Services Action." ::= { vpDiffServActionEntry 8 } -- ---------------------------------------------------------------------------- -- The ISAKMP Action is represented in the following tables: -- 1) The ISAKMP Action Table -- 2) The ISAKMP Proposal Table -- 3) The ISAKMP Correlation Table -- 4) The ISAKMP Active Instance Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The ISAKMP Action Table -- ---------------------------------------------------------------------------- vpIsakmpActionTable OBJECT-TYPE SYNTAX SEQUENCE OF VpIsakmpActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ISAKMP Action Table." ::= { vpIsakmpAction 1 } vpIsakmpActionEntry OBJECT-TYPE SYNTAX VpIsakmpActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An ISAKMP Action Table entry." INDEX { vpIkActName } ::= { vpIsakmpActionTable 1} VpIsakmpActionEntry ::= SEQUENCE { vpIkActName DisplayString, vpIkActExchangeMode INTEGER, vpIkActConnSaLifeTime INTEGER, vpIkActConnSaLifeSize INTEGER, vpIkActPolicyRole INTEGER, vpIkActMinPercentRefresh INTEGER, vpIkActAutoStart INTEGER, vpIkActMatches Counter } vpIkActName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ISAKMP Action." ::= { vpIsakmpActionEntry 1 } vpIkActExchangeMode OBJECT-TYPE SYNTAX INTEGER { main(1), aggressive(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Exchange Mode for ISAKMP Phase-1 negotiations." ::= { vpIsakmpActionEntry 2 } vpIkActConnSaLifeTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifetime of the ISAKMP Phase-1 Connection. This specifies the amount of time in seconds after which the Phase-1 Security Association is renegotiated." ::= { vpIsakmpActionEntry 3 } vpIkActConnSaLifeSize OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifesize of the ISAKMP Phase-1 Connection. This specifies the amount of traffic in Kbytes after which the Phase-1 Security Association is renegotiated." ::= { vpIsakmpActionEntry 4 } vpIkActPolicyRole OBJECT-TYPE SYNTAX INTEGER { initiator(1), responder(2), initAndResp(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Policy Role. 1 = Initiator 2 = Responder 3 = Initiator and Responder" ::= { vpIsakmpActionEntry 5 } vpIkActMinPercentRefresh OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS read-only STATUS mandatory DESCRIPTION "The minimium percentage of the ISAKMP Phase-1 proposals Lifetime that should be considered valid during ISAKMP Phase-1 negotiations." ::= { vpIsakmpActionEntry 6 } vpIkActAutoStart OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Auto Start setting. When enabled the Security Association must be automatically negotiated at system initialization." ::= { vpIsakmpActionEntry 7 } vpIkActMatches OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packet matches for this ISAKMP Action." ::= { vpIsakmpActionEntry 8 } -- ---------------------------------------------------------------------------- -- The ISAKMP Proposal Table -- ---------------------------------------------------------------------------- vpIsakmpProposalTable OBJECT-TYPE SYNTAX SEQUENCE OF VpIsakmpProposalEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ISAKMP Proposal Table." ::= { vpIsakmpAction 2 } vpIsakmpProposalEntry OBJECT-TYPE SYNTAX VpIsakmpProposalEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An ISAKMP Proposal Table entry." INDEX { vpIkPropName } ::= { vpIsakmpProposalTable 1} VpIsakmpProposalEntry ::= SEQUENCE { vpIkPropName DisplayString, vpIkPropAuthMethod INTEGER, vpIkPropHashAlgo INTEGER, vpIkPropCipherAlgo INTEGER, vpIkPropDiffHellmanGrpId INTEGER, vpIkPropSaLifeTime INTEGER, vpIkPropSaLifeSize INTEGER } vpIkPropName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ISAKMP Proposal." ::= { vpIsakmpProposalEntry 1 } vpIkPropAuthMethod OBJECT-TYPE SYNTAX INTEGER { preShardKey(1), dssSig(2), rsaSig(3), rsaEncrypt(4), revRsaEncrypt(5) } ACCESS read-only STATUS mandatory DESCRIPTION "The Authentication Method to use in ISAKMP Phase-1 negotiations." ::= { vpIsakmpProposalEntry 2 } vpIkPropHashAlgo OBJECT-TYPE SYNTAX INTEGER { md5(1), sha(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Hash Algorithm to use in ISAKMP Phase-1 negotiations." ::= { vpIsakmpProposalEntry 3 } vpIkPropCipherAlgo OBJECT-TYPE SYNTAX INTEGER { des(1), des3(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Cipher Algorithm to use in ISAKMP Phase-1 negotiations." ::= { vpIsakmpProposalEntry 4 } vpIkPropDiffHellmanGrpId OBJECT-TYPE SYNTAX INTEGER { dhGrp1(1), dhGrp2(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group to use in ISAKMP Phase-1 negotiations." ::= { vpIsakmpProposalEntry 5 } vpIkPropSaLifeTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifetime of the ISAKMP Phase-1 Connection. This specifies the amount of time in seconds after which the Phase-1 Security Association is renegotiated." ::= { vpIsakmpProposalEntry 6 } vpIkPropSaLifeSize OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifesize of the ISAKMP Phase-1 Connection. This specifies the amount of traffic in Kbytes after which the Phase-1 Security Association is renegotiated." ::= { vpIsakmpProposalEntry 7 } -- ---------------------------------------------------------------------------- -- The ISAKMP Correlation Table -- ---------------------------------------------------------------------------- vpIsakmpCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpIsakmpCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ISAKMP Correlation Table. This table can be used to to correlate ISAKMP Actions with ISAKMP Proposals. An ISAKMP Action may be associated with one or more ISAKMP Proposals." ::= { vpIsakmpAction 3 } vpIsakmpCorEntry OBJECT-TYPE SYNTAX VpIsakmpCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An ISAKMP Correlation Table entry." INDEX { vpIkActName, -- from the vpIsakmpActionTable vpIkCorPropOrder } ::= { vpIsakmpCorTable 1} VpIsakmpCorEntry ::= SEQUENCE { vpIkCorPropOrder INTEGER, vpIkCorPropName DisplayString } vpIkCorPropOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Proposal Order for the ISAKMP Action." ::= { vpIsakmpCorEntry 1 } vpIkCorPropName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ISAKMP Proposal. This name can be used to index directly into the vpIsakmpProposalTable." ::= { vpIsakmpCorEntry 2 } -- ---------------------------------------------------------------------------- -- The ISAKMP Active Instance Table -- ---------------------------------------------------------------------------- vpIsakmpActiveInstTable OBJECT-TYPE SYNTAX SEQUENCE OF VpIsakmpActiveInstEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The ISAKMP Active Instance Table." ::= { vpIsakmpAction 4 } vpIsakmpActiveInstEntry OBJECT-TYPE SYNTAX VpIsakmpActiveInstEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An ISAKMP Active Instance Table entry." INDEX { vpIkActName, -- from the vpIsakmpActionTable vpIkActInstOrder } ::= { vpIsakmpActiveInstTable 1} VpIsakmpActiveInstEntry ::= SEQUENCE { vpIkActInstOrder INTEGER, vpIkActInstTunnelId OCTET STRING, vpIkActInstTunnelIndex INTEGER } vpIkActInstOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Active Instance Creation Order for the ISAKMP Action." ::= { vpIsakmpActiveInstEntry 1 } vpIkActInstTunnelId OBJECT-TYPE SYNTAX OCTET STRING ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Phase-1 Tunnel ID." ::= { vpIsakmpActiveInstEntry 2 } vpIkActInstTunnelIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Phase-1 Tunnel Index (ikeTunnelIndex from the IBM IPSec MIB)." ::= { vpIsakmpActiveInstEntry 3 } -- ---------------------------------------------------------------------------- -- The Security Action is represented in the following tables: -- 1 = The Security Action Table -- 2 = The Security Proposal Table -- 3 = The Security AH Transform Table -- 4 = The Security ESP Transform Table -- 5 = The Security IPCOMP Transform Table -- 6 = The Security Proposal Correlation Table -- 7 = The Security AH Correlation Table -- 8 = The Security ESP Correlation Table -- 9 = The Security IPCOMP Correlation Table -- 10 = The Security Active Instance Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Security Action Table -- ---------------------------------------------------------------------------- vpSecurityActionTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security Action Table." ::= { vpSecurityAction 1 } vpSecurityActionEntry OBJECT-TYPE SYNTAX VpSecurityActionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Action Table entry." INDEX { vpSecActName } ::= { vpSecurityActionTable 1} VpSecurityActionEntry ::= SEQUENCE { vpSecActName DisplayString, vpSecActType INTEGER, vpSecActTunStartAddr VpIpAddress, vpSecActTunEndAddr VpIpAddress, vpSecActLocProxyType INTEGER, vpSecActLocProxyValue DisplayString, vpSecActLocProxyProtocol INTEGER, vpSecActLocProxySrcPort INTEGER, vpSecActRemProxyType INTEGER, vpSecActRemProxyValue DisplayString, vpSecActRemProxyProtocol INTEGER, vpSecActRemProxySrcPort INTEGER, vpSecActSaRefreshThresh INTEGER, vpSecActMinPercentRefresh INTEGER, vpSecActTunnelInTunnel INTEGER, vpSecActAutoStart INTEGER, vpSecActDontFragBitHandling INTEGER, vpSecActReplayPrevention INTEGER, vpSecActMatches Counter } vpSecActName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Security Action." ::= { vpSecurityActionEntry 1 } vpSecActType OBJECT-TYPE SYNTAX INTEGER { permit(1), block(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Type of action which should be performed to packets matching the Traffic Profile of a Policy specifying this action." ::= { vpSecurityActionEntry 2 } vpSecActTunStartAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP Address of the IPSec Tunnel Starting Point." ::= { vpSecurityActionEntry 3 } vpSecActTunEndAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP Address of the IPSec Tunnel Ending Point." ::= { vpSecurityActionEntry 4 } vpSecActLocProxyType OBJECT-TYPE SYNTAX INTEGER { ipV4Addr(1), fqdn(2), userFqdn(3), ipV4Subnet(4), ipV4Range(7), dn(9), gn(10), keyId(11) } ACCESS read-only STATUS mandatory DESCRIPTION "The Local Proxy Type. This value is used in interpreting the Local Proxy Value. 1 = IP V4 Address 2 = Fully Qualified Domain Name 3 = User Fully Qualified Domain Name 4 = IP V4 Address Subnet 7 = IP V4 Address Range 9 = Domain Name 10 = Global Name 11 = Key ID" ::= { vpSecurityActionEntry 5 } vpSecActLocProxyValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Local Proxy Value. See vpSecActLocProxyType for more information." ::= { vpSecurityActionEntry 6 } vpSecActLocProxyProtocol OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Local Proxy Protocol." ::= { vpSecurityActionEntry 7 } vpSecActLocProxySrcPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Local Proxy Source Port." ::= { vpSecurityActionEntry 8 } vpSecActRemProxyType OBJECT-TYPE SYNTAX INTEGER { ipV4Addr(1), fqdn(2), userFqdn(3), ipV4Subnet(4), ipV4Range(7), dn(9), gn(10), keyId(11) } ACCESS read-only STATUS mandatory DESCRIPTION "The Remote Proxy Type. This value is used in interpreting the Remote Proxy Value. 1 = IP V4 Address 2 = Fully Qualified Domain Name 3 = User Fully Qualified Domain Name 4 = IP V4 Address Subnet 7 = IP V4 Address Range 9 = Domain Name 10 = Global Name 11 = Key ID" ::= { vpSecurityActionEntry 9 } vpSecActRemProxyValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Remote Proxy Value. See vpSecActRemProxyType for more information." ::= { vpSecurityActionEntry 10 } vpSecActRemProxyProtocol OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Remote Proxy Protocol." ::= { vpSecurityActionEntry 11 } vpSecActRemProxySrcPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Remote Proxy Source Port." ::= { vpSecurityActionEntry 12 } vpSecActSaRefreshThresh OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Security Association Refresh Threshold. The value is represented as a percentage of the Security Association Lifetime or Security Association Lifesize." ::= { vpSecurityActionEntry 13 } vpSecActMinPercentRefresh OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS read-only STATUS mandatory DESCRIPTION "The minimium percentage of the Security Associations Lifetime that should be considered valid during IPSec negotiations." ::= { vpSecurityActionEntry 14 } vpSecActTunnelInTunnel OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-only STATUS mandatory DESCRIPTION "Specifies whether or not this IPSec Tunnel is protected by another tunnel." ::= { vpSecurityActionEntry 15 } vpSecActAutoStart OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Auto Start setting. When enabled the Security Association must be automatically negotiated at system initialization." ::= { vpSecurityActionEntry 16 } vpSecActDontFragBitHandling OBJECT-TYPE SYNTAX INTEGER { copyDfBit(1), setDfBit(2), clearDfBit(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec processing to perform on the Don't Fragment (DF) Bit when building a new package header. in the original 1 = Copy the DF Bit from the orginal header to the new header 2 = Set (Turn On) the DF Bit in the new header 3 = Clear (Turn Off) the DF Bit in the new header" ::= { vpSecurityActionEntry 17 } vpSecActReplayPrevention OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Replay Prevention setting." ::= { vpSecurityActionEntry 18 } vpSecActMatches OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of packet matches for this Securtiy Action." ::= { vpSecurityActionEntry 19 } -- ---------------------------------------------------------------------------- -- The Security Proposal Table -- ---------------------------------------------------------------------------- vpSecurityProposalTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityProposalEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security Proposal Table." ::= { vpSecurityAction 2 } vpSecurityProposalEntry OBJECT-TYPE SYNTAX VpSecurityProposalEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Proposal Table entry." INDEX { vpSecPropName } ::= { vpSecurityProposalTable 1} VpSecurityProposalEntry ::= SEQUENCE { vpSecPropName DisplayString, vpSecPropPrfFwdSecr INTEGER, vpSecPropDiffHellmanGrpId INTEGER } vpSecPropName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Security Proposal." ::= { vpSecurityProposalEntry 1 } vpSecPropPrfFwdSecr OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The state of the Perfect Forward Secrecy function." ::= { vpSecurityProposalEntry 2 } vpSecPropDiffHellmanGrpId OBJECT-TYPE SYNTAX INTEGER { dhGrp1(1), dhGrp2(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The Diffie Hellman Group to use in IPSec Phase-2 negotiations." ::= { vpSecurityProposalEntry 3 } -- ---------------------------------------------------------------------------- -- The Security AH Transform Table -- ---------------------------------------------------------------------------- vpSecurityAhTransTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityAhTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security AH Transform Table." ::= { vpSecurityAction 3 } vpSecurityAhTransEntry OBJECT-TYPE SYNTAX VpSecurityAhTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security AH Transform Table entry." INDEX { vpSecAhTransName } ::= { vpSecurityAhTransTable 1} VpSecurityAhTransEntry ::= SEQUENCE { vpSecAhTransName DisplayString, vpSecAhTransIntgAlgo INTEGER, vpSecAhTransEncapMode INTEGER, vpSecAhTransSaLifeTime INTEGER, vpSecAhTransSaLifeSize INTEGER } vpSecAhTransName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the AH Transform." ::= { vpSecurityAhTransEntry 1 } vpSecAhTransIntgAlgo OBJECT-TYPE SYNTAX INTEGER { hmacMd5(1), hmacSha(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The AH Integrity Algorithm." ::= { vpSecurityAhTransEntry 2 } vpSecAhTransEncapMode OBJECT-TYPE SYNTAX INTEGER { tunnel(1), transport(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The AH Encapsulation Mode." ::= { vpSecurityAhTransEntry 3 } vpSecAhTransSaLifeTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifetime of the AH Security Association. This specifies the amount of time in seconds after which the AH Security Association is renegotiated." ::= { vpSecurityAhTransEntry 4 } vpSecAhTransSaLifeSize OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifesize of the AH Security Association. This specifies the amount of traffic in Kbytes after which the AH Security Association is renegotiated." ::= { vpSecurityAhTransEntry 5 } -- ---------------------------------------------------------------------------- -- The Security ESP Transform Table -- ---------------------------------------------------------------------------- vpSecurityEspTransTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityEspTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security ESP Transform Table." ::= { vpSecurityAction 4 } vpSecurityEspTransEntry OBJECT-TYPE SYNTAX VpSecurityEspTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security ESP Transform Table entry." INDEX { vpSecEspTransName } ::= { vpSecurityEspTransTable 1} VpSecurityEspTransEntry ::= SEQUENCE { vpSecEspTransName DisplayString, vpSecEspTransEncapMode INTEGER, vpSecEspTransIntgAlgo INTEGER, vpSecEspTransCipherAlgo INTEGER, vpSecEspTransSaLifeTime INTEGER, vpSecEspTransSaLifeSize INTEGER } vpSecEspTransName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ESP Transform." ::= { vpSecurityEspTransEntry 1 } vpSecEspTransEncapMode OBJECT-TYPE SYNTAX INTEGER { tunnel(1), transport(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The ESP Encapsulation Mode." ::= { vpSecurityEspTransEntry 2 } vpSecEspTransIntgAlgo OBJECT-TYPE SYNTAX INTEGER { none(1), md5(2), sha(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The ESP Integrity Algorithm." ::= { vpSecurityEspTransEntry 3 } vpSecEspTransCipherAlgo OBJECT-TYPE SYNTAX INTEGER { none(1), des(2), des3(3), cdmf(4) } ACCESS read-only STATUS mandatory DESCRIPTION "The ESP Cipher Alogrithm." ::= { vpSecurityEspTransEntry 4 } vpSecEspTransSaLifeTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifetime of the ESP Security Association. This specifies the amount of time in seconds after which the ESP Security Association is renegotiated." ::= { vpSecurityEspTransEntry 5 } vpSecEspTransSaLifeSize OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifesize of the ESP Security Association. This specifies the amount of traffic in Kbytes after which the ESP Security Association is renegotiated." ::= { vpSecurityEspTransEntry 6 } -- ---------------------------------------------------------------------------- -- The Security IPCOMP Transform Table -- ---------------------------------------------------------------------------- vpSecurityIpcompTransTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityIpcompTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security IPCOMP Transform Table." ::= { vpSecurityAction 5 } vpSecurityIpcompTransEntry OBJECT-TYPE SYNTAX VpSecurityIpcompTransEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security IPCOMP Transform Table entry." INDEX { vpSecIpcompTransName } ::= { vpSecurityIpcompTransTable 1} VpSecurityIpcompTransEntry ::= SEQUENCE { vpSecIpcompTransName DisplayString, vpSecIpcompTransAlgo INTEGER, vpSecIpcompTransVendAlgo INTEGER, vpSecIpcompTransSaLifeTime INTEGER, vpSecIpcompTransSaLifeSize INTEGER } vpSecIpcompTransName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the IPCOMP Transform." ::= { vpSecurityIpcompTransEntry 1 } vpSecIpcompTransAlgo OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The IPCOMP Alogrithm." ::= { vpSecurityIpcompTransEntry 2 } vpSecIpcompTransVendAlgo OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The IPCOMP Vendor Alogrithm." ::= { vpSecurityIpcompTransEntry 3 } vpSecIpcompTransSaLifeTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifetime of the IPCOMP Security Association. This specifies the amount of time in seconds after which the IPCOMP Security Association is renegotiated." ::= { vpSecurityIpcompTransEntry 4 } vpSecIpcompTransSaLifeSize OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Lifesize of the IPCOMP Security Association. This specifies the amount of traffic in Kbytes after which the IPCOMP Security Association is renegotiated." ::= { vpSecurityIpcompTransEntry 5 } -- ---------------------------------------------------------------------------- -- The Security Proposal Correlation Table -- ---------------------------------------------------------------------------- vpSecurityPropCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityPropCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security Proposal Correlation Table. This table can be used to to correlate Security Actions with Security Proposals. A Security Action may be associated with one or more Security Proposals." ::= { vpSecurityAction 6 } vpSecurityPropCorEntry OBJECT-TYPE SYNTAX VpSecurityPropCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Proposal Correlation Table entry." INDEX { vpSecActName, -- from the vpSecurityActionTable vpSecCorPropOrder } ::= { vpSecurityPropCorTable 1} VpSecurityPropCorEntry ::= SEQUENCE { vpSecCorPropOrder INTEGER, vpSecCorPropRef DisplayString } vpSecCorPropOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Proposal Order for the Security Action." ::= { vpSecurityPropCorEntry 1 } vpSecCorPropRef OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the Security Proposal. This name can be used to index directly into the vpSecurityProposalTable." ::= { vpSecurityPropCorEntry 2 } -- ---------------------------------------------------------------------------- -- The Security AH Transform Correlation Table -- ---------------------------------------------------------------------------- vpSecurityAhCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityAhCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security AH Transform Correlation Table. This table can be used to correlate Security Proposals with AH Transforms. A Security Proposal may be associated with one or more AH Transforms." ::= { vpSecurityAction 7 } vpSecurityAhCorEntry OBJECT-TYPE SYNTAX VpSecurityAhCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security AH Transform Correlation Table entry." INDEX { vpSecPropName, -- from the vpSecurityProposalTable vpSecAhTransCorOrder } ::= { vpSecurityAhCorTable 1} VpSecurityAhCorEntry ::= SEQUENCE { vpSecAhTransCorOrder INTEGER, vpSecAhTransCorName DisplayString } vpSecAhTransCorOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The AH Transform Order for the Security Proposal." ::= { vpSecurityAhCorEntry 1 } vpSecAhTransCorName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the AH Transform. This name can be used to index directly into the vpSecurityAhTransformTable." ::= { vpSecurityAhCorEntry 2 } -- ---------------------------------------------------------------------------- -- The Security ESP Transform Correlation Table -- ---------------------------------------------------------------------------- vpSecurityEspCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityEspCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security ESP Transform Correlation Table. This table can be used to correlate Security Proposals with ESP Transforms. A Security Proposal may be associated with one or more ESP Transforms." ::= { vpSecurityAction 8 } vpSecurityEspCorEntry OBJECT-TYPE SYNTAX VpSecurityEspCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Security ESP Transform Correlation Table entry." INDEX { vpSecPropName, -- from the vpSecurityProposalTable vpSecEspTransCorOrder } ::= { vpSecurityEspCorTable 1} VpSecurityEspCorEntry ::= SEQUENCE { vpSecEspTransCorOrder INTEGER, vpSecEspTransCorName DisplayString } vpSecEspTransCorOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The ESP Transform Order for the Security Proposal." ::= { vpSecurityEspCorEntry 1 } vpSecEspTransCorName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the ESP Transform. This name can be used to index directly into the vpSecurityEspTransformTable." ::= { vpSecurityEspCorEntry 2 } -- ---------------------------------------------------------------------------- -- The Security IPCOMP Transform Correlation Table -- ---------------------------------------------------------------------------- vpSecurityIpcompCorTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityIpcompCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security IPCOMP Transform Correlation Table. This table can be used to correlate Security Proposals with IPCOMP Transforms. A Security Proposal may be associated with one or more IPCOMP Transforms." ::= { vpSecurityAction 9 } vpSecurityIpcompCorEntry OBJECT-TYPE SYNTAX VpSecurityIpcompCorEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Security IPCOMP Transform Correlation Table entry." INDEX { vpSecPropName, -- from the vpSecurityProposalTable vpSecIpcompTransCorOrder } ::= { vpSecurityIpcompCorTable 1} VpSecurityIpcompCorEntry ::= SEQUENCE { vpSecIpcompTransCorOrder INTEGER, vpSecIpcompTransCorName DisplayString } vpSecIpcompTransCorOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The IPCOMP Transform Order for the Security Proposal." ::= { vpSecurityIpcompCorEntry 1 } vpSecIpcompTransCorName OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The name of the IPCOMP Transform. This name can be used to index directly into the vpSecurityIpcompTransformTable." ::= { vpSecurityIpcompCorEntry 2 } -- ---------------------------------------------------------------------------- -- The Security Active Instance Table -- ---------------------------------------------------------------------------- vpSecurityActiveInstTable OBJECT-TYPE SYNTAX SEQUENCE OF VpSecurityActiveInstEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Security Active Instance Table." ::= { vpSecurityAction 10 } vpSecurityActiveInstEntry OBJECT-TYPE SYNTAX VpSecurityActiveInstEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Security Active Instance Table entry." INDEX { vpSecActName, -- from the vpSecurityActionTable vpSecActInstOrder } ::= { vpSecurityActiveInstTable 1} VpSecurityActiveInstEntry ::= SEQUENCE { vpSecActInstOrder INTEGER, vpSecActInstTunnelId INTEGER, vpSecActInstTunnelIndex INTEGER } vpSecActInstOrder OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The Active Instance Order for the Security Action." ::= { vpSecurityActiveInstEntry 1 } vpSecActInstTunnelId OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Phase-2 Tunnel ID." ::= { vpSecurityActiveInstEntry 2 } vpSecActInstTunnelIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Phase-2 Tunnel Index (ipSecTunnelIndex from the IBM IPSec MIB)." ::= { vpSecurityActiveInstEntry 3 } -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Test Group consists of a: -- 1) Policy Test Table -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- -- The Policy Test Table -- ---------------------------------------------------------------------------- vpTestPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF VpTestPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The Policy Test Table." ::= { vpTests 1 } vpTestPolicyEntry OBJECT-TYPE SYNTAX VpTestPolicyEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A Policy Test Table entry." INDEX { vpTestPolIndex } ::= { vpTestPolicyTable 1} VpTestPolicyEntry ::= SEQUENCE { vpTestPolIndex INTEGER, vpTestPolSrcAddr VpIpAddress, vpTestPolSrcPort INTEGER, vpTestPolDstAddr VpIpAddress, vpTestPolDstPort INTEGER, vpTestPolProtocol INTEGER, vpTestPolTosByte OCTET STRING, vpTestPolIngressAddr VpIpAddress, vpTestPolEgressAddr VpIpAddress, vpTestPolResult INTEGER, vpTestPolStatus INTEGER, vpTestPolRsvpPolicy DisplayString, vpTestPolRsvpAction DisplayString, vpTestPolDiffServPolicy DisplayString, vpTestPolDiffServAction DisplayString, vpTestPolIsakmpPolicy DisplayString, vpTestPolIsakmpAction DisplayString, vpTestPolIPSecPolicy DisplayString, vpTestPolIPSecAction DisplayString } vpTestPolIndex OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The index of the Policy Test Table. The value of the index is a number which was specified during row creation." ::= { vpTestPolicyEntry 1 } vpTestPolSrcAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The packet source IP Address which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 2 } vpTestPolSrcPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The packet source port which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 3 } vpTestPolDstAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The packet destination IP Address which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 4 } vpTestPolDstPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The packet destination port which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 5 } vpTestPolProtocol OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "The packet protocol which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 6 } vpTestPolTosByte OBJECT-TYPE SYNTAX OCTET STRING(SIZE(1)) ACCESS read-write STATUS mandatory DESCRIPTION "The packet Type of Service (TOS) Byte which was specified during row creation. This object may not be altered after the row is created." ::= { vpTestPolicyEntry 7 } vpTestPolIngressAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The IP address of the device interface which received the packet. An IP address of 0.0.0.0 should be used to test policies which do NOT have Ingress/Egress interface definitions." ::= { vpTestPolicyEntry 8 } vpTestPolEgressAddr OBJECT-TYPE SYNTAX VpIpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The IP address of the device interface which will be used to send the packet. An IP address of 0.0.0.0 should be used to test policies which do NOT have Ingress/Egress interface definitions." ::= { vpTestPolicyEntry 9 } vpTestPolResult OBJECT-TYPE SYNTAX INTEGER { inProgress(1), successful(2), noPolicyMatch(3) } ACCESS read-only STATUS mandatory DESCRIPTION "The result of the test." ::= { vpTestPolicyEntry 10 } vpTestPolStatus OBJECT-TYPE SYNTAX INTEGER { active(1), createAndGo(4) } ACCESS read-write STATUS mandatory DESCRIPTION "This object is used to create a new row. It may not be altered after the row is created." ::= { vpTestPolicyEntry 11 } vpTestPolRsvpPolicy OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The RSVP Policy Name found for this test. If the result of this test is successful, this object is will contain the a valid policy name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 12 } vpTestPolRsvpAction OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Rsvp Action Name found for this test. If the result of this test is successful, this object is will contain the a valid action name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 13 } vpTestPolDiffServPolicy OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Differential Services Policy Name found for this test. If the result of this test is successful, this object is will contain the a valid policy name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 14 } vpTestPolDiffServAction OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The Differential Services Action Name found for this test. If the result of this test is successful, this object is will contain the a valid action name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 15 } vpTestPolIsakmpPolicy OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Policy Name found for this test. If the result of this test is successful, this object is will contain the a valid policy name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 16 } vpTestPolIsakmpAction OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The ISAKMP Action Name found for this test. If the result of this test is successful, this object is will contain the a valid action name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 17 } vpTestPolIPSecPolicy OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Policy Name found for this test. If the result of this test is successful, this object is will contain the a valid policy name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 18 } vpTestPolIPSecAction OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "The IPSec Action Name found for this test. If the result of this test is successful, this object is will contain the a valid action name if a match was found or NULL if a match was not found. If the result is not successful, the value of this object will be NULL." ::= { vpTestPolicyEntry 19 } END