home *** CD-ROM | disk | FTP | other *** search

---

/ Thomson (Residential) / TGSTPv7203.iso / mac / SNMP_MIBs / extended / IPSEC-FLOW-MIB-TC.mib

< prev

next >

Wrap

Text File  |  2008-02-08  |  8KB  |  276 lines

---

1.    IPSEC-FLOW-MIB-TC DEFINITIONS ::= BEGIN
2.  
3.    IMPORTS
4. --      ant                                   FROM SYSTEM-MIB
5.       MODULE-IDENTITY               FROM SNMPv2-SMI
6.    -- mib-2                  FROM RFC1213-MIB
7.       TEXTUAL-CONVENTION          FROM SNMPv2-TC;
8.  
9.    ipsecFlowMibTC MODULE-IDENTITY
10.       LAST-UPDATED "200302171158Z"
11.          ORGANIZATION "Tivoli Systems and Cisco Systems"
12.          CONTACT-INFO
13.             "Tivoli Systems
14.              Research Triangle Park, NC
15.  
16.              Cisco Systems
17.              170 W Tasman Drive
18.              San Jose, CA  95134
19.              USA
20.  
21.              Tel: +1 800 553-NETS
22.              E-mail: cs-ipsecmib@external.cisco.com
23.                      bret_harrison@tivoli.com"
24.  
25.       DESCRIPTION  "This MIB module defines the textual conventions
26.            used    in the IPsec Flow Monitoring MIB. This includes 
27.            Internet DOI numbers defined in RFC 2407, ISAKMP numbers 
28.            defined in RFC 2408,    and IKE    numbers    defined    in RFC 2409.
29.  
30.            Revision control of this document after publication
31.            will be under the authority of the IANA."
32.  
33.    -- Placeholder anchor
34.           ::= { experimental 170 }
35.          -- ::= { ant 10 }
36.  
37.  
38.  
39.  
40.  
41.  
42.    -- +++++++++++++++++++++++++++++++++++++++++++++++++++
43.    -- Standard Textual Conventions
44.    -- +++++++++++++++++++++++++++++++++++++++++++++++++++
45.  
46.       ControlProtocol  ::= TEXTUAL-CONVENTION
47.          DISPLAY-HINT "d"
48.          STATUS     current
49.          DESCRIPTION
50.             "The protocol used for keying and control. The value of 
51.         cp_none indicate manual administration of IPsec tunnels. 
52.         This enumeration will be expanded as new keying protocols 
53.         are standardized."
54.  
55.          SYNTAX INTEGER {
56.                    reserved(0),
57.                    cpNone(1),
58.                    cpIkev1(2),
59.                    cpIkev2(3),
60.                    cpKink(4),
61.                    cpOther(5)
62.                 }
63.  
64.       Phase1PeerIdentityType  ::= TEXTUAL-CONVENTION
65.          DISPLAY-HINT "d"
66.          STATUS     current
67.          DESCRIPTION
68.             "The type of IPsec Phase-1 peer identity.
69.             The peer may be identified by one of the
70.             ID types defined in IPSEC DOI.
71.  
72.         id_dn represent the binary DER encoding of the 
73.         identity."
74.  
75.          SYNTAX INTEGER {
76.                    reserved(0),
77.                    idIpv4Addr(1),
78.                    idFqdn(2),
79.                    idDn(3),
80.                    idIpv6Addr(4),
81.                    idUserFqdn(5),
82.                    idIpv4AddrSubnet(6),
83.                    idIpv6AddrSubnet(7),
84.                    idIpv4AddrRange(8),
85.                    idIpv6AddrRange(9),
86.                    idDerAsn1Gn(10),
87.                    idKeyId(11)
88.  
89.  
90.  
91.  
92.  
93.                 }
94.  
95.       IkeNegoMode  ::= TEXTUAL-CONVENTION
96.          DISPLAY-HINT "d"
97.          STATUS     current
98.          DESCRIPTION
99.             "The IPsec Phase-1 IKE negotiation mode."
100.          SYNTAX INTEGER {
101.                    reserved(0),
102.                    main(1),
103.                    aggressive(2)
104.                 }
105.  
106.       IkeHashAlgo   ::= TEXTUAL-CONVENTION
107.          DISPLAY-HINT "d"
108.          STATUS     current
109.          DESCRIPTION
110.             "The hash algorithm used in IPsec Phase-1
111.             IKE negotiations."
112.          SYNTAX INTEGER {
113.                    reserved(0),
114.                    md5(1),
115.                    sha(2),
116.                    tiger(3),
117.                    sha256(4),
118.                    sha384(5),
119.                    sha512(6)
120.                 }
121.  
122.       IkeAuthMethod ::= TEXTUAL-CONVENTION
123.          DISPLAY-HINT "d"
124.          STATUS     current
125.          DESCRIPTION
126.             "The authentication method used in IPsec Phase-1 IKE
127.              negotiations."
128.          SYNTAX INTEGER {
129.                    reserved(0),
130.                    preSharedKey(1),
131.                    dssSignature(2),
132.                    rsaSignature(3),
133.                    rsaEncryption(4),
134.                    revRsaEncryption(5),
135.                    elGamalEncryption(6),
136.                    revElGamalEncryption(7),
137.                    ecsdaSignature(8),
138.                    gssApiV1(9),
139.                    gssApiV2(10)
140.  
141.  
142.  
143.  
144.  
145.                 }
146.  
147.       DiffHellmanGrp ::= TEXTUAL-CONVENTION
148.          DISPLAY-HINT "d"
149.          STATUS     current
150.          DESCRIPTION
151.             "The Diffie Hellman Group used in negotiations.
152.                    reserved       -- reserved groups
153.                    modp768        -- 768-bit MODP
154.                    modp1024       -- 1024-bit MODP
155.            modp1536       -- 1536-bit MODP group
156.                    ec2nGP155      -- EC2N group on GP[2^155]
157.                    ec2nGP185      -- EC2N group on GP[2^185]
158.                    ec2nGF163      -- EC2N group over GF[2^163]
159.                    ec2nGF283      -- EC2N group over GF[2^283]
160.                    ec2nGF409      -- EC2N group over GF[2^409]
161.                    ec2nGF571      -- EC2N group over GF[2^571]
162.             "
163.          SYNTAX INTEGER {
164.                    reserved(0),
165.                    modp768(1),
166.                    modp1024(2),
167.                    ec2nGP155(3),
168.                    ec2nGP185(4),
169.            modp1536(5),          -- 1536-bit MODP group
170.                    ec2nGF163(6),
171.                    ec2nGF283(8),
172.                    ec2nGF409(10),
173.                    ec2nGF571(12)
174.                 }
175.  
176.       EncapMode  ::= TEXTUAL-CONVENTION
177.          DISPLAY-HINT "d"
178.          STATUS     current
179.          DESCRIPTION
180.             "The encapsulation mode used by an IPsec Phase-2
181.             Tunnel."
182.          SYNTAX INTEGER{
183.                   reserved(0),
184.                   tunnel(1),
185.                   transport(2)
186.                 }
187.  
188.       EncryptAlgo   ::= TEXTUAL-CONVENTION
189.          DISPLAY-HINT "d"
190.          STATUS     current
191.          DESCRIPTION
192.  
193.  
194.  
195.  
196.  
197.             "The encryption algorithm used in negotiations."
198.          SYNTAX INTEGER {
199.                    reserved(0),
200.                    espDes(1),
201.                    esp3des(2),
202.                    espRc5(3),
203.                    espIdea(4),
204.                    espCast(5),
205.                    espBlowfish(6),
206.                    esp3idea(7),
207.                    espRc4(8),
208.                    espNull(9),
209.                    espAes(10)
210.                 }
211.  
212.       Spi  ::= TEXTUAL-CONVENTION
213.          DISPLAY-HINT "x"
214.          STATUS     current
215.          DESCRIPTION
216.             "The type of the SPI associated with IPsec Phase-2 security
217.             associations."
218.          SYNTAX INTEGER (256..4294967295)
219.  
220.       AuthAlgo      ::= TEXTUAL-CONVENTION
221.          DISPLAY-HINT "d"
222.          STATUS     current
223.          DESCRIPTION
224.             "The authentication algorithm used by a
225.              security association of an IPsec Phase-2 Tunnel."
226.          SYNTAX INTEGER{
227.                    reserved(0),
228.                    hmacMd5(2),
229.                    hmacSha(3),
230.                    desMac(4),
231.                    hmacSha256(5),
232.                    hmacSha384(6),
233.                    hmacSha512(7),
234.                    ripemd(8)
235.                 }
236.  
237.       CompAlgo      ::= TEXTUAL-CONVENTION
238.          DISPLAY-HINT "d"
239.          STATUS     current
240.          DESCRIPTION
241.             "The compression algorithm used by a
242.              security association of an IPsec Phase-2 Tunnel."
243.          SYNTAX INTEGER{
244.  
245.  
246.  
247.  
248.  
249.                    reserved(0),
250.                    compOui(1),
251.                    compDeflate(2),
252.                    compLzs(3),
253.                    compLzjh(4)
254.                 }
255.  
256.       EndPtType     ::= TEXTUAL-CONVENTION
257.          DISPLAY-HINT "d"
258.          STATUS     current
259.          DESCRIPTION
260.             "The type of identity use to specify an IPsec End Point."
261.          SYNTAX INTEGER {
262.                    reserved(0),
263.                    idIpv4Addr(1),
264.                    idFqdn(2),
265.                    idUserFqdn(3),
266.                    idIpv4AddrSubnet(4),
267.                    idIpv6Addr(5),
268.                    idIpv6AddrSubnet(6),
269.                    idIpv4AddrRange(7),
270.                    idIpv6AddrRange(8),
271.                    idDerAsn1Dn(9),
272.                    idDerAsn1Gn(10),
273.                    idKeyId(11)
274.                 }
275.    END
276.