CISCO-IPSEC-FLOW-MONITOR-MIB

lemmocisco — Fri, 21 Feb 2020 12:07:40 GMT

Hi,

I have a 7600 used for ipsec encryption.

I would like to catch the ipsec related trap but the cisco documentation is incomplete.

For instance let's consider the "cipSecTunnelStart" trap

On the cisco web site

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=cipSecTunnelStart&translate=Translate&submitValue=SUBMIT&submitClicked=true

it says it has two Components: cipSecTunLifeTime & cipSecTunLifeSize

while if I run a "debug snmp packet" on the machine I have the following output:

sysUpTime.0 = 371592487
snmpTrapOID.0 = cipSecTunnelStart
cipSecTunLifeTime.7 = 3600
cipSecTunLifeSize.7 = 4508392
cipSecEndPtLocalType.7.1 = 1
cipSecEndPtLocalAddr1.7.1 = 0C 11 aa E6
cipSecEndPtLocalAddr2.7.1 = 0C 11 aa E6
cipSecEndPtRemoteType.7.1 = 1
cipSecEndPtRemoteAddr1.7.1 = 0C 02 bb F2
cipSecEndPtRemoteAddr2.7.1 = 0C 02 bb F2
cipSecEndPtLocalProtocol.7.1 = 47
cipSecEndPtLocalPort.7.1 = 0

which gives more useful informations for the tunnel identification.

I would like to know the real strucutre of other traps like cipSecEarlyTunTerm ("This notification is generated when an an IPsec Phase-2 Tunnel is terminated earily or before expected.") and cipSecProtocolFailure ("This notification is generated when the processing for an IPsec Phase-2 Tunnel experiences a protocol related error.") but I am not able to force their generation from the command line.

Do you know how to force their generation?

Do you know where can I find informations about the real trap returned value?

Thank you all!

Re: CISCO-IPSEC-FLOW-MONITOR-MIB

wzhang — Wed, 20 Oct 2010 14:38:17 GMT

Hi,

As far as I know, cipSecEarlyTunTerm and cipSecProtocolFailure traps are not sent in IOS today. Hope this helps.

Thanks,

Wen

Re: CISCO-IPSEC-FLOW-MONITOR-MIB

lemmocisco — Tue, 26 Oct 2010 11:03:01 GMT

Hi ,

thank you for answering.

Do you know how I can check wheter they are implemented or not?

I tried the "show snmp mib" command but id doesn't even show up the "cipSecTunnelStart" mib

here is the output of all the lines brginning with cipsec

cipSecMibLevel
cipSecGlobalActiveTunnels
cipSecGlobalPreviousTunnels
cipSecGlobalInOctets
cipSecGlobalHcInOctets
cipSecGlobalInOctWraps
cipSecGlobalInDecompOctets
cipSecGlobalHcInDecompOctets
cipSecGlobalInDecompOctWraps
cipSecGlobalInPkts
cipSecGlobalInDrops
cipSecGlobalInReplayDrops
cipSecGlobalInAuths
cipSecGlobalInAuthFails
cipSecGlobalInDecrypts
cipSecGlobalInDecryptFails
cipSecGlobalOutOctets
cipSecGlobalHcOutOctets
cipSecGlobalOutOctWraps
cipSecGlobalOutUncompOctets
cipSecGlobalHcOutUncompOctets
cipSecGlobalOutUncompOctWraps
cipSecGlobalOutPkts
cipSecGlobalOutDrops
cipSecGlobalOutAuths
cipSecGlobalOutAuthFails
cipSecGlobalOutEncrypts
cipSecGlobalOutEncryptFails
cipSecGlobalProtocolUseFails
cipSecGlobalNoSaFails
cipSecGlobalSysCapFails
cipSecTunIkeTunnelIndex
cipSecTunIkeTunnelAlive
cipSecTunLocalAddr
cipSecTunRemoteAddr
cipSecTunKeyType
cipSecTunEncapMode
cipSecTunLifeSize
cipSecTunLifeTime
cipSecTunActiveTime
cipSecTunSaLifeSizeThreshold
cipSecTunSaLifeTimeThreshold
cipSecTunTotalRefreshes
cipSecTunExpiredSaInstances
cipSecTunCurrentSaInstances
cipSecTunInSaDiffHellmanGrp
cipSecTunInSaEncryptAlgo
cipSecTunInSaAhAuthAlgo
cipSecTunInSaEspAuthAlgo
cipSecTunInSaDecompAlgo
cipSecTunOutSaDiffHellmanGrp
cipSecTunOutSaEncryptAlgo
cipSecTunOutSaAhAuthAlgo
cipSecTunOutSaEspAuthAlgo
cipSecTunOutSaCompAlgo
cipSecTunInOctets
cipSecTunHcInOctets
cipSecTunInOctWraps
cipSecTunInDecompOctets
cipSecTunHcInDecompOctets
cipSecTunInDecompOctWraps
cipSecTunInPkts
cipSecTunInDropPkts
cipSecTunInReplayDropPkts
cipSecTunInAuths
cipSecTunInAuthFails
cipSecTunInDecrypts
cipSecTunInDecryptFails
cipSecTunOutOctets
cipSecTunHcOutOctets
cipSecTunOutOctWraps
cipSecTunOutUncompOctets
cipSecTunHcOutUncompOctets
cipSecTunOutUncompOctWraps
cipSecTunOutPkts
cipSecTunOutDropPkts
cipSecTunOutAuths
cipSecTunOutAuthFails
cipSecTunOutEncrypts
cipSecTunOutEncryptFails
cipSecTunStatus
cipSecEndPtLocalName
cipSecEndPtLocalType
cipSecEndPtLocalAddr1
cipSecEndPtLocalAddr2
cipSecEndPtLocalProtocol
cipSecEndPtLocalPort
cipSecEndPtRemoteName
cipSecEndPtRemoteType
cipSecEndPtRemoteAddr1
cipSecEndPtRemoteAddr2
cipSecEndPtRemoteProtocol
cipSecEndPtRemotePort
cipSecSpiDirection
cipSecSpiValue
cipSecSpiProtocol
cipSecSpiStatus
cipSecHistTableSize
cipSecHistCheckPoint
cipSecTunHistTermReason
cipSecTunHistActiveIndex
cipSecTunHistIkeTunnelIndex
cipSecTunHistLocalAddr
cipSecTunHistRemoteAddr
cipSecTunHistKeyType
cipSecTunHistEncapMode
cipSecTunHistLifeSize
cipSecTunHistLifeTime
cipSecTunHistStartTime
cipSecTunHistActiveTime
cipSecTunHistTotalRefreshes
cipSecTunHistTotalSas
cipSecTunHistInSaDiffHellmanGrp
cipSecTunHistInSaEncryptAlgo
cipSecTunHistInSaAhAuthAlgo
cipSecTunHistInSaEspAuthAlgo
cipSecTunHistInSaDecompAlgo
cipSecTunHistOutSaDiffHellmanGrp
cipSecTunHistOutSaEncryptAlgo
cipSecTunHistOutSaAhAuthAlgo
cipSecTunHistOutSaEspAuthAlgo
cipSecTunHistOutSaCompAlgo
cipSecTunHistInOctets
cipSecTunHistHcInOctets
cipSecTunHistInOctWraps
cipSecTunHistInDecompOctets
cipSecTunHistHcInDecompOctets
cipSecTunHistInDecompOctWraps
cipSecTunHistInPkts
cipSecTunHistInDropPkts
cipSecTunHistInReplayDropPkts
cipSecTunHistInAuths
cipSecTunHistInAuthFails
cipSecTunHistInDecrypts
cipSecTunHistInDecryptFails
cipSecTunHistOutOctets
cipSecTunHistHcOutOctets
cipSecTunHistOutOctWraps
cipSecTunHistOutUncompOctets
cipSecTunHistHcOutUncompOctets
cipSecTunHistOutUncompOctWraps
cipSecTunHistOutPkts
cipSecTunHistOutDropPkts
cipSecTunHistOutAuths
cipSecTunHistOutAuthFails
cipSecTunHistOutEncrypts
cipSecTunHistOutEncryptFails
cipSecEndPtHistTunIndex
cipSecEndPtHistActiveIndex
cipSecEndPtHistLocalName
cipSecEndPtHistLocalType
cipSecEndPtHistLocalAddr1
cipSecEndPtHistLocalAddr2
cipSecEndPtHistLocalProtocol
cipSecEndPtHistLocalPort
cipSecEndPtHistRemoteName
cipSecEndPtHistRemoteType
cipSecEndPtHistRemoteAddr1
cipSecEndPtHistRemoteAddr2
cipSecEndPtHistRemoteProtocol
cipSecEndPtHistRemotePort
cipSecFailTableSize
cipSecFailReason
cipSecFailTime
cipSecFailTunnelIndex
cipSecFailSaSpi
cipSecFailPktSrcAddr
cipSecFailPktDstAddr
cipSecTrapCntlIkeTunnelStart
cipSecTrapCntlIkeTunnelStop
cipSecTrapCntlIkeSysFailure
cipSecTrapCntlIkeCertCrlFailure
cipSecTrapCntlIkeProtocolFail
cipSecTrapCntlIkeNoSa
cipSecTrapCntlIpSecTunnelStart
cipSecTrapCntlIpSecTunnelStop
cipSecTrapCntlIpSecSysFailure
cipSecTrapCntlIpSecSetUpFailure
cipSecTrapCntlIpSecEarlyTunTerm
cipSecTrapCntlIpSecProtocolFail
cipSecTrapCntlIpSecNoSa

Re: CISCO-IPSEC-FLOW-MONITOR-MIB

wzhang — Wed, 27 Oct 2010 13:56:36 GMT

Hi,

I'm not sure if there's a way for you to check. I was one of the reviewers when the IPSec MIB was initially implemented, and I remember those traps were defined but not implemented at the time.

Thanks,

Wen

topic Re: CISCO-IPSEC-FLOW-MONITOR-MIB in Network Security

CISCO-IPSEC-FLOW-MONITOR-MIB

Re: CISCO-IPSEC-FLOW-MONITOR-MIB

Re: CISCO-IPSEC-FLOW-MONITOR-MIB

Re: CISCO-IPSEC-FLOW-MONITOR-MIB