-- =============================================================================
-- Copyright (C) 2022 by HUAWEI SYMANTEC TECHNOLOGIES. All rights reserved.  
-- Description: The MIB is designed to get IPSec tunnels' statistic information. 
-- Reference: Huawei Enterprise MIB
-- Version: V1.24
-- History: 
--          V1.0 The initial version created by LiShengbai 90004270. 
-- =============================================================================

HUAWEI-SECURITY-IPSEC-MIB DEFINITIONS ::= BEGIN
 
	IMPORTS
	        Gauge32, IpAddress, Counter64, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
	             FROM SNMPv2-SMI
	        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
	             FROM SNMPv2-CONF
	        enterprises
	             FROM RFC1155-SMI
                Ipv6Address
                     FROM IPV6-TC;               

	            
	hwIpsec MODULE-IDENTITY 
	        LAST-UPDATED "202206131540Z"        --June 13, 2022 at 15:48 GMT
	        ORGANIZATION 
	            "Huawei Technologies Co.,Ltd."
	        CONTACT-INFO 
	            "Huawei Industrial Base
  						 Bantian, Longgang
               Shenzhen 518129
               People's Republic of China
               Website: http://www.huawei.com
               Email: support@huawei.com"
                      DESCRIPTION 
                               "V1.24 fix hwIPSecTunnelStatusChange description."
                               REVISION    "202206131540Z"
	              DESCRIPTION
                               "V1.23 add hwIPSecTunnelPolicyAlias for hwIPSecTunnelStatusChange."
                               REVISION    "202110071449Z"
		      DESCRIPTION
                               "V1.22 add add hwIPSecTunnelStatusChange."
                               REVISION    "202110071449Z"
		       DESCRIPTION
                               "V1.21 add add hwIPSecTrapOprPri."
                               REVISION    "202106181210Z"
	               DESCRIPTION
                               "V1.20 add add hwIPSecLowSecurityLevel."
                               REVISION    "202105121000Z"
	               DESCRIPTION 
                               "V1.19 add add hwIPSecGlobalBytesPerSecondIn, hwIPSecGlobalBytesPerSecondOut."
                               REVISION    "202103231000Z"
                       DESCRIPTION 
                               "V1.18 fix syntax errors."
                               REVISION    "202008281500Z"
                       DESCRIPTION 
                               "V1.17 fix syntax errors."
                               REVISION    "202007161500Z"
                       DESCRIPTION 
                               "V1.16 add hwIPSecTrapTunnelDstIPMask, hwIPSecTrapRouteNextHope."
                               REVISION    "202004151500Z"

                        DESCRIPTION 
                              "V1.15 add opr route miss warning."
                               REVISION    "202004141500Z"   
                        DESCRIPTION 
                              "V1.14 add hwIPSecTunnelBytesPerSecondIn, hwIPSecTunnelBytesPerSecondOut, hwIPSecTunnelPacketsPerSecondIn, hwIPSecTunnelPacketsPerSecondOut, hwIPSecTunnelErrPacketsPerSecondIn, hwIPSecTunnelErrPacketsPerSecondOut, hwIPSecTunnelErrPacketsIn,            hwIPSecTunnelErrPacketsOut at 2018-08-08."
                            REVISION    "201808081500Z"

                        DESCRIPTION 
                              "V1.13 add hwIPSecTunnelDstIPv6, hwIPSecTunnelInsideIPv6,  hwIPSecTunnelSrcIPv6at 2018-07-24."
                             REVISION    "201807241500Z"
                        DESCRIPTION 
                              "V1.12 add hwIPSecInitiator at 2018-05-21."
                             REVISION    "201805211500Z"
                        DESCRIPTION 
                              "V1.10 add hwIPSecTunnelHaveReachMax at 2018-03-21."
                             REVISION    "201803211500Z"
                        DESCRIPTION 
                              "V1.10 change the position of hwIPSecTunnelFlowInfo in hwIPSecTunnelStart and hwIPSecTunnnelStop at 2018-01-17."
                             REVISION    "201801171500Z"
                        DESCRIPTION 
                              "V1.09 add hwIPSecSaStatisticsTable  and add hwIPSecTunnelFlowInfo to hwIPSecTunnelStart and hwIPSecTunnnelStop  at 2017-11-21."
                             REVISION    "201711211500Z"                            
                        DESCRIPTION 
                             "V1.09 add hwIPSecTunnelSlotID at 2017-09-27."
                             REVISION    "201709291500Z"
                        DESCRIPTION 
                             "V1.08 add hwIPSecIfName at 2017-05-10."
                             REVISION    "201705101500Z"

                        DESCRIPTION 
                             "V1.07 add hwIPSec Vsys Name at 2016-12-06."
                             REVISION    "201612061500Z"

                        DESCRIPTION 
                             "V1.06 add hwIPSecTrapTunnelOfflineReason and add this node to hwIPSecTunnelStop at 2016-10-25."
                             REVISION    "201610251500Z"
 
                        DESCRIPTION 
                             "V1.05 modify hwIPSecNegoFail at 2016-06-23."
                             REVISION    "201606231500Z"

	    DESCRIPTION 
                             "V1.04 modify hwIPSecTunnelLifeSize at 2015-07-13."
                             REVISION    "201507131500Z"
                          DESCRIPTION
	            "V1.03 The IPSec mib is for Eudemon and USG product series."
                             REVISION    "201505281500Z"
                          DESCRIPTION 
	            "V1.00 The IPSec mib is for Eudemon and USG product series."
                             REVISION    "201505051900Z"

	        DESCRIPTION
	            "Modify hwIPSecNegoFail at 2015-05-05."
	        REVISION    "201504281900Z"
	        DESCRIPTION
	            "Add type of hwIPSecNegoFail at 2015-04-28." 

	        REVISION    "200910100900Z"
	        DESCRIPTION 
	            "Modify mib nodes OID.So that, eSAP V2R1 version mib nodes 
               can be compatible to last version's mib nodes." 

			         
	        ::= { hwSecurity 26 }
		
-- ===============================================
-- Node definitions
-- ===============================================
	    
	-- 1.3.6.1.4.1.2011
	huawei OBJECT IDENTIFIER ::= { enterprises 2011 }
	
	-- 1.3.6.1.4.1.2011.6
	huaweiUtility OBJECT IDENTIFIER ::= { huawei 6 }
	
	-- 1.3.6.1.4.1.2011.6.122
	hwSecurity OBJECT IDENTIFIER ::= { huaweiUtility 122 }     
		
-- ===============================================
-- Begin the hwIPSecGlobalStats.
-- ===============================================

	hwIPSecGlobalStats OBJECT IDENTIFIER ::= { hwIpsec 1 }
        
	hwIPSecGlobalTotal OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Total number of IPSec Phase2 tunnels."
		::= { hwIPSecGlobalStats 1 }
		
	hwIPSecGlobalPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received security packets."
		::= { hwIPSecGlobalStats 2 }   
	
	hwIPSecGlobalPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent security packets."
		::= { hwIPSecGlobalStats 3 }   
		
	hwIPSecGlobalByteInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of received security packets."
		::= { hwIPSecGlobalStats 4 }
                                      
	hwIPSecGlobalByteOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of sent security packets."
		::= { hwIPSecGlobalStats 5 }
                          
	hwIPSecGlobalDroppedPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets that are received."
		::= { hwIPSecGlobalStats 6 }
		
	hwIPSecGlobalDroppedPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets that are sent."
		::= { hwIPSecGlobalStats 7 } 
		
	hwIPSecGlobalEncIntactPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets that do not need to be fragmented."
		::= { hwIPSecGlobalStats 8 }   
		
	hwIPSecGlobalEncPacketFirstSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of initial packets to be encrypted."
		::= { hwIPSecGlobalStats 9 } 
		
	hwIPSecGlobalEncPacketAfterSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of follow-up packets to be encrypted."
		::= { hwIPSecGlobalStats 10 }  
		
	hwIPSecGlobalDecPacketReassFirstSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of initial packets that are fragmented and assembled."
		::= { hwIPSecGlobalStats 11 }   
		
	hwIPSecGlobalDecPacketReassAfterSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of follow-up packets that are fragmented and assembled."
		::= { hwIPSecGlobalStats 12 } 
		
	hwIPSecGlobalDecPacketReassLenErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets with incorrect length during reassembling."
		::= { hwIPSecGlobalStats 13 } 
		
	hwIPSecGlobalPacketHeaderWrong OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the packet header error."
		::= { hwIPSecGlobalStats 14 }  
		
	hwIPSecGlobalMemoryApplyFail OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by memory applying failure."
		::= { hwIPSecGlobalStats 15 } 
		
	hwIPSecGlobalCannotFindSA OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by no matched security associations."
		::= { hwIPSecGlobalStats 16 } 
		
	hwIPSecGlobalWrongSA OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by incorrect security associations."
		::= { hwIPSecGlobalStats 17 }  
		
	hwIPSecGlobalBadAuthentication OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the authentication failure."
		::= { hwIPSecGlobalStats 18 }
		
	hwIPSecGlobalReplay OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the packet replay."
		::= { hwIPSecGlobalStats 19 } 
		
	hwIPSecGlobalPreRecheckErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the pre-check failure."
		::= { hwIPSecGlobalStats 20 }  
		
	hwIPSecGlobalPostRecheckErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the post-check failure"
		::= { hwIPSecGlobalStats 21 } 
		
	hwIPSecGlobalExceedByteLimit OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the exceeding of the byte limit."
		::= { hwIPSecGlobalStats 22 }   
		
	hwIPSecGlobalExceedPacketLimit OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the exceeding of the packet limit."
		::= { hwIPSecGlobalStats 23 }  
		
	hwIPSecGlobalProcessIpv4Err OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the plain-text forwarding failure."
		::= { hwIPSecGlobalStats 24 } 
		
	hwIPSecGlobalFibSearchErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the route check failure."
		::= { hwIPSecGlobalStats 25 }   
		
	hwIPSecGlobalIKEInboundOK OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received IKE negotiation packets that successfully enter the queue."
		::= { hwIPSecGlobalStats 26 }  
		
	hwIPSecGlobalIKEInboundErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received IKE negotiation packets that fail to enter the queue."
		::= { hwIPSecGlobalStats 27 }  
		
	hwIPSecGlobalIKEOutboundOK OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent IKE negotiation packets that successfully enter the queue."
		::= { hwIPSecGlobalStats 28 }  
		
	hwIPSecGlobalIKEOutboundErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent IKE negotiation packets that fail to enter the queue."
		::= { hwIPSecGlobalStats 29 } 
		
	hwIPSecGlobalSoftExpr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Soft timeout times."
		::= { hwIPSecGlobalStats 30 } 
		
	hwIPSecGlobalHardExpr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Hard timeout times."
		::= { hwIPSecGlobalStats 31 } 
		
	hwIPSecGlobalDPDOper OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"DPD operation and detection times."
		::= { hwIPSecGlobalStats 32 }  
		
	hwIPSecGlobalModpCnt OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Modular exponentiation calculation."
		::= { hwIPSecGlobalStats 33 }
		
	hwIPSecGlobalSaeSucc OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"SAE computing success."
		::= { hwIPSecGlobalStats 34 } 
		
	hwIPSecGlobalSoftwareSucc OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Software computing success."
		::= { hwIPSecGlobalStats 35 }
		
	hwIPSecGlobalConnectionRate OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"New Connection Rate of IPSec tunnels."
		::= { hwIPSecGlobalStats 36 }
	
	hwIPSecGlobalTotalPhase1Num OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Total Number of IPSec Phase1 tunnels."
		::= { hwIPSecGlobalStats 37 }
	hwIPSecGlobalBytesPerSecondIn OBJECT-TYPE
                SYNTAX Counter64 
              MAX-ACCESS read-only
              STATUS current
              DESCRIPTION
              "Incoming encrypted IPsec packet rate, in bytes/s."
               ::= { hwIPSecGlobalStats 38 }

	hwIPSecGlobalBytesPerSecondOut OBJECT-TYPE
              SYNTAX Counter64 
              MAX-ACCESS read-only
              STATUS current
              DESCRIPTION
               "Outgoing encrypted IPsec packet rate, in bytes/s."
              ::= { hwIPSecGlobalStats 39 }

-- ===============================================
-- Begin the table of hwIPSecTunnelConfigTable.
-- ===============================================
				    
    	-- 1.3.6.1.4.1.2011.6.122.26.2
	hwIPSecTunnelConfigTable OBJECT-TYPE
   		SYNTAX SEQUENCE OF HwIPSecTunnelConfigEntry
   		MAX-ACCESS not-accessible
   		STATUS current
   		DESCRIPTION
   			"This table specifies the configuration attributes for Huawei IPSec tunnel."   
   		::= { hwIpsec 2 }

	-- 1.3.6.1.4.1.2011.6.122.26.2.1
	hwIPSecTunnelConfigEntry OBJECT-TYPE
		SYNTAX HwIPSecTunnelConfigEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
    		"Each entry in the hwIPSecTunnelConfigTable holds a set of monitoring configuration parameters associated with an instance of IPSec tunnel."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum, hwIPSecTunnelIndex }
		::= { hwIPSecTunnelConfigTable 1 }

	HwIPSecTunnelConfigEntry ::=
		SEQUENCE { 
    			hwIPSecIfIndex
        			Gauge32,
    			hwIPSecTunnelPolicyNum
        			Gauge32,  
        		hwIPSecTunnelIndex
        			Gauge32,
	            	hwIPSecTunnelRuleId
        			Gauge32,
        		hwIPSecTunnelDstIP
        			OCTET STRING,     
	            	hwIPSecTunnelInsideIP
        			OCTET STRING,
        		hwIPSecTunnelRemotePort
        			Gauge32,
        	        hwIPSecTunnelCpuID
        			Gauge32, 
        		hwIPSecTunnelEncapMode
        			INTEGER,
        		hwIPSecTunnelNatTraver
        			INTEGER,
        		hwIPSecTunnelFromIKEV2 
        			INTEGER,
        		hwIPSecTunnelEncryptMode   
        			Gauge32,
        		hwIPSecTunnelESPDigestMode  
        			Gauge32,
        		hwIPSecTunnelAHDigestMode
        			Gauge32,
        		hwIPSecTunnelProto
        			Gauge32,
        		hwIPSecTunnelOutPortIndex
        			Gauge32,
        		hwIPSecTunnelSrcPort
        			Gauge32,
        		hwIPSecTunnelDstPort
        			Gauge32,
        		hwIPSecTunnelVrfIndex
        			Gauge32,
        		hwIPSecTunnelIfVrfIndex
        			Gauge32,
        		hwIPSecTunnelSrcIP
        			OCTET STRING,
        		hwIPSecTunnelSpeedLimitIn
        			Gauge32,
        		hwIPSecTunnelSpeedLimitOut
        			Gauge32,
           		hwIPSecTunnelInitiator
        			INTEGER,
        		hwIPSecTunnelLifeSize
        			Gauge32,
        		hwIPSecTunnelLifeTime
        			Gauge32,
        		hwIPSecTunnelPolicyName
        			OCTET STRING, 	
        		hwIPSecTunnelSaStatus
        	    	INTEGER,
        	                   hwIPSecTunnelSlotID
        	    	                    Gauge32,
                                       hwIPSecTunnelFlowInfo
                                                OCTET STRING,
                                       hwIPSecTunnelPolicyAlias
        			OCTET STRING,
        		hwIPSecTunnelDstIPv6
        			OCTET STRING,
        		hwIPSecTunnelInsideIPv6
        			OCTET STRING,
        		hwIPSecTunnelSrcIPv6
        			OCTET STRING
 			}

	-- 1.3.6.1.4.1.2011.6.122.26.2.1.1
    	hwIPSecIfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Index of the router interface corresponding to the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 1 }
    
    	hwIPSecTunnelPolicyNum OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"The tunnel number of IPSec policy."
        	::= { hwIPSecTunnelConfigEntry 2 }
        	
        hwIPSecTunnelIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Index of the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 3 }
                                
    	hwIPSecTunnelRuleId OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"ID of the ACL rule in the current IPSec policy."
        	::= { hwIPSecTunnelConfigEntry 4 }
   
    	hwIPSecTunnelDstIP OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Destination IP address of the tunnel (peer end)."
        	::= { hwIPSecTunnelConfigEntry 5 }
    
    	hwIPSecTunnelInsideIP OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Intranet IP address of the peer end during remote access."
        	::= { hwIPSecTunnelConfigEntry 6 }
    
    	hwIPSecTunnelRemotePort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Port number of the peer end of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 7 }	     
                                            
    	hwIPSecTunnelCpuID OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"CPU ID of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 8 }  
   
    	hwIPSecTunnelEncapMode OBJECT-TYPE
        	SYNTAX INTEGER {
                    tunnel(0),
                    transport(1)
                    }
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Encapsulation mode of the tunnel (tunneling mode or transmission mode)."
        	::= { hwIPSecTunnelConfigEntry 9 }   
    
    	hwIPSecTunnelNatTraver OBJECT-TYPE
        	SYNTAX INTEGER
        	   {
                    noNatTraversal(0),
                    natTraversal(1)
                    }
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Whether the tunnel needs NAT traversal (If yes, the value is 1.)."
        	::= { hwIPSecTunnelConfigEntry 10 }

    	hwIPSecTunnelFromIKEV2 OBJECT-TYPE
        	SYNTAX INTEGER {
                    noIkev2(0),
                    ikev2(1)
                    } 
        	MAX-ACCESS read-only
        	STATUS current                    
        	DESCRIPTION
            		"Whether the tunnel adopts IKEv2 (If yes, the value is 1.)."
        	::= { hwIPSecTunnelConfigEntry 11 }

    	hwIPSecTunnelEncryptMode OBJECT-TYPE      
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Encryption mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 12 }

    	hwIPSecTunnelESPDigestMode OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"ESP check mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 13 }

    	hwIPSecTunnelAHDigestMode OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"AH check mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 14 }

    	hwIPSecTunnelProto OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Protocol of the tunnel (ESP or AH, or both)."
        	::= { hwIPSecTunnelConfigEntry 15 }

    	hwIPSecTunnelOutPortIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Index of the egress of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 16 }

    	hwIPSecTunnelSrcPort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Indicates the source port number if NAT traversal is adopted."
        	::= { hwIPSecTunnelConfigEntry 17 }

    	hwIPSecTunnelDstPort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Indicates the destination port number if NAT traversal is adopted."
        	::= { hwIPSecTunnelConfigEntry 18 }

    	hwIPSecTunnelVrfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"VPN ID protected by the tunnel."
        	::= { hwIPSecTunnelConfigEntry 19 }

    	hwIPSecTunnelIfVrfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"VPN ID of the sending interface of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 20 }

    	hwIPSecTunnelSrcIP OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Source IP address of the tunnel (local end)."
        	::= { hwIPSecTunnelConfigEntry 21 }

    	hwIPSecTunnelSpeedLimitIn OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Rate limiting pre-configured in the incoming direction."
        	::= { hwIPSecTunnelConfigEntry 22 }

    	hwIPSecTunnelSpeedLimitOut OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Rate limiting pre-configured in the outgoing direction."
        	::= { hwIPSecTunnelConfigEntry 23 }

    	hwIPSecTunnelInitiator OBJECT-TYPE
        	SYNTAX INTEGER {
                    responder(0),
                    ikev2Initiator(1),
                    ikev1Initiator(2)
                    }   
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Initiator or responder of the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 24 }

    	hwIPSecTunnelLifeSize OBJECT-TYPE
        	SYNTAX Gauge32 (0..200000000)
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Life cycle of the IPSec tunnel (in kbytes)."
        	::= { hwIPSecTunnelConfigEntry 25 }

    	hwIPSecTunnelLifeTime OBJECT-TYPE
        	SYNTAX Gauge32 (1..604800)
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Life cycle of the IPSec tunnel (in seconds)."
        	::= { hwIPSecTunnelConfigEntry 26 }

    	hwIPSecTunnelPolicyName OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..255))
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Security policy for the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 27 }

    	hwIPSecTunnelSaStatus OBJECT-TYPE
        	SYNTAX INTEGER {
                    free(0),
                    ocuppied(1)
                    }  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Status of the SA."
        	::= { hwIPSecTunnelConfigEntry 28 }
                   hwIPSecTunnelSlotID OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"SLOT ID of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 29 } 
                  hwIPSecTunnelFlowInfo OBJECT-TYPE
                  SYNTAX  OCTET STRING (SIZE (1..255))
                  MAX-ACCESS read-only
                  STATUS current
                  DESCRIPTION
                                     "Data flow of the IPSec tunnel"
                  ::= { hwIPSecTunnelConfigEntry 30 } 

                  hwIPSecTunnelPolicyAlias OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Security policy alias for the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 31 }
        	
    	hwIPSecTunnelDstIPv6 OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Destination IPv6 address of the tunnel (peer end)."
        	::= { hwIPSecTunnelConfigEntry 32 }
        	
    	hwIPSecTunnelInsideIPv6 OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Intranet IPv6 address of the peer end during remote access."
        	::= { hwIPSecTunnelConfigEntry 33 }

    	hwIPSecTunnelSrcIPv6 OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128)) 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Source IPv6 address of the tunnel (local end)."
        	::= { hwIPSecTunnelConfigEntry 34 }
                  	     	        
-- ===============================================
-- Begin the table of hwIPSecTunnelStatsTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.3
	hwIPSecTunnelStatsTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecTunnelStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the status attributes for Huawei IPSec tunnel."   
		::= { hwIpsec 3 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.3.1
	hwIPSecTunnelStatsEntry OBJECT-TYPE
		SYNTAX HwIPSecTunnelStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"Each entry in the hwIPSecTunnelConfigTable holds a set of monitoring status parameters associated with an instance of IPSec tunnel."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum, hwIPSecTunnelIndex }
		::= { hwIPSecTunnelStatsTable 1 }
	
	HwIPSecTunnelStatsEntry ::=
		SEQUENCE { 
			hwIPSecTunnelSaIDIn
				Gauge32,
			hwIPSecTunnelSaIDOut
				Gauge32,
			hwIPSecTunnelFlowSoftExpireIn
				Gauge32,
			hwIPSecTunnelFlowSoftExpireOut   
				Gauge32,
			hwIPSecTunnelFlowHardExpireIn  
				Gauge32,
			hwIPSecTunnelFlowHardExpireOut
				Gauge32,
			hwIPSecTunnelRemainTime
				Gauge32,
			hwIPSecTunnelRemainSize
				Gauge32,
			hwIPSecTunnelSpiIn
				Gauge32,
			hwIPSecTunnelSpiOut
				Gauge32,
			hwIPSecTunnelInSideSpiIn
				Gauge32,
			hwIPSecTunnelInSideSpiOut
				Gauge32,
			hwIPSecTunnelESPSequenceNumberIn
				Gauge32,
			hwIPSecTunnelESPSequenceNumberOut
				Gauge32,
		   	hwIPSecTunnellAHSequenceNumberIn
				Gauge32,
			hwIPSecTunnellAHSequenceNumberOut
				Gauge32,
		   	hwIPSecTunnelMemApplyFail
				Counter64,
			hwIPSecTunnelBadAuth 
				Counter64, 
			hwIPSecTunnelReplay
				Counter64,
			hwIPSecTunnelAfterReCheckErr
				Counter64, 
			hwIPSecTunnelPktDropByteLimitIn
				Counter64, 
			hwIPSecTunnelPktDropByteLimitOut
				Counter64,
			hwIPSecTunnelFIBSearchErr
				Counter64,

			hwIPSecTunnelBytesPerSecondIn
				Gauge32,
			hwIPSecTunnelBytesPerSecondOut
				Gauge32,
		   	hwIPSecTunnelPacketsPerSecondIn
				Gauge32,
			hwIPSecTunnelPacketsPerSecondOut
				Gauge32,				
		   	hwIPSecTunnelErrPacketsPerSecondIn
				Gauge32,
			hwIPSecTunnelErrPacketsPerSecondOut
				Gauge32,
		   	hwIPSecTunnelErrPacketsIn
				Gauge32,
			hwIPSecTunnelErrPacketsOut
				Gauge32
			} 
	
	hwIPSecTunnelSaIDIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Index of the incoming IPSec tunnel."
		::= { hwIPSecTunnelStatsEntry 1 }   
	
	hwIPSecTunnelSaIDOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Index of the outgoing IPSec tunnel."
		::= { hwIPSecTunnelStatsEntry 2 }
	
	hwIPSecTunnelFlowSoftExpireIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming soft timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 3 }
	
	hwIPSecTunnelFlowSoftExpireOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing soft timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 4 }
	
	hwIPSecTunnelFlowHardExpireIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming hard timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 5 }
	
	hwIPSecTunnelFlowHardExpireOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing hard timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 6 }
	
	hwIPSecTunnelRemainTime OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Remaining time of the IPSec tunnel (in seconds)."
		::= { hwIPSecTunnelStatsEntry 7 }
	
	hwIPSecTunnelRemainSize OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Remaining bytes of the IPSec tunnel (in kbytes)."
		::= { hwIPSecTunnelStatsEntry 8 }
	
	hwIPSecTunnelSpiIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming SPI."
		::= { hwIPSecTunnelStatsEntry 9 }
	
	hwIPSecTunnelSpiOut OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing SPI."
		::= { hwIPSecTunnelStatsEntry 10 }
	
	hwIPSecTunnelInSideSpiIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "SPI of the internal ESP header when both AH and ESP are adopted in the incoming direction."
		::= { hwIPSecTunnelStatsEntry 11 }
	
	hwIPSecTunnelInSideSpiOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "SPI of the internal ESP header when both AH and ESP are adopted in the outgoing direction."
		::= { hwIPSecTunnelStatsEntry 12 }
	
	hwIPSecTunnelESPSequenceNumberIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the incoming ESP protocol."
		::= { hwIPSecTunnelStatsEntry 13 }
	
	hwIPSecTunnelESPSequenceNumberOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the outgoing ESP protocol."
		::= { hwIPSecTunnelStatsEntry 14 }
	
	hwIPSecTunnellAHSequenceNumberIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the incoming AH protocol."
		::= { hwIPSecTunnelStatsEntry 15 }   
	
	hwIPSecTunnellAHSequenceNumberOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the outgoing AH protocol."
		::= { hwIPSecTunnelStatsEntry 16 }
	
	hwIPSecTunnelMemApplyFail OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets because packets to be encrypted are too long."
		::= { hwIPSecTunnelStatsEntry 17 }
	
	hwIPSecTunnelBadAuth OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the authentication failure of received packets."
		::= { hwIPSecTunnelStatsEntry 18 }
	
	hwIPSecTunnelReplay OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by receiving replayed packets."
		::= { hwIPSecTunnelStatsEntry 19 }  
	
	hwIPSecTunnelAfterReCheckErr OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the decryption  post-check failure."
		::= { hwIPSecTunnelStatsEntry 20 }
	
	hwIPSecTunnelPktDropByteLimitIn OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the exceeding the byte limit in the incoming direction."
		::= { hwIPSecTunnelStatsEntry 21 }
	    
	hwIPSecTunnelPktDropByteLimitOut OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the exceeding of the byte limit in the outgoing direction."
		::= { hwIPSecTunnelStatsEntry 22 }    
		    
	hwIPSecTunnelFIBSearchErr OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the route check failure."
		::= { hwIPSecTunnelStatsEntry 23 }
	    
	hwIPSecTunnelBytesPerSecondIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of inbound flow in bytes."
		::= { hwIPSecTunnelStatsEntry 24 }    
		    
	hwIPSecTunnelBytesPerSecondOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of outbound flow in bytes."
		::= { hwIPSecTunnelStatsEntry 25 }
	
	hwIPSecTunnelPacketsPerSecondIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of inbound flow in packets."
		::= { hwIPSecTunnelStatsEntry 26 }   
	
	hwIPSecTunnelPacketsPerSecondOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of outbound flow in packets."
		::= { hwIPSecTunnelStatsEntry 27 }
	
	hwIPSecTunnelErrPacketsPerSecondIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of inbound error packets."
		::= { hwIPSecTunnelStatsEntry 28 }   
	
	hwIPSecTunnelErrPacketsPerSecondOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Speed of outbound error packets."
		::= { hwIPSecTunnelStatsEntry 29 }
	
	hwIPSecTunnelErrPacketsIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of inbound error packets."
		::= { hwIPSecTunnelStatsEntry 30 }   
	
	hwIPSecTunnelErrPacketsOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of outbound error packets."
		::= { hwIPSecTunnelStatsEntry 31 }

		
		
-- ===============================================
-- Begin the table of hwIPSecSaStatisticTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.4
	hwIPSecSaStatisticTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecSaStatisticEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the SA numbers of policies which have been bound with interfaces."   
		::= { hwIpsec 4 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.4.1
	hwIPSecSaStatisticEntry OBJECT-TYPE
		SYNTAX HwIPSecSaStatisticEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum }
		::= { hwIPSecSaStatisticTable 1 }
	
	HwIPSecSaStatisticEntry ::=
		SEQUENCE { 
			hwIPSecSaStatisticTunnelPolicyName
				OCTET STRING,
			hwIPSecSaStatisticSaInCnt
				Gauge32, 
			hwIPSecSaStatisticSaOutCnt
				Gauge32,
 			hwIPSecTunnelByteInput
				Counter64,
			hwIPSecTunnelByteOutput
				Counter64,
			hwIPSecTunnelPacketInput
				Counter64,
			hwIPSecTunnelPacketOutput
				Counter64,
			hwIPSecTunnelDroppedPacketInput
				Counter64,
			hwIPSecTunnelDroppedPacketOutput
				Counter64,
			hwIPSecTunnelDialUserCount
				Gauge32 ,
                                                         hwIPSecSaStatisticTunnelPolicyAlias
				OCTET STRING                               
			} 
   	        	
	hwIPSecSaStatisticTunnelPolicyName OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..255))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Security policy for the IPSec tunnel."
		::= { hwIPSecSaStatisticEntry 1 }    
	
	hwIPSecSaStatisticSaInCnt OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Incoming SA number."
		::= { hwIPSecSaStatisticEntry 2 }
	
	hwIPSecSaStatisticSaOutCnt OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Outgoing SA number."
		::= { hwIPSecSaStatisticEntry 3 }
	hwIPSecTunnelByteInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Num of bytes received by the IPSec Tunnel."
		::= { hwIPSecSaStatisticEntry 4 }
	hwIPSecTunnelByteOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Num of bytes sent by the IPSec Tunnel."
		::= { hwIPSecSaStatisticEntry 5 }           
	hwIPSecTunnelPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Num of packets received by the IPSec Tunnel."
		::= { hwIPSecSaStatisticEntry 6 }           		
	hwIPSecTunnelPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Num of packets sent by the IPSec Tunnel."
		::= { hwIPSecSaStatisticEntry 7 }           		
	hwIPSecTunnelDroppedPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets discarded by the IPSec tunnel in the inbound direction"
		::= { hwIPSecSaStatisticEntry 8 }
	hwIPSecTunnelDroppedPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets discarded by the IPSec tunnel in the outbound direction"
		::= { hwIPSecSaStatisticEntry 9 }
	hwIPSecTunnelDialUserCount OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"IPSec tunnel remote access users"
		::= { hwIPSecSaStatisticEntry 10 }
                   hwIPSecSaStatisticTunnelPolicyAlias OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..128))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Security policy alias for the IPSec tunnel."
		::= { hwIPSecSaStatisticEntry 11 }

 	        
-- ===============================================
-- IPSecTrapObject.
-- ===============================================
 
	hwIPSecTrapObject OBJECT IDENTIFIER ::= { hwIpsec 5 }
	
	hwIPSecTrapTunnelPolicyNum OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"The sequence number of IPSec tunnel policy."
		::= { hwIPSecTrapObject 1 }     
	
	hwIPSecTrapIfIndex OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
	 	STATUS current
		DESCRIPTION
	    		"Index of the router interface corresponding to the IPSec tunnel."
		::= { hwIPSecTrapObject 2 }  
	
	hwIPSecTrapTunnelPolicyName OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..255))
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"Security policy for the IPSec tunnel."
		::= { hwIPSecTrapObject 3 }     
		
	hwIPSecTrapAuthenticationMethod OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..128))
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"IPSec tunnel authentication method."
		::= { hwIPSecTrapObject 4 }     
		
	hwIPSecTrapAuthenticationID OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..255))
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"IPSec tunnel authentication ID."
		::= { hwIPSecTrapObject 5 }   
		
	hwIPSecTrapAuthenticationIDType  OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..32))
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"IPSec tunnel authentication ID type."
		::= { hwIPSecTrapObject 6 }   
		
	hwIPSecTrapTunnelDstIP OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Destination IP address of the tunnel (peer end)."
        	::= { hwIPSecTrapObject 7 }
        	
        hwIPSecTrapTunnelSrcIP OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Source IP address of the tunnel."
        	::= { hwIPSecTrapObject 8 }
        	
        hwIPSecTrapTunnelRemotePort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Port number of the peer end of the tunnel."
        	::= { hwIPSecTrapObject 9 } 
        	
	hwIPSecReason OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Fail reason of negotiation."
        	::= { hwIPSecTrapObject 10 }
        	
        hwIPSecReasonCode OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Fail reason code of negotiation."
        	::= { hwIPSecTrapObject 11 } 	

        hwIPSecTrapTunnelOfflineReason OBJECT-TYPE
                    SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Offline reason of the IPSec tunnel."
        	::= { hwIPSecTrapObject 12 }
       hwIPSecVsysName OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..31))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Virtual system name. The value Public indicates the public system. For products that do not support virtual systems, the value is fixed to Public."
        	::= { hwIPSecTrapObject 13 }	

       hwIPSecTrapIfName OBJECT-TYPE
                      SYNTAX OCTET STRING (SIZE (1..63))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"The interface name corresponding to the IPSec tunnel."
        	::= { hwIPSecTrapObject 14 }

       hwIPSecInitiator OBJECT-TYPE
                      SYNTAX OCTET STRING (SIZE (1..19))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"The role in IKE negotiation."
        	::= { hwIPSecTrapObject 15 }

       hwIPSecTrapTunnelDstIPMask OBJECT-TYPE
            SYNTAX Gauge32
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            "Destination IP address of the tunnel mask."
        	::= { hwIPSecTrapObject 16 }
			
       hwIPSecTrapRouteNextHope OBJECT-TYPE
            SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            "Ipsec opr route next hope."
        	::= { hwIPSecTrapObject 17 }
		
	   hwIPSecTrapOprPri OBJECT-TYPE
            SYNTAX Gauge32
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            "Ipsec opr route priority."
        	::= { hwIPSecTrapObject 18 }

		hwIPSecTunnelVpnName OBJECT-TYPE
            SYNTAX OCTET STRING (SIZE (1..32))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            "Ipsec tunnel vpn name."
        	::= { hwIPSecTrapObject 19 }

		hwIPSecTunnelFlowVpnName OBJECT-TYPE
            SYNTAX OCTET STRING (SIZE (1..32))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            "Ipsec flow vpn name."
        	::= { hwIPSecTrapObject 20 }

		hwIPSecTunnelStatus OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
				"Status of the Tunnel."
		::= { hwIPSecTrapObject 21 }

        hwIPSecTunnelStatusChangeReason OBJECT-TYPE
			SYNTAX OCTET STRING (SIZE (1..128))
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"IPSec tunnel status change reason."
		::= { hwIPSecTrapObject 22 }
-- ===============================================
-- definition of traps.      
-- ===============================================

        hwIPSecNotifications OBJECT IDENTIFIER ::= { hwIpsec 6 }
		                                
        hwIPSecTunnelStart NOTIFICATION-TYPE
		OBJECTS { 
			  hwIPSecIfIndex,
			  hwIPSecTunnelPolicyNum,  
			  hwIPSecTunnelIndex,
			  hwIPSecTunnelRuleId,
			  hwIPSecTunnelDstIP,
			  hwIPSecTunnelInsideIP,
			  hwIPSecTunnelRemotePort,
			  hwIPSecTunnelCpuID,
			  hwIPSecTunnelSrcIP,
                                                            hwIPSecTunnelFlowInfo,
			  hwIPSecTunnelLifeSize,
			  hwIPSecTunnelLifeTime,
                                                            hwIPSecVsysName,
                                                            hwIPSecTrapIfName,
                                                            hwIPSecTunnelSlotID,
                                                            hwIPSecInitiator                                                            
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when the IPSec tunnel is established."
		::= { hwIPSecNotifications 1 }
		
        hwIPSecTunnelStop NOTIFICATION-TYPE
		OBJECTS { 
			  hwIPSecIfIndex,
			  hwIPSecTunnelPolicyNum, 
			  hwIPSecTunnelIndex,
			  hwIPSecTunnelRuleId,
			  hwIPSecTunnelDstIP,
			  hwIPSecTunnelInsideIP,
			  hwIPSecTunnelRemotePort,
			  hwIPSecTunnelCpuID,
			  hwIPSecTunnelSrcIP,
                                                            hwIPSecTunnelFlowInfo,
                                                            hwIPSecTrapTunnelOfflineReason,
                                                            hwIPSecVsysName,
                                                            hwIPSecTrapIfName,
                                                            hwIPSecTunnelSlotID
                                             }
		STATUS     current
		DESCRIPTION
		    "Send the message when the IPSec tunnel is deleted."
		::= { hwIPSecNotifications 2 }   
		                
        hwIPSecPolicyAdd NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapTunnelPolicyNum,                    
		          hwIPSecTrapTunnelPolicyName,
                                                hwIPSecVsysName 
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when an IPSec policy is added."
		::= { hwIPSecNotifications 3 }
		
	hwIPSecPolicyDel NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapTunnelPolicyNum,                    
		          hwIPSecTrapTunnelPolicyName,
                                                hwIPSecVsysName 
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is deleted."
		::= { hwIPSecNotifications 4 }
		
	hwIPSecPolicyAttach NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapIfIndex,                    
		          hwIPSecTrapTunnelPolicyName,
                                                      hwIPSecVsysName,
                                                      hwIPSecTrapIfName 
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is applied to an interface."
		::= { hwIPSecNotifications 5 }   
		
	hwIPSecPolicyDetach NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapIfIndex,                    
		          hwIPSecTrapTunnelPolicyName,
                                                      hwIPSecVsysName,
                                                      hwIPSecTrapIfName 
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is cancelled on an interface."
		::= { hwIPSecNotifications 6 }
		
	hwIPSecIKEReset NOTIFICATION-TYPE
                                     OBJECTS {
		          hwIPSecVsysName 
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IKE SA is reset."
		::= { hwIPSecNotifications 7 }	     
		
	hwIPSecIPSecReset NOTIFICATION-TYPE
                                    OBJECTS {
		          hwIPSecVsysName 
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec SA is reset."
		::= { hwIPSecNotifications 8 }	 
		             
	hwIPSecTunnelReachMax NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	     "Send the message when IPSec Tunnel Number will Be Reach Max."
	::= { hwIPSecNotifications 9 }
	
	hwIPSecTunnelReachMaxAtOnce NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	     "Send the message when IPSec Tunnel Number Reach Max At Once."
	::= { hwIPSecNotifications 10 }	  
	
	hwIKEPeerReachMax NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	     "Send the message when IKE Peer Number will Be Reach Max."
	::= { hwIPSecNotifications 11 }       
	
	hwIKEPeerReachMaxAtOnce NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	     "Send the message when IKE Peer Number Reach Max At Once."
	::= { hwIPSecNotifications 12 }    
	
	hwIKESaPhase1Establish NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapTunnelDstIP,
		          hwIPSecTrapTunnelRemotePort,
		          hwIPSecTrapTunnelSrcIP,
		          hwIPSecTrapAuthenticationMethod,
		          hwIPSecTrapAuthenticationID,
		          hwIPSecTrapAuthenticationIDType,
                                                hwIPSecVsysName,
                                                  hwIPSecInitiator  
		        }	
	        STATUS     current
	        DESCRIPTION
	             "Send the message when IKE SA phase1 establish ."
	        ::= { hwIPSecNotifications 13 }  
	            
	hwIPSecNegoFail NOTIFICATION-TYPE
		OBJECTS { 
			      hwIPSecTrapIfIndex,
			      hwIPSecTrapTunnelPolicyNum,  
			      hwIPSecReason,
			      hwIPSecReasonCode,
                                                                        hwIPSecTrapTunnelDstIP,
                                                                        hwIPSecTrapTunnelRemotePort,
                                                                        hwIPSecVsysName,
                                                                        hwIPSecTrapIfName    
		        }
		    STATUS     current
		    DESCRIPTION
		        "Send the message when IPSec tunnel negotiation fails."
		    ::= { hwIPSecNotifications 14 }

	hwIPSecTunnelHaveReachMax NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	     "Send the message when IPSec Tunnel Number Has Been Reached Max ."
	::= { hwIPSecNotifications 15 }

        hwIPSecOPRRouteMissed NOTIFICATION-TYPE
        OBJECTS { hwIPSecTrapTunnelDstIP, hwIPSecTrapTunnelDstIPMask, hwIPSecTrapRouteNextHope, hwIPSecTrapIfIndex, hwIPSecVsysName, hwIPSecTrapOprPri}
	STATUS     current
	DESCRIPTION
	"Send the message when opr route inject failed."
	::= { hwIPSecNotifications 16 }

	hwIPSecLowSecurityLevel NOTIFICATION-TYPE
	STATUS     current
	DESCRIPTION
	    "The security level of pkcs1 is low."
	::= { hwIPSecNotifications 17 }

	hwIPSecWeakEncr NOTIFICATION-TYPE
		OBJECTS {
                  hwIPSecTrapTunnelDstIP,
                  hwIPSecTrapIfName    
		        }
	STATUS     current
	DESCRIPTION
	    "The ipsec sa encryption-algorithm is not GCM mode."
	::= { hwIPSecNotifications 18 }

        hwIPSecTunnelStatusChange NOTIFICATION-TYPE
		OBJECTS { 
			  hwIPSecVsysName,
			  hwIPSecTrapIfName,
			  hwIPSecTunnelPolicyName,
			  hwIPSecTunnelPolicyNum,  
			  hwIPSecTunnelPolicyAlias,
			  hwIPSecTunnelVpnName,
			  hwIPSecTunnelFlowVpnName,
			  hwIPSecTrapTunnelDstIP,
			  hwIPSecTunnelDstPort,
			  hwIPSecTrapTunnelSrcIP,
			  hwIPSecTunnelSrcPort,
			  hwIPSecTunnelFlowInfo,
			  hwIPSecTunnelStatusChangeReason,
			  hwIPSecTunnelStatus
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when the IPSec tunnel is established or deleted."
		::= { hwIPSecNotifications 19 }



-- ===============================================
-- Begin the table of hwIPSecGdoiStatsTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.8
	hwIPSecGdoiStatsTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecGdoiStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the status attributes for Huawei IPSec Gdoi."
		::= { hwIpsec 8 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.8.1
	hwIPSecGdoiStatsEntry OBJECT-TYPE
		SYNTAX HwIPSecGdoiStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"Each entry in the hwIPSecGdoiStatsTable holds a set of monitoring status parameters associated with an instance of IPSec gdoi."
		INDEX { hwIPSecGdoiGroupID, hwIPSecGdoiRemoteAddress }
		::= { hwIPSecGdoiStatsTable 1 }
	
	HwIPSecGdoiStatsEntry ::=
		SEQUENCE { 
			hwIPSecGdoiGroupID
				Gauge32,
			hwIPSecGdoiRemoteAddress
				IpAddress,
			hwIPSecTunnelSendPacket
				Counter64,
			hwIPSecTunnelSendSize
				Counter64,
			hwIPSecTunnelSendErrorPacket
				Counter64,
			hwIPSecTunnelSendErrorSize
				Counter64,
			hwIPSecTunnelRecvPacket
				Counter64,
			hwIPSecTunnelRecvSize
				Counter64,
			hwIPSecTunnelRecvErrorPacket
				Counter64,
			hwIPSecTunnelRecvErrorSize
				Counter64
			}

	-- 1.3.6.1.4.1.2011.6.122.26.8.1.1
	hwIPSecGdoiGroupID OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
		    "ID of the GM group corresponding to the GM and KMC."
		::= { hwIPSecGdoiStatsEntry 1 }

	hwIPSecGdoiRemoteAddress OBJECT-TYPE
		SYNTAX IpAddress
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
		    "IP Address where a GM points to."
		::= { hwIPSecGdoiStatsEntry 2 }

	hwIPSecTunnelSendPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the number of the sent packets."
		::= { hwIPSecGdoiStatsEntry 3 }

	hwIPSecTunnelSendSize OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the total bytes of the sent packet."
		::= { hwIPSecGdoiStatsEntry 4 }

	hwIPSecTunnelSendErrorPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the error number of the sent packets."
		::= { hwIPSecGdoiStatsEntry 5 }

	hwIPSecTunnelSendErrorSize OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the total Error bytes of the sent packets."
		::= { hwIPSecGdoiStatsEntry 6 }

	hwIPSecTunnelRecvPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the number of the recieved packets."
		::= { hwIPSecGdoiStatsEntry 7 }

	hwIPSecTunnelRecvSize OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the total bytes of the recieved packets."
		::= { hwIPSecGdoiStatsEntry 8 }

	hwIPSecTunnelRecvErrorPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the error number of the recieved packets."
		::= { hwIPSecGdoiStatsEntry 9 }

	hwIPSecTunnelRecvErrorSize OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Statistic the total error bytes of the recieved packets."
		::= { hwIPSecGdoiStatsEntry 10 }

-- ===============================================
-- Begin the table of hwIPSecTEKSAStatusTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.9
	hwIPSecTEKSAStatusTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecTEKSAStatusEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the status attributes for Huawei IPSec Gdoi TEK SA."
		::= { hwIpsec 9 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.9.1
	hwIPSecTEKSAStatusEntry OBJECT-TYPE
		SYNTAX HwIPSecTEKSAStatusEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"Each entry in the hwIPSecTEKSAStatusEntry holds a set of monitoring status parameters associated with an instance of IPSec gdoi."
		INDEX { hwIPSecGdoiGroupID, hwIPSecGdoiRemoteAddress }
		::= { hwIPSecTEKSAStatusTable 1 }
	
	HwIPSecTEKSAStatusEntry ::=
		SEQUENCE{
			hwIPSecTEKSAStatus
				INTEGER
			}

	-- 1.3.6.1.4.1.2011.6.122.26.9.1.1
	hwIPSecTEKSAStatus OBJECT-TYPE
		SYNTAX INTEGER
			{ 
			    teksa(0),
			    noteksa(1)
			}
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Request for status of TEK-SA with the specified group-id and remote-address(If yes, the value is 0.)."
		::= { hwIPSecTEKSAStatusEntry 1 }

-- ===============================================
-- Conformance Information             
-- ===============================================

	hwIPSecMibConformance OBJECT IDENTIFIER ::= { hwIpsec 7 }
	
	hwIPSecMibCompliances OBJECT IDENTIFIER ::= { hwIPSecMibConformance 1 }
	
	hwIPSecMibGroups OBJECT IDENTIFIER ::= { hwIPSecMibConformance 2 }
		
		
-- ===============================================
-- Compliance Statements             
-- ===============================================	
	
         hwIPSecMibCompliance MODULE-COMPLIANCE
		 STATUS current
		 DESCRIPTION 
			" "
		 MODULE -- this module
		 MANDATORY-GROUPS 
			{ 
			hwIPSecGlobalStatsGroup,
			hwIPSecTunnelConfigTableGroup,
			hwIPSecTunnelStatsTableGroup,  
			hwIPSecSaStatisticTableGroup,
			hwIPSecTrapObjectGroup,
			hwIPSecNotificationsGroup
			}
		::= { hwIPSecMibCompliances 1 }   
			  
	    hwIPSecGlobalStatsGroup OBJECT-GROUP
		OBJECTS { 
			hwIPSecGlobalTotal,
			hwIPSecGlobalPacketInput,
			hwIPSecGlobalPacketOutput,
			hwIPSecGlobalByteInput,
			hwIPSecGlobalByteOutput,
			hwIPSecGlobalDroppedPacketInput, 
			hwIPSecGlobalDroppedPacketOutput,
			hwIPSecGlobalEncIntactPacket,
			hwIPSecGlobalEncPacketFirstSlice,
			hwIPSecGlobalEncPacketAfterSlice,
			hwIPSecGlobalDecPacketReassFirstSlice,
			hwIPSecGlobalDecPacketReassAfterSlice,
			hwIPSecGlobalDecPacketReassLenErr,
			hwIPSecGlobalPacketHeaderWrong,
			hwIPSecGlobalMemoryApplyFail,
			hwIPSecGlobalCannotFindSA,
			hwIPSecGlobalWrongSA,
			hwIPSecGlobalBadAuthentication,
			hwIPSecGlobalReplay,
			hwIPSecGlobalPreRecheckErr,
			hwIPSecGlobalPostRecheckErr,
			hwIPSecGlobalExceedByteLimit,
			hwIPSecGlobalExceedPacketLimit,
			hwIPSecGlobalProcessIpv4Err,
			hwIPSecGlobalFibSearchErr,
			hwIPSecGlobalIKEInboundOK,
			hwIPSecGlobalIKEInboundErr,
			hwIPSecGlobalIKEOutboundOK,
			hwIPSecGlobalIKEOutboundErr,
			hwIPSecGlobalSoftExpr,
			hwIPSecGlobalHardExpr,
			hwIPSecGlobalDPDOper,
			hwIPSecGlobalModpCnt,
			hwIPSecGlobalSaeSucc,
			hwIPSecGlobalSoftwareSucc,
			hwIPSecGlobalConnectionRate,
			hwIPSecGlobalTotalPhase1Num,
                        hwIPSecGlobalBytesPerSecondIn,
                        hwIPSecGlobalBytesPerSecondOut
									
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the  global statistics information for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 1 }			     

	    hwIPSecTunnelConfigTableGroup OBJECT-GROUP
		OBJECTS { 
			hwIPSecTunnelRuleId,
			hwIPSecTunnelDstIP,
			hwIPSecTunnelInsideIP,
			hwIPSecTunnelRemotePort,
			hwIPSecTunnelCpuID,                            
			hwIPSecTunnelEncapMode,
			hwIPSecTunnelNatTraver,
			hwIPSecTunnelFromIKEV2,
			hwIPSecTunnelEncryptMode,
			hwIPSecTunnelESPDigestMode,
			hwIPSecTunnelAHDigestMode,
			hwIPSecTunnelProto,
			hwIPSecTunnelOutPortIndex,
			hwIPSecTunnelSrcPort,
			hwIPSecTunnelDstPort,
			hwIPSecTunnelVrfIndex,
			hwIPSecTunnelIfVrfIndex,
			hwIPSecTunnelSrcIP,
			hwIPSecTunnelSpeedLimitIn,
			hwIPSecTunnelSpeedLimitOut,
			hwIPSecTunnelInitiator,
			hwIPSecTunnelLifeSize,
			hwIPSecTunnelLifeTime,
			hwIPSecTunnelPolicyName,
			hwIPSecTunnelSaStatus,
     			hwIPSecTunnelSlotID,
                                                          hwIPSecTunnelFlowInfo,
                                                          hwIPSecTunnelPolicyAlias,
			hwIPSecTunnelDstIPv6,
			hwIPSecTunnelInsideIPv6,
			hwIPSecTunnelSrcIPv6						
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the monitoring IPSec tunnel configuration attributes for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 2 }                    
		
	    hwIPSecTunnelStatsTableGroup OBJECT-GROUP
		OBJECTS {                       
			hwIPSecTunnelSaIDIn,
			hwIPSecTunnelSaIDOut,
			hwIPSecTunnelFlowSoftExpireIn,
			hwIPSecTunnelFlowSoftExpireOut,
			hwIPSecTunnelFlowHardExpireIn,
			hwIPSecTunnelFlowHardExpireOut,
			hwIPSecTunnelRemainTime,
			hwIPSecTunnelRemainSize,
			hwIPSecTunnelSpiIn,
			hwIPSecTunnelSpiOut,
			hwIPSecTunnelInSideSpiIn,
			hwIPSecTunnelInSideSpiOut,
			hwIPSecTunnelESPSequenceNumberIn,
			hwIPSecTunnelESPSequenceNumberOut,
			hwIPSecTunnellAHSequenceNumberIn,
			hwIPSecTunnellAHSequenceNumberOut,
			hwIPSecTunnelMemApplyFail,
			hwIPSecTunnelBadAuth,
			hwIPSecTunnelReplay,
			hwIPSecTunnelAfterReCheckErr,
			hwIPSecTunnelPktDropByteLimitIn,
			hwIPSecTunnelPktDropByteLimitOut,
			hwIPSecTunnelFIBSearchErr,      						
			hwIPSecTunnelBytesPerSecondIn,
			hwIPSecTunnelBytesPerSecondOut,
			hwIPSecTunnelPacketsPerSecondIn,
			hwIPSecTunnelPacketsPerSecondOut,
			hwIPSecTunnelErrPacketsPerSecondIn,
			hwIPSecTunnelErrPacketsPerSecondOut,
			hwIPSecTunnelErrPacketsIn,
			hwIPSecTunnelErrPacketsOut

			}
		STATUS current
		DESCRIPTION 
			"This table specifies the monitoring IPSec tunnel statistics attributes for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 3 }

		
        hwIPSecSaStatisticTableGroup OBJECT-GROUP
		OBJECTS {                               
			hwIPSecSaStatisticTunnelPolicyName,
			hwIPSecSaStatisticSaInCnt,
			hwIPSecSaStatisticSaOutCnt,
 			hwIPSecTunnelByteInput,
			hwIPSecTunnelByteOutput,
			hwIPSecTunnelPacketInput,
			hwIPSecTunnelPacketOutput,
			hwIPSecTunnelDroppedPacketInput,
			hwIPSecTunnelDroppedPacketOutput,
			hwIPSecTunnelDialUserCount,
                                                         hwIPSecSaStatisticTunnelPolicyAlias  		 						
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the SA numbers of policies which have been bound with interfaces."
		::= { hwIPSecMibGroups 4 }

		
	    hwIPSecTrapObjectGroup OBJECT-GROUP
		OBJECTS {                               
	           	hwIPSecTrapTunnelPolicyNum,
	           	hwIPSecTrapIfIndex,
	           	hwIPSecTrapTunnelPolicyName       						
			}
		STATUS current
		DESCRIPTION 
			"IPSec trap objects."
		::= { hwIPSecMibGroups 5 }    
		
		hwIPSecNotificationsGroup NOTIFICATION-GROUP
		NOTIFICATIONS
                        {                               
           		hwIPSecTunnelStart,
           		hwIPSecTunnelStop,
           		hwIPSecPolicyAdd,
           		hwIPSecPolicyDel,
           		hwIPSecPolicyAttach,
           		hwIPSecPolicyDetach,
           		hwIPSecIKEReset, 
           		hwIPSecIPSecReset,
    		      hwIPSecTunnelReachMax,
              hwIPSecTunnelReachMaxAtOnce,
              hwIKEPeerReachMax,
              hwIKEPeerReachMaxAtOnce,
              hwIKESaPhase1Establish,
              hwIPSecNegoFail,
			  hwIPSecTunnelStatusChange
       		        }
		STATUS current
		DESCRIPTION 
			"IPSec traps."
		::= { hwIPSecMibGroups 6 }

	
	hwIPSecGdoiStatsTableGroup OBJECT-GROUP
		OBJECTS	{
			hwIPSecTunnelSendPacket,
			hwIPSecTunnelSendSize,
			hwIPSecTunnelSendErrorPacket,
			hwIPSecTunnelSendErrorSize,
			hwIPSecTunnelRecvPacket,
			hwIPSecTunnelRecvSize,
			hwIPSecTunnelRecvErrorPacket,
			hwIPSecTunnelRecvErrorSize
			}
		STATUS current
		DESCRIPTION
			"Statistic the tunnel flow of the spcified IPSec policy group-id."
		::= { hwIPSecMibGroups 7 }
			
	END
	
