CISCO-IP-ENCRYPTION-MIB Download

cieConfiguredAlgorithms

Type of encryption configured on a particular router, encoded as a bit-string. A router can support multiple encryption algorithms i.e. 56 bit des with 8 bit cipher feedback AND 40 bit des with 64 bit cipher feedback. ::= { cieConfig 1 } SYNTAX Integer32 ...

cieNumberOfCryptoEngines

Total number of encryption engines.

cieEngineStatusTable

A table describing status of all encryption engines present within the router.

cieEngineStatusEntry

Each entry in this table describes public key associated with each engine, with its unique ID. In case of hardware assisted encryption each entry also describes status of encryption port adaptor.

cieEngineID

Unique value identifying the crypto engine, in case of RP and other software only platforms, this is the processor ID. In case of ESA, this will be a unique ID retrieved from ESA.

cieEngineCardIndex

Corresponds to cardIndex in the chassis mib, if value is 0 then this is a software encryption engine.

cieEnginePublicKey

Public key for a particular crypto engine.

cieEsaTampered

Indicates whether encryption port adaptor has been tampered with. NOTE: This object is not present for software encryption engines.

cieEsaAuthenticated

Indicates whether encryption port adaptor has been properly authenticated for this router. NOTE: This object is not present for software encryption engines.

cieEsaMode

Indicates current operating mode of the ESA card. This variable directly corresponds to LED status shown on ESA. NOTE: This object is not present for software encryption engines.

cieNumberOfConnections

Total number of active, pending and dead crypto connections.

cieConnTable

A table that describes all encrypted IP traffic created by the router, between the protected entity (cieProtectedAddr) and the unprotected entity (cieUnprotectedAddr). Each entry in this table describes a virtual encrypted IP tunnel.

cieConnEntry

This entry describes a connection viz. the protected and unprotected node, status of the connection and number of packets encrypted, decrypted per connection and algorithm used for encrypting data. Each entry also contains a pointer to crypto engine that ...

cieConnIndex

A monotonically increasing integer for the sole purpose of indexing the cieConnTable. When it reaches the maximum value, the agent wraps the value back to 1 and may flush existing entries.

cieProtectedAddr

The IP address for protected (secure) node.

cieUnprotectedAddr

The IP address of the unprotected (insecure) node in the network.

cieConnStatus

Integer describing status/type of connection. The pending and bad connections may be removed after 4 minutes of non-activity. Open (active) connections may be removed if they have not transmitted/received traffic in the last cieEncryptionKeyTimeout minute ...

ciePktsEncrypted

Total number of packets encrypted for this connection.

ciePktsDecrypted

Total number of packets decrypted for this connection.

ciePktsDropped

Total number of packets dropped for this connection. The packets are dropped only in cases where encryption keys are not established between the protected entity and the unprotected entity. An increase in this value indicates the possibility of mis-confi ...

cieLocalTimeEstablished

Value of sysUpTime at which the connection was established or re-established.

cieAlgorithmType

Type of encryption algorithm used for this connection.

cieTestConnTable

A table of test crypto session entries.

cieTestConnEntry

A encryption test entry. A management station wishing to create an entry should first generate a pseudo-random serial number to be used as the index to this sparse table. The station should then create the associated instance of the row status and row ow ...

cieTestConnSerialNumber

Object which specifies a unique entry in the cieTestConnTable. A management station wishing to initiate a crypto session test operation should use a pseudo-random value for this object when creating an instance of a cieTestConnEntry. The RowStatus semant ...

cieTestConnProtectedAddr

The IP address of the protected (secure) node, for the test connection.

cieTestConnUnprotectedAddr

The IP address of the unprotected (insecure) node for the test connection.

cieTestConnTrapOnCompletion

Specifies whether or not a cieTestCompletion trap should be issued on completion of test crypto session. If such a trap is desired, it is the responsibility of the management entity to ensure that the SNMP administrative model is configured in such a way ...

cieTestConnCryptoMapName

Specifies name of the crypto map already configured on the router. A crypto map along with its tag number fully specifies the enryption policy, such as type of algorithm to be used, the name of the peer router and access list.

cieTestConnCryptoMapTagNumber

Specifies tag number of the crypto map already configured on the router. A crypto map along with its tag number fully specifies the enryption policy, such as type of algorithm to be used, the name of the peer router and access list.

cieTestConnSessionStatus

Set to a value that indicates whether a crypto session was successfully established, failed or the connection establishment process is in progress. If the specified crypto map is not configured, value is set to badCryptoMapName.

cieTestConnEntryOwner

The entity that configured this entry.

cieTestConnEntryStatus

The status of this table entry. Once the entry status is set to active, the associate entry cannot be modified until the sequence completes (cieTestConnSessionStatus has value other than inprogress ).

cieMIBGroup

A collection of objects providing information about IP crypto subsystem.