>> MIB - Management Information Base

>> Table: ipsecBundleTable - (.1.3.6.1.4.1.272.4.26.16.1)

Description: This object contains an IPSec security association.

ipsecBundleTable
OIDNameTypeAccess
.1IndexINTEGERR
.5PeerIndexINTEGERR
.6TrafficIndexINTEGERR
.7StateENUMD
.8NumSasINTEGERR
.9RoleENUMR
.10RekeyedBundleINTEGERR
.13HeartbeatsEnabledENUMR
.11RekeyingBundleINTEGERR
.12LastStateChangeTimeTicksR
.14CreatorENUMR
.17PmtuDiscoveryENUMR
.15TunnelLocalIpAddressR
.16TunnelRemoteIpAddressR
.18KeepAliveENUMR
.20LifeSecondsUnsigned32R
.21LifeKBytesUnsigned32R
.19VerifyPadENUMR
.22RekeySecondsINTEGERR
.23RekeyKBytesINTEGERR
.25LocalAddressIpAddressR
.24ProtoENUMR
.26LocalMaskLenINTEGERR
.29RemoteAddressIpAddressR
.28LocalPortINTEGERR
.27LocalRangeIpAddressR
.30RemoteMaskLenINTEGERR
.33InPktCounter64R
.32RemotePortINTEGERR
.31RemoteRangeIpAddressR
.34InHbCounter64R
.37InBytesNettoCounter64R
.35InBytesCounter64R
.40OutHbCounter64R
.41OutBytesCounter64R
.39OutPktCounter64R
.45NatTENUMR
.43OutBytesNettoCounter64R
.46NatOaLocalIpAddressR
.47NatOaRemoteIpAddressR

Index
A unique index for this entry.
PeerIndex
The index of the peer for which this bundle was created.
TrafficIndex
The index of the traffic entry for which this bundle was created.
State
The current state of the bundle
Possible values:
established(1),	  -- The bundle is alive
expired(2),	  	  -- The bundle is expired
delete (3),	  	  -- Mark this bundle for deletion
negotiating(4),	  -- This bundle is currently negotiated
rekeyed(5),	  	  -- Rekeying of bundle succeeded
heartbeat-lost(6),	  -- Heartbeat receive timeout
failed(7)	  	  -- The negotiation failed.
Enumerations:
  • established (1)
  • expired (2)
  • delete (3)
  • negotiating (4)
  • rekeyed (5)
  • heartbeat-lost (6)
  • failed (7)
NumSas
The number of SAs contained in this bundle.
Role
This object specifies by which side the SA bundle
negotiation was initiated.
Possible values:
initiator(1), -- this end initiated the negotiation 
responder(2)  -- the remote end initiated the negotiation.
Enumerations:
  • initiator (1)
  • responder (2)
RekeyedBundle
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to be replaced by that one.
HeartbeatsEnabled
This object specifies whether heartbeats are sent and/or
expected over this bundle.
Possible values:
none(1),     -- neither sending nor expecting heartbeats
expect(2), 	-- expecting heartbeats
send(3),     -- sending heartbeats
both(4)	-- sending and expecting heartbeats.
Enumerations:
  • none (1)
  • expect (2)
  • send (3)
  • both (4)
RekeyingBundle
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to replace that one.
LastStateChange
This object indicates the time in time ticks from system start
by which the state of this bundle entry was changed last. 
To determine the absolute time, the current sysUpTime must be 
subtracted from this value.
Creator
This object specifies how the SA was created
Possible values:
manual(1),-- A manually keyed IPSec SA bundle
ike(2)    -- An automatically keyed SA bundle created by IKE.
Enumerations:
  • manual (1)
  • ike (2)
PmtuDiscovery
This object specifies the initialization of the DF bit in 
outgoing IPSec packets for this bundle. It decides whether
PMTU discovery is propagated over the IPSec tunnel or not.
Possible values:
enabled(1), -- copy DF bit from original packet; propagate PMTU
disabled(2) -- clear DF bit in IPSec packet; 
-- fragment if necessary.
Enumerations:
  • disabled (1)
  • enabled (2)
TunnelLocal
The local IP address of the outer packet header. For
transport mode bundles this address is the same as the
ipsecBundleLocalAddress.
TunnelRemote
The remote IP address of the outer packet header. For
transport mode bundles, this address is the same as the
ipsecBundleRemoteAddress.
KeepAlive
This object specifies the circumstances under which this SA 
bundle will be rekeyed.
Possible values:
true(1), -- rekey even if no traffic was processed
false(2) -- rekey only if at least one packet was processed.
Enumerations:
  • true (1)
  • false (2)
LifeSeconds
The period in seconds after which this bundle will be destroyed.
LifeKBytes
The amount of data allowed to be protected by this bundle until
it is destroyed (ipsecBundleOutBytes or ipecBundleOutBytes).
VerifyPad
This object specifies the kind of padding expected for ESP SAs 
within this bundle.
Possible values:
true(1),	-- normal, self-describing ESP padding
false(2) 	-- old style ESP padding.
Enumerations:
  • true (1)
  • false (2)
RekeySeconds
The period in seconds after which this bundle will be rekeyed.
RekeyKBytes
The amount of data allowed to be protected by this bundle until
it is rekeyed (ipsecBundleOutBytes or ipecBundleOutBytes).
LocalAddress
The local address (host or network or range start address)
of the traffic selectors,
source for outbound, destination for inbound.
Proto
The protocol of the traffic selectors.
Enumerations:
  • icmp (1)
  • igmp (2)
  • ggp (3)
  • ipip (4)
  • st (5)
  • tcp (6)
  • cbt (7)
  • egp (8)
  • igp (9)
  • bbn (10)
  • nvp (11)
  • pup (12)
  • argus (13)
  • emcon (14)
  • xnet (15)
  • chaos (16)
  • udp (17)
  • mux (18)
  • dcn (19)
  • hmp (20)
  • prm (21)
  • xns (22)
  • trunk1 (23)
  • trunk2 (24)
  • leaf1 (25)
  • leaf2 (26)
  • rdp (27)
  • irtp (28)
  • isotp4 (29)
  • netblt (30)
  • mfe (31)
  • merit (32)
  • sep (33)
  • pc3 (34)
  • idpr (35)
  • xtp (36)
  • ddp (37)
  • idprc (38)
  • tp (39)
  • il (40)
  • ipv6 (41)
  • sdrp (42)
  • ipv6route (43)
  • ipv6frag (44)
  • idrp (45)
  • rsvp (46)
  • gre (47)
  • mhrp (48)
  • bna (49)
  • esp (50)
  • ah (51)
  • inlsp (52)
  • swipe (53)
  • narp (54)
  • mobile (55)
  • tlsp (56)
  • skip (57)
  • ipv6icmp (58)
  • ipv6nonxt (59)
  • ipv6opts (60)
  • ipproto-61 (61)
  • cftp (62)
  • local (63)
  • sat (64)
  • kryptolan (65)
  • rvd (66)
  • ippc (67)
  • distfs (68)
  • satmon (69)
  • visa (70)
  • ipcv (71)
  • cpnx (72)
  • cphb (73)
  • wsn (74)
  • pvp (75)
  • brsatmon (76)
  • sunnd (77)
  • wbmon (78)
  • wbexpak (79)
  • isoip (80)
  • vmtp (81)
  • securevmtp (82)
  • vines (83)
  • ttp (84)
  • nsfnet (85)
  • dgp (86)
  • tcf (87)
  • eigrp (88)
  • ospfigp (89)
  • sprite (90)
  • larp (91)
  • mtp (92)
  • ax25 (93)
  • ipwip (94)
  • micp (95)
  • scc (96)
  • etherip (97)
  • encap (98)
  • encrypt (99)
  • gmtp (100)
  • ifmp (101)
  • pnni (102)
  • pim (103)
  • aris (104)
  • scps (105)
  • qnx (106)
  • an (107)
  • ippcp (108)
  • snp (109)
  • compaq (110)
  • ipxip (111)
  • vrrp (112)
  • pgm (113)
  • hop0 (114)
  • l2tp (115)
  • ipproto-116 (116)
  • ipproto-117 (117)
  • ipproto-118 (118)
  • ipproto-119 (119)
  • ipproto-120 (120)
  • ipproto-121 (121)
  • ipproto-122 (122)
  • ipproto-123 (123)
  • ipproto-124 (124)
  • ipproto-125 (125)
  • ipproto-126 (126)
  • ipproto-127 (127)
  • ipproto-128 (128)
  • ipproto-129 (129)
  • ipproto-130 (130)
  • ipproto-131 (131)
  • ipproto-132 (132)
  • ipproto-133 (133)
  • ipproto-134 (134)
  • ipproto-135 (135)
  • ipproto-136 (136)
  • ipproto-137 (137)
  • ipproto-138 (138)
  • ipproto-139 (139)
  • ipproto-140 (140)
  • ipproto-141 (141)
  • ipproto-142 (142)
  • ipproto-143 (143)
  • ipproto-144 (144)
  • ipproto-145 (145)
  • ipproto-146 (146)
  • ipproto-147 (147)
  • ipproto-148 (148)
  • ipproto-149 (149)
  • ipproto-150 (150)
  • ipproto-151 (151)
  • ipproto-152 (152)
  • ipproto-153 (153)
  • ipproto-154 (154)
  • ipproto-155 (155)
  • ipproto-156 (156)
  • ipproto-157 (157)
  • ipproto-158 (158)
  • ipproto-159 (159)
  • ipproto-160 (160)
  • ipproto-161 (161)
  • ipproto-162 (162)
  • ipproto-163 (163)
  • ipproto-164 (164)
  • ipproto-165 (165)
  • ipproto-166 (166)
  • ipproto-167 (167)
  • ipproto-168 (168)
  • ipproto-169 (169)
  • ipproto-170 (170)
  • ipproto-171 (171)
  • ipproto-172 (172)
  • ipproto-173 (173)
  • ipproto-174 (174)
  • ipproto-175 (175)
  • ipproto-176 (176)
  • ipproto-177 (177)
  • ipproto-178 (178)
  • ipproto-179 (179)
  • ipproto-180 (180)
  • ipproto-181 (181)
  • ipproto-182 (182)
  • ipproto-183 (183)
  • ipproto-184 (184)
  • ipproto-185 (185)
  • ipproto-186 (186)
  • ipproto-187 (187)
  • ipproto-188 (188)
  • ipproto-189 (189)
  • ipproto-190 (190)
  • ipproto-191 (191)
  • ipproto-192 (192)
  • ipproto-193 (193)
  • ipproto-194 (194)
  • ipproto-195 (195)
  • ipproto-196 (196)
  • ipproto-197 (197)
  • ipproto-198 (198)
  • ipproto-199 (199)
  • ipproto-200 (200)
  • ipproto-201 (201)
  • ipproto-202 (202)
  • ipproto-203 (203)
  • ipproto-204 (204)
  • ipproto-205 (205)
  • ipproto-206 (206)
  • ipproto-207 (207)
  • ipproto-208 (208)
  • ipproto-209 (209)
  • ipproto-210 (210)
  • ipproto-211 (211)
  • ipproto-212 (212)
  • ipproto-213 (213)
  • ipproto-214 (214)
  • ipproto-215 (215)
  • ipproto-216 (216)
  • ipproto-217 (217)
  • ipproto-218 (218)
  • ipproto-219 (219)
  • ipproto-220 (220)
  • ipproto-221 (221)
  • ipproto-222 (222)
  • ipproto-223 (223)
  • ipproto-224 (224)
  • ipproto-225 (225)
  • ipproto-226 (226)
  • ipproto-227 (227)
  • ipproto-228 (228)
  • ipproto-229 (229)
  • ipproto-230 (230)
  • ipproto-231 (231)
  • ipproto-232 (232)
  • ipproto-233 (233)
  • ipproto-234 (234)
  • ipproto-235 (235)
  • ipproto-236 (236)
  • ipproto-237 (237)
  • ipproto-238 (238)
  • ipproto-239 (239)
  • ipproto-240 (240)
  • ipproto-241 (241)
  • ipproto-242 (242)
  • ipproto-243 (243)
  • ipproto-244 (244)
  • ipproto-245 (245)
  • ipproto-246 (246)
  • ipproto-247 (247)
  • ipproto-248 (248)
  • ipproto-249 (249)
  • ipproto-250 (250)
  • ipproto-251 (251)
  • ipproto-252 (252)
  • ipproto-253 (253)
  • ipproto-254 (254)
  • dont-verify (255)
LocalMaskLen
The local network masklen of the traffic selectors,
source for outbound, destination for inbound.
RemoteAddress
The remote address (host or network or range start address)
of the traffic selectors
source for outbound, destination for inbound.
LocalPort
The local port of the traffic selectors,
source for outbound, destination for inbound.
LocalRange
The local address range end address of the traffic selectors,
source for outbound, destination for inbound.
RemoteMaskLen
The remote network masklen of the traffic selectors
source for outbound, destination for inbound.
InPkt
The total number of inbound packets processed by this bundle.
RemotePort
The remote port of the traffic selectors
source for outbound, destination for inbound.
RemoteRange
The remote address range end address of the traffic selectors
source for outbound, destination for inbound.
InHb
The number of heartbeat packets received over this bundle.
InBytesNetto
The number of inbound bytes (netto: IPSec headers excluded) 
processed by this bundle.
InBytes
The number of inbound bytes (including IPSec overhead) 
processed by this bundle.
OutHb
The number of heartbeat packets sent for this bundle.
OutBytes
The number of outbound bytes (including IPSec overhead) 
processed by this bundle.
OutPkt
The total number of outbound packets processed by this bundle.
NatT
This object specifies if the udp encapsulation of ESP packets
is active within this bundle.
Possible values:
enabled(1), -- use udp encapsulation
disabled(2) -- do not use udp encapsulation.
Enumerations:
  • enabled (1)
  • disabled (2)
OutBytesNetto
The number of outbound bytes (netto: IPSec headers excluded) 
processed by this bundle.
NatOaLocal
The local IP address as seen by the remote side.
Only valid for transport mode bundles with NatT enabled.
NatOaRemote
The remote IP address as seen by the remote side.
Only valid for transport mode bundles with NatT enabled.


MIB Reference to Software Version 7.5.1 generated on 2006/08/03. Provided by webmaster@funkwerk-ec.com
Copyright ©2006 by Funkwerk Enterprise Communications GmbH