-- *****************************************************************
-- mpIPsec.mib:  Maipu enterprise device IPsec MIB file
--
-- version 1.0.0.1, Sep 28, 2004 liuyu
--
-- Copyright (c)  by Maipu Communication Inc.
-- All rights reserved.
-- 
-- *****************************************************************

	
MAIPU-SECURITY-IPSEC-MIB DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY, OBJECT-TYPE, Counter32,
       	IpAddress, Unsigned32		FROM SNMPv2-SMI
       	RowStatus			FROM SNMPv2-TC
       	mpSecurity			FROM MAIPU-SMI;
       
mpSecurityRouter 	MODULE-IDENTITY
        LAST-UPDATED "200501120932Z"      -- Wednesday Jan 12 09:32:35 PDT 2005
        ORGANIZATION "Maipu Communication"
        CONTACT-INFO
          	"       liu Yu
          	Postal: Maipu Inc
                  Tel: (028)85148048
          	E-Mail: office@maipu.com "
          
        DESCRIPTION
	 	"The MIB module describes the IPSec protocol for Maipu Security Router. "          
        ::= { mpSecurity 3 }

-- *****************************************************************

ipsecModule		OBJECT IDENTIFIER ::= { mpSecurityRouter 1 }

ipsecConfigGroup	OBJECT IDENTIFIER ::= { ipsecModule 1 }
ipsecDebugGroup		OBJECT IDENTIFIER ::= { ipsecModule 2 }
ipsecMonitorGroup	OBJECT IDENTIFIER ::= { ipsecModule 3 }

-- *****************************************************************

-- *****************************************************************
-- IKETunnel Table

ikeTunnelTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IKETunnelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the crypto tunnels using IKE negotiation, which is configured by the operator."
    	::={ ipsecConfigGroup 1 }
    
ikeTunnelEntry	OBJECT-TYPE
    	SYNTAX IKETunnelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one crypto tunnel."
    	INDEX { ikeTunnelName }
    	::= { ikeTunnelTable 1 }
    
IKETunnelEntry	::=
	SEQUENCE {
		ikeTunnelName			OCTET STRING,
		ikeTunnelPeerAddr		IpAddress,
		ikeTunnelPeerName		OCTET STRING,
		ikeTunnelLocalAddr		IpAddress,
		ikeTunnelLocalIfName		OCTET STRING,
		ikeTunnelPeerIdType		INTEGER,
		ikeTunnelPeerID			OCTET STRING,
		ikeTunnelLocalID		OCTET STRING,
		ikeTunnelShareLimit		INTEGER,
		ikeTunnelSecDomain		OCTET STRING,
		ikeTunnelPhaseOneMode		INTEGER,
		ikeTunnelNATActiveTime		INTEGER,
		ikeTunnelAuthMeans		INTEGER,
		ikeTunnelDPDPeriod		INTEGER,
		ikeTunnelDPDRetry		INTEGER,
		ikeTunnelDPDAction		INTEGER,
		ikeTunnelSecLevel		INTEGER,
		ikeTunnelIKEProp1		OCTET STRING,
		ikeTunnelIKEProp2		OCTET STRING,
		ikeTunnelIKEProp3		OCTET STRING,
		ikeTunnelIKEProp4		OCTET STRING,
		ikeTunnelIPsecProp1		OCTET STRING,
		ikeTunnelIPsecProp2		OCTET STRING,
		ikeTunnelIPsecProp3		OCTET STRING,
		ikeTunnelIPsecProp4		OCTET STRING,
		ikeTunnelIdleTime		INTEGER,
		ikeTunnelAutoUp			INTEGER,
		ikeTunnelType			INTEGER,
		ikeTunnelDHCPoIPsec		INTEGER,
		ikeTunnelParentName		OCTET STRING,
		ikeTunnelSetNMS			INTEGER,
		ikeTunnelAdmin			INTEGER,
		ikeTunnelStatus			RowStatus
		}	

ikeTunnelName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one crypto tunnel."
	::= { ikeTunnelEntry 1 }
	
ikeTunnelPeerAddr		OBJECT-TYPE
	SYNTAX	IpAddress
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IP address of the peer used by a crypto tunnel."
	::= { ikeTunnelEntry 2 }

ikeTunnelPeerName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the hostname of the peer used by a crypto tunnel."
	::= { ikeTunnelEntry 3 }
	
ikeTunnelLocalAddr		OBJECT-TYPE
	SYNTAX	IpAddress
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the local IP address used by a crypto tunnel."
	::= { ikeTunnelEntry 4 }
	
ikeTunnelLocalIfName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the local interface name used by a crypto tunnel."
	::= { ikeTunnelEntry 5 }

ikeTunnelPeerIdType		OBJECT-TYPE
	SYNTAX	INTEGER{
			id_ALIAS(1),
			id_GROUP(2),
			id_OTHER(3)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the peer's id used by a crypto tunnel."
	::= { ikeTunnelEntry 6 }
		
ikeTunnelPeerID		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the peer's id used by a crypto tunnel."
	::= { ikeTunnelEntry 7 }
	
ikeTunnelLocalID		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the local id used by a crypto tunnel."
	::= { ikeTunnelEntry 8 }
	
ikeTunnelShareLimit		OBJECT-TYPE
	SYNTAX	INTEGER(0..100000)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the maximum number of the connections sharing this crypto tunnel." 
	::= { ikeTunnelEntry 9 }
	
ikeTunnelSecDomain		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the virtual security domain used by a crypto tunnel."
	::= { ikeTunnelEntry 10 }
	
ikeTunnelPhaseOneMode		OBJECT-TYPE
	SYNTAX	INTEGER {
				mainMode(1),
				aggressiveMode(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the exchange mode used in IKE phase one negotiation."
	DEFVAL { mainMode }
	::= { ikeTunnelEntry 11 }
	
ikeTunnelNATActiveTime		OBJECT-TYPE
	SYNTAX	INTEGER(10..3600)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the period for keeping alive when carrying ong NAT traversal."
	::= { ikeTunnelEntry 12 }

ikeTunnelAuthMeans		OBJECT-TYPE
	SYNTAX	INTEGER {
				preSharedKey(1),
				rsaSignature(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the authentication mode used in IKE phase one negotiation."
	DEFVAL { preSharedKey }
	::= { ikeTunnelEntry 13 }

ikeTunnelDPDPeriod		OBJECT-TYPE
	SYNTAX	INTEGER(10..3600)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the period for sending DPD message."
	::= { ikeTunnelEntry 14 }

ikeTunnelDPDRetry		OBJECT-TYPE
	SYNTAX	INTEGER(2..100)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the times for trying to detect if the peer is alive using the DPD message."
	::= { ikeTunnelEntry 15 }

ikeTunnelDPDAction		OBJECT-TYPE
	SYNTAX	INTEGER {
				hold(1),
				clear(2),
				none(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the action will be executed when finding peer is dead using the DPD message.
		Note: none means no DPD."
	DEFVAL { hold }
	::= { ikeTunnelEntry 16 }

ikeTunnelSecLevel		OBJECT-TYPE
	SYNTAX	INTEGER {
				basic(1),
				standard(2),
				high(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the security level used by this tunnel in negotiation."
	DEFVAL { standard }
	::= { ikeTunnelEntry 17 }

ikeTunnelIKEProp1		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IKE proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 18 }

ikeTunnelIKEProp2		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IKE proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 19 }

ikeTunnelIKEProp3		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IKE proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 20 }

ikeTunnelIKEProp4		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IKE proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 21 }

ikeTunnelIPsecProp1		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 22 }

ikeTunnelIPsecProp2		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 23 }

ikeTunnelIPsecProp3		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 24 }

ikeTunnelIPsecProp4		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by the tunnel in negotiation."
	::= { ikeTunnelEntry 25 }

ikeTunnelIdleTime		OBJECT-TYPE
	SYNTAX	INTEGER
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the idle time of the IPsec SAs constructed by the tunnel."
	::= { ikeTunnelEntry 26 }

ikeTunnelAutoUp			OBJECT-TYPE
	SYNTAX	INTEGER {
				enable(1),
				disable(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines whether IPsec SAs should have beening constructed by the tunnel right now or not."
	DEFVAL { disable }
	::= { ikeTunnelEntry 27 }
	
ikeTunnelType			OBJECT-TYPE
	SYNTAX	INTEGER {
				permanent(1),
				template(2),
				instance(3)
				}
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the type of the tunnel."
	::= { ikeTunnelEntry 28 }

ikeTunnelDHCPoIPsec		OBJECT-TYPE
	SYNTAX	INTEGER {
				enable(1),
				disable(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines whether the tunnel can support the function DHCP over IPsec or not."
	::= { ikeTunnelEntry 29 }

ikeTunnelParentName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the parent tunnel name of instance tunnel."
	::= { ikeTunnelEntry 30 }
	
ikeTunnelSetNMS		OBJECT-TYPE
	SYNTAX	INTEGER{
			true(1),
			false(2)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the init-server property."
	::= { ikeTunnelEntry 31 }		

ikeTunnelAdmin		OBJECT-TYPE
	SYNTAX	INTEGER{
			true(1),
			false(2)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the administrative property."
	::= { ikeTunnelEntry 32 }
		
ikeTunnelStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { ikeTunnelEntry 33 }

-- *****************************************************************

-- *****************************************************************
-- Manual Tunnel Table

manTunnelTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF ManTunnelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the manual crypto tunnels configured by the operator."
    	::={ ipsecConfigGroup 2 }
    
manTunnelEntry	OBJECT-TYPE
    	SYNTAX ManTunnelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one manual crypto tunnel."
    	INDEX { manTunnelName }
    	::= { manTunnelTable 1 }
    
ManTunnelEntry	::=
	SEQUENCE {
		manTunnelName			OCTET STRING,
		manTunnelPeerAddr		IpAddress,
		manTunnelInAHSPI		INTEGER,
		manTunnelInAHKey		OCTET STRING,
		manTunnelInESPSPI		INTEGER,
		manTunnelInESPAuthKey		OCTET STRING,
		manTunnelInESPCiperKey		OCTET STRING,
		manTunnelOutAHSPI		INTEGER,
		manTunnelOutAHKey		OCTET STRING,
		manTunnelOutESPSPI		INTEGER,
		manTunnelOutESPAuthKey		OCTET STRING,
		manTunnelOutESPCiperKey		OCTET STRING,
		manTunnelInCPI			INTEGER,
		manTunnelOutCPI			INTEGER,
		manTunnelIPsecProp		OCTET STRING,
		manTunnelLocalIfName		OCTET STRING,
		manTunnelStatus			RowStatus
		}	

manTunnelName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one manual crypto tunnel."
	::= { manTunnelEntry 1 }
	
manTunnelPeerAddr		OBJECT-TYPE
	SYNTAX	IpAddress
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IP address of the peer used by a crypto tunnel. "
	::= { manTunnelEntry 2 }

manTunnelInAHSPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the SPI of the inbound SA on protocol AH. 
		Note: 255 means no AH."
	::= { manTunnelEntry 3 }
	
manTunnelInAHKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the inbound SA on protocol AH. "
	::= { manTunnelEntry 4 }
	
manTunnelInESPSPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the SPI of the inbound SA on protocol ESP. 
		Note: 255 means no ESP."
	::= { manTunnelEntry 5 }
	
manTunnelInESPAuthKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the inbound SA about authentication algorithm on protocol ESP. "
	::= { manTunnelEntry 6 }
	
manTunnelInESPCiperKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the inbound SA about encryption algorithm on protocol ESP. "
	::= { manTunnelEntry 7 }
	
manTunnelOutAHSPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the SPI of the outbound SA on protocol AH. 
		Note: 255 means no AH."
	::= { manTunnelEntry 8 }
	
manTunnelOutAHKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the outbound SA on protocol AH. "
	::= { manTunnelEntry 9 }
	
manTunnelOutESPSPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the SPI of the outbound SA on protocol ESP. 
		Note: 255 means no ESP."
	::= { manTunnelEntry 10 }
	
manTunnelOutESPAuthKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the outbound SA about authentication algorithm on protocol ESP. "
	::= { manTunnelEntry 11 }
	
manTunnelOutESPCiperKey		OBJECT-TYPE
	SYNTAX	OCTET STRING (SIZE(16..254))
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the key used by the outbound SA about encryption algorithm on protocol ESP. "
	::= { manTunnelEntry 12 }

manTunnelInCPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the CPI of the inbound SA on protocol IPComp. 
		Note: 255 means no IPComp."
	::= { manTunnelEntry 13 }

manTunnelOutCPI		OBJECT-TYPE
	SYNTAX	INTEGER(255..511)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the CPI of the outbound SA on protocol IPComp. 
		Note: 255 means no IPComp."
	::= { manTunnelEntry 14 }
		
manTunnelIPsecProp		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by the tunnel for constructing IPsec SAs."
	::= { manTunnelEntry 15 }
	
manTunnelLocalIfName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the local interface name used by a crypto tunnel."
	::= { manTunnelEntry 16 }
	
manTunnelStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { manTunnelEntry 17 }
		
-- *****************************************************************

-- *****************************************************************
-- IKE Proposal Table

ikePropTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IKEPropEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the IKE proposals configured by the operator."
    	::={ ipsecConfigGroup 3 }
    
ikePropEntry	OBJECT-TYPE
    	SYNTAX IKEPropEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one IKE proposal."
    	INDEX { ikePropName }
    	::= { ikePropTable 1 }
    
IKEPropEntry	::=
	SEQUENCE {
		ikePropName			OCTET STRING,
		ikePropEncyptoAlg		INTEGER,
		ikePropAuthAlg			INTEGER,
		ikePropDHGroup			INTEGER,
		ikePropLifetime			INTEGER,
		ikePropStatus			RowStatus
		}	

ikePropName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IKE proposal. "
	::= { ikePropEntry 1 }
	
ikePropEncyptoAlg		OBJECT-TYPE
	SYNTAX	INTEGER {
				trides(1),
				des(2),
				aes128(3),
				aes192(4),
				aes256(5),
				blowfish(6),
				cast(7)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the encryption algorithm for one IKE proposal. "
	DEFVAL { des }
	::= { ikePropEntry 2 }
	
ikePropAuthAlg			OBJECT-TYPE
	SYNTAX	INTEGER {
				md5(1),
				sha1(2),
				sha256(3),
				sha512(4)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the authentication algorithm for one IKE proposal. "
	DEFVAL { sha1 }
	::= { ikePropEntry 3 }
	
ikePropDHGroup			OBJECT-TYPE
	SYNTAX	INTEGER {
				group1(1),
				group2(2),
				group5(3),
				group14(4),
				group15(5),
				group16(6),
				group17(7),
				group18(8)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the DH groupware for one IKE proposal. "
	DEFVAL { group1 }
	::= { ikePropEntry 4 }
	
ikePropLifetime			OBJECT-TYPE
	SYNTAX	INTEGER(180..31536000)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the lifetime for one IKE proposal. "
	DEFVAL	{ 86400}
	::= { ikePropEntry 5 }
	
ikePropStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { ikePropEntry 6 }

-- *****************************************************************

-- *****************************************************************
-- IPsec Proposal Table

ipsecPropTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IPsecPropEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the IPsec proposals configured by the operator."
    	::={ ipsecConfigGroup 4 }
    
ipsecPropEntry	OBJECT-TYPE
    	SYNTAX IPsecPropEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one IPsec proposal."
    	INDEX { ipsecPropName }
    	::= { ipsecPropTable 1 }
    
IPsecPropEntry	::=
	SEQUENCE {
		ipsecPropName			OCTET STRING,		
		ipsecPropEncyptoAlg		INTEGER,
		ipsecPropESPAuthAlg		INTEGER,
		ipsecPropAHAuthAlg		INTEGER,
		ipsecPropCompAlg		INTEGER,
		ipsecPropEncapMode		INTEGER,
		ipsecPropDHGroup		INTEGER,
		ipsecPropLifeSeconds		INTEGER,
		ipsecPropLifeKBytes		INTEGER,
		ipsecPropStatus			RowStatus
		}	

ipsecPropName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec proposal. "
	::= { ipsecPropEntry 1 }
	
ipsecPropEncyptoAlg		OBJECT-TYPE
	SYNTAX	INTEGER {
				trides(1),
				des(2),
				aes128(3),
				aes192(4),
				aes256(5),
				blowfish(6),
				cast(7),
				serpent(8),
				twofish(9),
				ssp02(10),
				null(11),
				none(12)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the encryption algorithm for one IPsec proposal. "
	DEFVAL { des }
	::= { ipsecPropEntry 2 }
	
ipsecPropESPAuthAlg		OBJECT-TYPE
	SYNTAX	INTEGER {
				md5(1),
				sha1(2),
				sha256(3),
				sha512(4),
				rmd160(5),
				aesmac(6),
				none(7)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the encryption algorithm for one IPsec proposal. "
	DEFVAL { md5 }
	::= { ipsecPropEntry 3 }
	
ipsecPropAHAuthAlg			OBJECT-TYPE
	SYNTAX	INTEGER {
				md5(1),
				sha1(2),
				sha256(3),
				sha512(4),
				none(5)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the authentication algorithm for one IPsec proposal. "
	DEFVAL { none }
	::= { ipsecPropEntry 4 }

ipsecPropCompAlg			OBJECT-TYPE
	SYNTAX	INTEGER {
				lzs(1),
				deflate(2),
				none(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the compression algorithm for one IPsec proposal. "
	DEFVAL { none }
	::= { ipsecPropEntry 5 }
	
ipsecPropEncapMode			OBJECT-TYPE
	SYNTAX	INTEGER {
				tunnel(1),
				transport(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the encapsulation mode for one IPsec proposal. "
	DEFVAL { tunnel }
	::= { ipsecPropEntry 6 }
	
ipsecPropDHGroup			OBJECT-TYPE
	SYNTAX	INTEGER {
				group1(1),
				group2(2),
				group5(3),
				group14(4),
				group15(5),
				group16(6),
				group17(7),
				group18(8),
				none(9)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the DH groupware for one IPsec proposal. "
	DEFVAL { group1 }
	::= { ipsecPropEntry 7 }
	
ipsecPropLifeSeconds			OBJECT-TYPE
	SYNTAX	INTEGER(180..31536000)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the lifetime for one IPsec proposal. "
	::= { ipsecPropEntry 8 }
	
ipsecPropLifeKBytes			OBJECT-TYPE
	SYNTAX	INTEGER(204800..2147483647)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the lifetime for one IPsec proposal. "
	::= { ipsecPropEntry 9 }
	
ipsecPropStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { ipsecPropEntry 10 }

-- *****************************************************************

-- *****************************************************************
-- Security Level Table

secLevelTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF SecLevelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the security level suits which can be customed by the operator."
    	::={ ipsecConfigGroup 5 }
    
secLevelEntry	OBJECT-TYPE
    	SYNTAX SecLevelEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one security level suit. "
    	INDEX { secLevelID }
    	::= { secLevelTable 1 }
    
SecLevelEntry	::=
	SEQUENCE {
		secLevelID			INTEGER,
		secLevelIKEProp1		OCTET STRING,
		secLevelIKEProp2		OCTET STRING,
		secLevelIKEProp3		OCTET STRING,
		secLevelIKEProp4		OCTET STRING,
		secLevelIPsecProp1		OCTET STRING,
		secLevelIPsecProp2		OCTET STRING,
		secLevelIPsecProp3		OCTET STRING,
		secLevelIpsecProp4		OCTET STRING,
		secLevelStatus			RowStatus
		}	

secLevelID			OBJECT-TYPE
	SYNTAX	INTEGER {
				basic(1),
				standard(2),
				high(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the index of one security level suit. "
	::= { secLevelEntry 1 }

secLevelIKEProp1		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IKE proposal in this security level suit. "
	::= { secLevelEntry 2 }
	
secLevelIKEProp2		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IKE proposal in this security level suit. "
	::= { secLevelEntry 3 }

secLevelIKEProp3		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IKE proposal in this security level suit. "
	::= { secLevelEntry 4 }
	
secLevelIKEProp4		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IKE proposal in this security level suit. "
	::= { secLevelEntry 5 }
	
secLevelIPsecProp1		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec proposal in this security level suit. "
	::= { secLevelEntry 6 }
	
secLevelIPsecProp2		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec proposal in this security level suit. "
	::= { secLevelEntry 7 }

secLevelIPsecProp3		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec proposal in this security level suit. "
	::= { secLevelEntry 8 }

secLevelIPsecProp4		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec proposal in this security level suit. "
	::= { secLevelEntry 9 }

secLevelStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { secLevelEntry 10 }

-- *****************************************************************

-- *****************************************************************
-- PreShared Key Table

preshKeyTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF PreShKeyEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the preshared keys configured by the operator."
    	::={ ipsecConfigGroup 6 }
    
preshKeyEntry	OBJECT-TYPE
    	SYNTAX PreShKeyEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one preshared key. "
    	INDEX { preshKeyID, preshKeyAny }
    	::= { preshKeyTable 1 }
    
PreShKeyEntry	::=
	SEQUENCE {
		preshKeyID			OCTET STRING,
		preshKeyAny			INTEGER,
		preshKeyData			OCTET STRING,
		preshKeySeed			INTEGER,
		preshKeyStatus			RowStatus
		}	

preshKeyID			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the identity of one preshared key. "
	::= { preshKeyEntry 1 }

preshKeyAny			OBJECT-TYPE
	SYNTAX	INTEGER {
				yes(1),
				no(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines if the key is for any peer or not. "
	DEFVAL { no }
	::= { preshKeyEntry 2 }

preshKeyData			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the data of one preshared key. "
	::= { preshKeyEntry 3 }
	
preshKeySeed			OBJECT-TYPE
	SYNTAX	INTEGER {
				yes(1),
				no(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines if the key is seed one or not. "
	DEFVAL { no }
	::= { preshKeyEntry 4 }

preshKeyStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { preshKeyEntry 5 }

-- *****************************************************************

-- *****************************************************************
-- IPsec Policy (Data Flow and Action) Table

ipsecPolTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IPsecPolEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the IPsec policies configured by the operator."
    	::={ ipsecConfigGroup 7 }
    
ipsecPolEntry	OBJECT-TYPE
    	SYNTAX IPsecPolEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one IPsec policy. "
    	INDEX { ipsecPolName }
    	::= { ipsecPolTable 1 }
    
IPsecPolEntry	::=
	SEQUENCE {
		ipsecPolName			OCTET STRING,
		ipsecPolSrcAddr			OCTET STRING,
		ipsecPolSrcMask			OCTET STRING,
		ipsecPolDstAddr			OCTET STRING,
		ipsecPolDstMask			OCTET STRING,
		ipsecPolProto			INTEGER,
		ipsecPolSrcPortType		INTEGER,
		ipsecPolSrcPort1		INTEGER,
		ipsecPolSrcPort2		INTEGER,
		ipsecPolDstPortType		INTEGER,
		ipsecPolDstPort1		INTEGER,
		ipsecPolDstPort2		INTEGER,
		ipsecPolAction			INTEGER,
		ipsecPolTunnel1			OCTET STRING,
		ipsecPolTunnel2			OCTET STRING,
		ipsecPolTunnel3			OCTET STRING,
		ipsecPolTunnel4			OCTET STRING,
		ipsecPolLoadBalance		INTEGER,
		ipsecPolBypass			INTEGER,
		ipsecPolIPsecProp1		OCTET STRING,
		ipsecPolIPsecProp2		OCTET STRING,
		ipsecPolIPsecProp3		OCTET STRING,
		ipsecPolIPsecProp4		OCTET STRING,	
		ipsecPolType			INTEGER,
		ipsecPolParentName		OCTET STRING,
		ipsecPolTimeRange		OCTET STRING,	
		ipsecPolStatus			RowStatus,
		ipsecPolRTReverse		INTEGER
		}	

ipsecPolName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of one IPsec policy. "
	::= { ipsecPolEntry 1 }

ipsecPolSrcAddr			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the source address for the IPsec policy. "
	::= { ipsecPolEntry 2 }

ipsecPolSrcMask			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the source address mask for the IPsec policy. "
	::= { ipsecPolEntry 3 }
		
ipsecPolDstAddr			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the destination address for the IPsec policy. "
	::= { ipsecPolEntry 4 }

ipsecPolDstMask			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the destination address mask for the IPsec policy. "
	::= { ipsecPolEntry 5 }
	
ipsecPolProto			OBJECT-TYPE
	SYNTAX	INTEGER {
				ip(1),
				tcp(2),
				udp(3),
				icmp(4),
				igmp(5)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the protocol of the data flow for the IPsec policy. "
	DEFVAL { ip }
	::= { ipsecPolEntry 6 }
	
ipsecPolSrcPortType		OBJECT-TYPE
	SYNTAX	INTEGER {
				single(1),
				range(2),
				any(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the type of source port number of the flow for one IPsec policy, which 
		determined whether the following two source ports is meaningful or not. "
	::= { ipsecPolEntry 7 }

ipsecPolSrcPort1		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the source port number of the flow for one IPsec policy. 
		If the prot range is specified, it is the first port for starting. "
	::= { ipsecPolEntry 8 }
	
ipsecPolSrcPort2		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the source port number of the flow for one IPsec policy. 
		If the prot range is specified, it is the last port for ending. "
	::= { ipsecPolEntry 9 }

ipsecPolDstPortType		OBJECT-TYPE
	SYNTAX	INTEGER {
				single(1),
				range(2),
				any(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the type of destination port number of the flow for one IPsec policy, which 
		determined whether the following two destination ports is meaningful or not. "
	::= { ipsecPolEntry 10 }
	
ipsecPolDstPort1		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the destination port number of the flow for one IPsec policy. 
		If the prot range is specified, it is the first port for starting. "
	::= { ipsecPolEntry 11 }
	
ipsecPolDstPort2		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the destination port number of the flow for one IPsec policy. 
		If the prot range is specified, it is the last port for ending. "
	::= { ipsecPolEntry 12 }
	
ipsecPolAction			OBJECT-TYPE
	SYNTAX	INTEGER {
				permit(1),
				deny(2),
				tunnel(3)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines what action will be executed for this IPsec policy. "
	DEFVAL { tunnel }
	::= { ipsecPolEntry 13 }
	
ipsecPolTunnel1			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec tunnel for this policy. "
	::= { ipsecPolEntry 14 }
	
ipsecPolTunnel2			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec tunnel for this policy. "
	::= { ipsecPolEntry 15 }

ipsecPolTunnel3			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec tunnel for this policy. "
	::= { ipsecPolEntry 16 }

ipsecPolTunnel4			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec tunnel for this policy. "
	::= { ipsecPolEntry 17 }
	
ipsecPolLoadBalance		OBJECT-TYPE
	SYNTAX	INTEGER {
				yes(1),
				no(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines whether the IPsec tunnels is for payload balance on this policy. "
	DEFVAL { no }
	::= { ipsecPolEntry 18 }

ipsecPolBypass			OBJECT-TYPE
	SYNTAX	INTEGER {
				yes(1),
				no(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines whether the packets could be bypass when the ipsec sa for it is not existed. "
	DEFVAL { no }
	::= { ipsecPolEntry 19 }
		
ipsecPolIPsecProp1		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by this policy. "
	::= { ipsecPolEntry 20 }
	
ipsecPolIPsecProp2		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by this policy. "
	::= { ipsecPolEntry 21 }

ipsecPolIPsecProp3		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by this policy. "
	::= { ipsecPolEntry 22 }

ipsecPolIPsecProp4		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the IPsec proposal used by this policy. "
	::= { ipsecPolEntry 23 }

ipsecPolType		OBJECT-TYPE
	SYNTAX	INTEGER {
				original(1),
				subpolicy(2)
				}
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the type of this policy. Note: subpolicy means this policy is generated during IKE negotiation."
	::= { ipsecPolEntry 24 }
	
ipsecPolParentName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the parent policy name of sub-policy. "
	::= { ipsecPolEntry 25 }

ipsecPolTimeRange		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the time range of the policy. "
	::= { ipsecPolEntry 26 }
		
ipsecPolStatus			OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { ipsecPolEntry 27 }

ipsecPolRTReverse			OBJECT-TYPE
	SYNTAX	INTEGER {
				yes(1),
				no(2)
				}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines whether set the reverse route while sa is established . "
	DEFVAL { no }
	::= { ipsecPolEntry 28 }
-- *****************************************************************

-- *****************************************************************
-- IKE ID alias

idAliasTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IdAliasEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the ID alias configured by the operator."
    	::={ ipsecConfigGroup 8 }
    
idAliasEntry	OBJECT-TYPE
    	SYNTAX IdAliasEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with one ID alias. "
    	INDEX { idAliasName }
    	::= { idAliasTable 1 }
    
IdAliasEntry	::=
	SEQUENCE {
		idAliasName			OCTET STRING,
		idAliasId			OCTET STRING,
		idRsetPoolName			OCTET STRING,
		idRsetAddr			OCTET STRING,
		idRsetMask			OCTET STRING,
		idRsetFirstWinsAddr		OCTET STRING,
		idRsetSecondWinsAddr		OCTET STRING,
		idRsetFirstDnsAddr		OCTET STRING,
		idRsetSecondDnsAddr		OCTET STRING,
		idAuthListName			OCTET STRING,
		idAuthUserName			OCTET STRING,
		idAuthUserGroupName		OCTET STRING,
		idAuthorListName		OCTET STRING,
		idAliasDisable			INTEGER,
		idAliasRef			INTEGER,
		idAliasTimeRange		OCTET STRING,
		idAliasStatus			RowStatus,
		idAliasVrcCfgVer		INTEGER,
		idAliasVrcOption		INTEGER
		}	

idAliasName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the ID alias. "
	::= { idAliasEntry 1 }

idAliasId			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the id of the ID alias. "
	::= { idAliasEntry 2 }
		
idRsetPoolName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the pool name in remote settings. "
	::= { idAliasEntry 3 }
	
idRsetAddr			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the ip address in remote settings. "
	::= { idAliasEntry 4 }
	
idRsetMask			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the ip address mask in remote settings. "
	::= { idAliasEntry 5 }	
	
idRsetFirstWinsAddr		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the first wins address in remote settings. "
	::= { idAliasEntry 6 }
	
idRsetSecondWinsAddr		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the second wins address in remote settings. "
	::= { idAliasEntry 7 }
	
idRsetFirstDnsAddr		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the first dns address in remote settings. "
	::= { idAliasEntry 8 }
	
idRsetSecondDnsAddr		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the second dns address in remote settings. "
	::= { idAliasEntry 9 }
	
idAuthListName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the authentication list name in remote settings. "
	::= { idAliasEntry 10 }
	
idAuthUserName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the user name of authentication in remote settings. "
	::= { idAliasEntry 11 }
	
idAuthUserGroupName	OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the user group name of authentication in remote settings. "
	::= { idAliasEntry 12 }
	
idAuthorListName	OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the authorization list name in remote settings. "
	::= { idAliasEntry 13 }
	
idAliasDisable		OBJECT-TYPE
	SYNTAX	INTEGER {
			true(1),
			false(2)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the disable flag of ID alias. "
	::= { idAliasEntry 14 }
	
idAliasRef		OBJECT-TYPE
	SYNTAX	INTEGER
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the reference number of ID alias. "
	::= { idAliasEntry 15 }
	
idAliasTimeRange	OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the time range of alias. "
	::= { idAliasEntry 16 }
	
idAliasStatus		OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { idAliasEntry 17 }
    	
idAliasVrcCfgVer		OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS 	read-write
	STATUS 		current
    	DESCRIPTION
    		"The object defines the version of the config_file of vrc."
    	::= { idAliasEntry 18 }
    	
idAliasVrcOption		OBJECT-TYPE
	SYNTAX	INTEGER 
	MAX-ACCESS 	read-write
	STATUS 		current
    	DESCRIPTION
    		"The object defines the binding information of vrc."
    	::= { idAliasEntry 19 }
    	
-- *****************************************************************

-- *****************************************************************
-- Excluded id table
excludedIdTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF ExcludedIdEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the excluded ID in ID alias."
    	::={ ipsecConfigGroup 9 }
    
excludedIdEntry		OBJECT-TYPE
    	SYNTAX 	ExcludedIdEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with excluded ID. "
    	INDEX { idAliasName, excludedId }
    	::= { excludedIdTable 1 }
    
ExcludedIdEntry	::=
	SEQUENCE {
		idAliasName			OCTET STRING,
		excludedId			OCTET STRING,
		excludedIdStatus		RowStatus
		}	

idAliasName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the ID alias. "
	::= { excludedIdEntry 1 }    	

excludedId			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the excluded ID. "
	::= { excludedIdEntry 2 }        	
	
excludedIdStatus		OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { excludedIdEntry 3 }
-- *****************************************************************

-- *****************************************************************
-- ID group table
idGroupTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IdGroupEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the ID group."
    	::={ ipsecConfigGroup 10 }

idGroupEntry		OBJECT-TYPE
    	SYNTAX 	AliasInGroupEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with ID group. "
    	INDEX { idGroupName }
    	::= { idGroupTable 1 }
    
IdGroupEntry	::=
	SEQUENCE {
		idGroupName			OCTET STRING,
		idGroupRef			INTEGER,
		idGroupStatus			RowStatus
		}	

idGroupName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the ID group. "
	::= { idGroupEntry 1 }    
	
idGroupRef			OBJECT-TYPE
	SYNTAX	INTEGER
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the referenced number. "
	::= { idGroupEntry 2 } 

idGroupStatus		OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { idGroupEntry 3 }
    			    		
-- *****************************************************************
-- alias in group table

aliasInGroupTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF AliasInGroupEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the ID group."
    	::={ ipsecConfigGroup 11 }
    
aliasInGroupEntry		OBJECT-TYPE
    	SYNTAX 	AliasInGroupEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the alias used by group. "
    	INDEX { idGroupName, idAliasName }
    	::= { aliasInGroupTable 1 }
    
AliasInGroupEntry	::=
	SEQUENCE {
		idGroupName			OCTET STRING,
		idAliasName			OCTET STRING,
		aliasInGroupStatus		RowStatus
		}	

idGroupName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the name of the ID group. "
	::= { aliasInGroupEntry 1 }    	

idAliasName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the ID alias. "
	::= { aliasInGroupEntry 2 }        	
	
aliasInGroupStatus		OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { aliasInGroupEntry 3 }
-- *****************************************************************
    	    	
-- *****************************************************************
-- IPsec Global Command Group

ipsecGlobalGroup	OBJECT IDENTIFIER ::= { ipsecConfigGroup 12 }

ipsecFastForward	OBJECT-TYPE
	SYNTAX	INTEGER { 
				disable(1),
				enable(2) 
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"The object defines the operation of IPsec fast-forward. "
	::= { ipsecGlobalGroup 1 }

ipsecPreFragment	OBJECT-TYPE
	SYNTAX	INTEGER{
				disable(1),
				enable(2)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"The object defines the operation of IPsec pre-fragment."
	::= { ipsecGlobalGroup 2 }

mpInitConfUserName			OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"This object defines the user name of init config. "
	::= { ipsecGlobalGroup 3 }   
			
-- *****************************************************************

-- *****************************************************************

clearSAGroup	OBJECT IDENTIFIER ::= { ipsecDebugGroup 1 }


clearSARebuild	OBJECT-TYPE
	SYNTAX	INTEGER { 
				yes(1),
				no(2) 
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"The object defines the operation clearing crypto SAs, and the value of it determines whether 
		the SAs need to be rebuilded after being cleared. "
	::= { clearSAGroup 1 }
		
clearSATunnelName	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"The object defines the name of the tunnel"
	::= { clearSAGroup 2 }

clearSATunnelId		OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The object defines the id number of the tunnel"
	::= { clearSAGroup 3 }
	
clearSAPolicyName	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The object defines the name of the policy. "
	::= { clearSAGroup 4 }
	
clearSAPolicyId		OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The object defines the id number of the policy. "
	::= { clearSAGroup 5 }
	
-- *****************************************************************

-- *****************************************************************

changePolicyOrderGroup	OBJECT IDENTIFIER ::= { ipsecDebugGroup 2 }

changePolicyOrderType	OBJECT-TYPE
	SYNTAX		INTEGER { 
					before(1),
					after(2),
					first(3),
					last(4) 
				}
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The type of the operation for changed policy position. "
	::= { changePolicyOrderGroup 1 }

changePolicyName	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The name of the policy which should be changed. "
	::= { changePolicyOrderGroup 2 }

changePolicyIndexName	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The name of the index policy. "
	::= { changePolicyOrderGroup 3 }	

-- *****************************************************************

-- *****************************************************************
specialActionTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF SpecialActionEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all of special action for IPsec module."
    	::={ ipsecDebugGroup 3 }
    
specialActionEntry		OBJECT-TYPE
    	SYNTAX 	SpecialActionEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the attributes associated with excluded ID. "
    	INDEX { mpSpecActObjName, mpSpecActOptCode }
    	::= { specialActionTable 1 }
    
SpecialActionEntry	::=
	SEQUENCE {
		mpSpecActObjName		OCTET STRING,
		mpSpecActOptCode		INTEGER,
		mpSpecActOptReturn		INTEGER,
		mpSpecActStatus			RowStatus
		}	

mpSpecActObjName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the object name of special action. "
	::= { specialActionEntry 1 }    
	
mpSpecActOptCode		OBJECT-TYPE
	SYNTAX	INTEGER {
			delete_tunnel(1)
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the option code of special action. "
	::= { specialActionEntry 2 }    		

mpSpecActOptReturn		OBJECT-TYPE
	SYNTAX	INTEGER {
			executing(1)
			success(2),
			fail(3)						
			}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object defines the option code of special action. "
	::= { specialActionEntry 3 }   
	
mpSpecActStatus		OBJECT-TYPE
	SYNTAX		RowStatus
	MAX-ACCESS 	read-create
	STATUS 		current
    	DESCRIPTION
    		"The object defines the status of the table entry."
    	::= { specialActionEntry 4 }   
-- *****************************************************************

-- *****************************************************************
-- IPsec notify
ipsecTraps		OBJECT IDENTIFIER ::= { ipsecMonitorGroup 0 }

ipsecSAEsatbalishedTrap		NOTIFICATION-TYPE
	OBJECTS {
		estabSaTrapStateIndex,
		estabSaTrapReplacedStateIndex,
		estabSaTrapRemoteId,
		estabSaTrapLocalId,
		estabSaTrapRemoteAddress,
		estabSaTrapLocalAddress,
		estabSaTrapPolSrcAddr,
		estabSaTrapPolSrcMask,
		estabSaTrapPolDstAddr,
		estabSaTrapPolDstMask,
		estabSaTrapPolProto,
		estabSaTrapPolSrcPort,
		estabSaTrapPolDstPort		
		}	
	STATUS current
    	DESCRIPTION
		"IPsec SATRAP."
    	::={ ipsecTraps 1 }

ipsecSADeletedTrap		NOTIFICATION-TYPE
	OBJECTS {
		delSaTrapStateIndex,
		delSaTrapRemoteId,
		delSaTrapLocalId,
		delSaTrapDurationTime,
		delSaTrapOutboundKBytes,
		delSaTrapInboundKBytes				
		}	
	STATUS current
    	DESCRIPTION
		"IPsec SAɾTRAP."
    	::={ ipsecTraps 2 }
    	
ipsecKeepAliveTrap		NOTIFICATION-TYPE
	OBJECTS {	
		mpInitConfUserName	
		}	
	STATUS current
    	DESCRIPTION
		"IPsec keep aliveTRAP."
    	::={ ipsecTraps 3 }
-- *****************************************************************

-- *****************************************************************
-- IKE SA table


ikeSaInfoTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IkeSaInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all the detail about ISAKMP SAs including the connected IPSec SAs.
		It corresponds to cmd: show crypto isa sa. When showing the simple information, it only 
		shows the four fields of the table: IkeSaLocalAddress, IkeSaRemoteAddress, IkeSaStatus, IkeSASerialNo. "
   	::= { ipsecMonitorGroup 1 }
    
ikeSaInfoEntry	OBJECT-TYPE
    	SYNTAX IkeSaInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains all the fields connected with one IKE SA."
    	INDEX { ikeSASerialNo }
    	::= { ikeSaInfoTable 1 }
    
IkeSaInfoEntry	::=
	SEQUENCE {
			ikeSASerialNo			Counter32,	
			ikeSaStatus			OCTET STRING,	
			ikeSaStatusDetail		OCTET STRING,	
			ikeSaState			INTEGER,
			ikeSaLocalAddress		IpAddress,	
			ikeSaRemoteAddress		IpAddress,	
			ikeSaTunnelName			OCTET STRING,	
			ikeSaRemoteCfgIdentity	OCTET STRING,
			ikeSaRemoteInstIdentity	OCTET STRING,
			ikeSaLocalCfgIdentity		OCTET STRING,
			ikeSaLocalInstIdentity		OCTET STRING,
			ikeFlowName			OCTET STRING,			
			ikeSaTimerEvent1			OCTET STRING,	
			ikeSaTimerRemain1		UInteger32,	
			ikeSaTimerEvent2			OCTET STRING,	
			ikeSaTimerRemain2		UInteger32,	
			ikeSaTimerEvent3			OCTET STRING,	
			ikeSaTimerRemain3		UInteger32,	
			ikeSaTimerEvent4			OCTET STRING,	
			ikeSaTimerRemain4		UInteger32,	
			ikeSaIpsecAhOutSpi		Counter32,
			ikeSaIpsecAhInSpi		Counter32,
			ikeSaIpsecEspOutSpi		Counter32,
			ikeSaIpsecEspInSpi		Counter32,
			}
			
ikeSASerialNo		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines serial number of an IKE SA, which is also the index of the table. "
	::= { ikeSaInfoEntry 1 }
	
ikeSaStatus		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the state of an IKE SA, which also shows the state of IKE exchange for building IPSec SA. "
	::= { ikeSaInfoEntry 2 }	
	
ikeSaStatusDetail	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the detail about IkeSaStatus object, which can be easily understood. "
	::= { ikeSaInfoEntry 3 }

ikeSaState		OBJECT-TYPE
	SYNTAX		INTEGER { 
					current(1),
					negotiation(2),
					replaced(3)
					}
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines three type of state. "
	::= { ikeSaInfoEntry 4 }	
	
ikeSaLocalAddress	OBJECT-TYPE
	SYNTAX		IpAddress
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the local IP address of the tunnel. "
	::= { ikeSaInfoEntry 5 }	
	
ikeSaRemoteAddress	OBJECT-TYPE
	SYNTAX		IpAddress
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the peer IP address of the tunnel. "
	::= { ikeSaInfoEntry 6 }
	
ikeSaTunnelName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identifier nubmer of the tunnel corresponding to the IKE SA. "
	::= { ikeSaInfoEntry 7 }	

ikeSaRemoteCfgIdentity	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identity of the remote end. "
	::= { ikeSaInfoEntry 8 }

ikeSaRemoteInstIdentity	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identity of the remote end. "
	::= { ikeSaInfoEntry 9 }

ikeSaLocalCfgIdentity	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identity of the local end. "
	::= { ikeSaInfoEntry 10 }
	
ikeSaLocalInstIdentity	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identity of the local end. "
	::= { ikeSaInfoEntry 11 }

ikeFlowName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the identifier nubmer of the policy corresponding to the IKE SA. "
	::= { ikeSaInfoEntry 12 }	

ikeSaTimerEvent1		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the type of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 13 }	
	
ikeSaTimerRemain1	OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the remainder time of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 14 }	

ikeSaTimerEvent2		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the type of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 15 }	
	
ikeSaTimerRemain2	OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the remainder time of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 16 }	

ikeSaTimerEvent3		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the type of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 17 }	
	
ikeSaTimerRemain3	OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the remainder time of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 18 }	

ikeSaTimerEvent4		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the type of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 19 }	
	
ikeSaTimerRemain4	OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the remainder time of the timer event connected with an IKE SA. "
	::= { ikeSaInfoEntry 20 }	
	
ikeSaIpsecAhOutSpi		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the SPI which is one part of an outbound IPSec SA identifier corresponding to
    		AH protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
	::= { ikeSaInfoEntry 21 }	
	
ikeSaIpsecAhInSpi		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the SPI which is one part of an inbound IPSec SA identifier corresponding to
    		AH protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
	::= { ikeSaInfoEntry 22 }
	
ikeSaIpsecEspOutSpi		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the SPI which is one part of an outbound IPSec SA identifier corresponding to
    		ESP protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
	::= { ikeSaInfoEntry 23 }
	
ikeSaIpsecEspInSpi		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS 		current
    	DESCRIPTION
    		"The object defines the SPI which is one part of an inbound IPSec SA identifier corresponding to
    		ESP protocol when the IPSec SA is already builded, that is to say, the value of IkeSaState is newestIPSec. "
	::= { ikeSaInfoEntry 24 }

-- *****************************************************************

-- *****************************************************************
-- IPSec SA Information Table

ipsecSAInfoTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IPSecSAInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains the detail information about all the IPSec SAs, which is only for being displayed. "
    	::={ ipsecMonitorGroup 2 }
    
ipsecSAInfoEntry	OBJECT-TYPE
    	SYNTAX IPSecSAInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains all the attributes about one pair of IPSec SAs. "
    	INDEX { ipsecSAIndex }
    	::= { ipsecSAInfoTable 1 }
    	
IPSecSAInfoEntry	::=
	SEQUENCE {	
			ipsecSAIndex			COUNTER32,
			ipsecSAStateIndex		COUNTER32,
			ipsecSAFlowName			OCTET STRING,
			ipsecSAProtoName		INTEGER,
			ipsecSAEncAlgName		OCTET STRING,
			ipsecSAAuthAlgName		OCTET STRING,
			ipsecSAIPCompAlgName		OCTET STRING,
			ipsecSAInSPI			Counter32,
			ipsecSAInExpTime		Counter32,
			ipsecSAInRemainTime		Counter32,
			ipsecSAInPackets		UInteger32,
			ipsecSAInKiloBytes		UInteger32,
			ipsecSAInLeftKBytes		UInteger32,
			ipsecSAInCompedBytes		UInteger32,
			ipsecSAInDecompedBytes		UInteger32,
			ipsecSAInGroupSASPI		Counter32,
			ipsecSAInGroupID		INTEGER,
			ipsecSAOutSPI			Counter32,
			ipsecSAOutExpTime		Counter32,
			ipsecSAOutRemainTime		Counter32,			
			ipsecSAOutPackets		UInteger32,
			ipsecSAOutKiloBytes		UInteger32,
			ipsecSAOutLeftKBytes		UInteger32,
			ipsecSAOutCompedBytes		UINTEGER32,
			ipsecSAOutDecompedBytes		UINTEGER32,
			ipsecSAOutGroupSASPI		Counter32,
			ipsecSAOutGroupID		INTEGER
		}
		
ipsecSAIndex			OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the index of pairs of IPSec SAs, which is only the index of the table and not has actual meaning. "
	::= { ipsecSAInfoEntry 1 }
	
ipsecSAStateIndex		OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the id number of the phase2 ike sa. "
	::= { ipsecSAInfoEntry 2 }
	
ipsecSAFlowName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the name of the flow corresponding to the IPSec SAs."
	::= { ipsecSAInfoEntry 3 }
	
ipsecSAProtoName		OBJECT-TYPE
	SYNTAX	INTEGER { 
				esp(1),
				ah(2),
				ipcomp(3)
				}
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the switch of anti-replaying associated with the IPSec SAs. "
	::= { ipsecSAInfoEntry 4 }
			
ipsecSAEncAlgName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the name of the encryption algorithm. "
	::= { ipsecSAInfoEntry 5 }
	
ipsecSAAuthAlgName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the name of the authentication algorithm. "
	::= { ipsecSAInfoEntry 6 }

ipsecSAIPCompAlgName		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the name of the compression algorithm. "
	::= { ipsecSAInfoEntry 7 }
		
ipsecSAInSPI			OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the SPI of the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 8 }

ipsecSAInExpTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the expired time of the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 9 }

ipsecSAInRemainTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remaining time of the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 10 }
				
ipsecSAInPackets		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the total number of the input packets protected by the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 11 }
	
ipsecSAInKiloBytes			OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the input data protected by the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 12 }

ipsecSAInLeftKBytes		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remained lifetime measured as kilobytes about the inbound IPSec SA. "
	::= { ipsecSAInfoEntry 13 }

ipsecSAInCompedBytes		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the input compressed data measured as kilobytes. "
	::= { ipsecSAInfoEntry 14 }

ipsecSAInDecompedBytes		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the input decompressed data measured as kilobytes. "
	::= { ipsecSAInfoEntry 15 }
		
ipsecSAInGroupSASPI		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the SPI of the IPSec SA which protects the same input data flow with the inbound IPSec SA. 
		In current its value is usually null. "
	::= { ipsecSAInfoEntry 16 }
	
ipsecSAInGroupID		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The group identity of inbound SA. "
	::= { ipsecSAInfoEntry 17 }

ipsecSAOutSPI			OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the SPI of the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 18 }

ipsecSAOutExpTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the expired time of the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 19 }

ipsecSAOutRemainTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remaining time of the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 20 }
			
ipsecSAOutPackets		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the total number of the output packets protected by the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 21 }
	
ipsecSAOutKiloBytes			OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines all the output data measured as kilobytes protected by the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 22 }
	
ipsecSAOutLeftKBytes		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remained lifetime measured as kilobytes about the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 23 }

ipsecSAOutCompedBytes		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the output compressed data measured as kilobytes. "
	::= { ipsecSAInfoEntry 24 }

ipsecSAOutDecompedBytes		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the output decompressed data measured as kilobytes. "
	::= { ipsecSAInfoEntry 25 }
		
ipsecSAOutGroupSASPI		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the SPI of the IPSec SA which protects the same output data flow with the outbound IPSec SA. "
	::= { ipsecSAInfoEntry 26 }	

ipsecSAOutGroupID		OBJECT-TYPE
	SYNTAX	INTEGER(1..65535)
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The group identity of outbound SA. "
	::= { ipsecSAInfoEntry 27 }

-- *****************************************************************

-- *****************************************************************
-- IPSec SA Simple Information Table

ipsecSASimpleInfoTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IPSecSASimpleInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains the detail information about all the IPSec SAs, which is only for being displayed. "
    	::={ ipsecMonitorGroup 3 }
    
ipsecSASimpleInfoEntry	OBJECT-TYPE
    	SYNTAX IPSecSASimpleInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains all the attributes about one pair of IPSec SAs. "
    	INDEX { mpIPsecSimpIndex }
    	::= { ipsecSASimpleInfoTable 1 }
    	
IPSecSASimpleInfoEntry	::=
	SEQUENCE {	
			mpIPsecSimpIndex			COUNTER32,
			mpIPsecSimpPeerAddr		OCTET STRING,
			mpIPsecSimpLocalAddr		OCTET STRING,
			mpIPsecSimpPeerID		OCTET STRING,
			mpIPsecSimpLocalID		OCTET STRING,
			mpIPsecSimpSrcAddr		OCTET STRING,
			mpIPsecSimpSrcMask		OCTET STRING,
			mpIPsecSimpDstAddr		OCTET STRING,
			mpIPsecSimpDstMask		OCTET STRING,
			mpIPsecSimpInExpTime		Counter32,
			mpIPsecSimpInRemainTime		Counter32,
			mpIPsecSimpInPackets		UInteger32,
			mpIPsecSimpInKiloBytes		UInteger32,
			mpIPsecSimpInLeftKBytes		UInteger32,
			mpIPsecSimpOutExpTime		Counter32,
			mpIPsecSimpOutRemainTime		Counter32,			
			mpIPsecSimpOutPackets		UInteger32,
			mpIPsecSimpOutKiloBytes		UInteger32,
			mpIPsecSimpOutLeftKBytes		UInteger32,
			mpIPsecSimpFlowName			OCTET STRING,
			mpIPsecStateId			COUNTER32,
			mpIPsecSimpPFlowName		OCTET STRING
		}
		
mpIPsecSimpIndex		OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the index of pairs of IPSec SAs, which is only the index of the table and not has actual meaning. "
	::= { ipsecSASimpleInfoEntry 1 }
	
mpIPsecSimpPeerAddr		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the peer address. "
	::= { ipsecSASimpleInfoEntry 2 }
	
mpIPsecSimpLocalAddr		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the local address. "
	::= { ipsecSASimpleInfoEntry 3 }
	
mpIPsecSimpPeerID		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the peer identity. "
	::= { ipsecSASimpleInfoEntry 4 }
	
mpIPsecSimpLocalID		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the local identity. "
	::= { ipsecSASimpleInfoEntry 5 }
	
mpIPsecSimpSrcAddr		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the source address. "
	::= { ipsecSASimpleInfoEntry 6 }
	
mpIPsecSimpSrcMask		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the source mask. "
	::= { ipsecSASimpleInfoEntry 7 }
	
mpIPsecSimpDstAddr		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the destination address. "
	::= { ipsecSASimpleInfoEntry 8 }
	
mpIPsecSimpDstMask		OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the destination mask. "
	::= { ipsecSASimpleInfoEntry 9 }
	
mpIPsecSimpInExpTime		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the expiration time of inbound IPsec SA. "
	::= { ipsecSASimpleInfoEntry 10 }
	
mpIPsecSimpInRemainTime		OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the remaining time of inbound IPsec SA. "
	::= { ipsecSASimpleInfoEntry 11 }	
	
mpIPsecSimpInPackets		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the packets number of inbound IPsec SA. "
	::= { ipsecSASimpleInfoEntry 12 }
	
mpIPsecSimpInKiloBytes			OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines all the input data protected by the inbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 13 }

mpIPsecSimpInLeftKBytes		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remained lifetime measured as kilobytes about the inbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 14 }
	
mpIPsecSimpOutExpTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the expired time of the outbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 15 }

mpIPsecSimpOutRemainTime		OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remaining time of the outbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 16 }
			
mpIPsecSimpOutPackets		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the total number of the output packets protected by the outbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 17 }
	
mpIPsecSimpOutKiloBytes			OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines all the output data measured as kilobytes protected by the outbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 18 }
	
mpIPsecSimpOutLeftKBytes		OBJECT-TYPE
	SYNTAX	UInteger32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the remained lifetime measured as kilobytes about the outbound IPSec SA. "
	::= { ipsecSASimpleInfoEntry 19 }

mpIPsecSimpFlowName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the policy name. "
	::= { ipsecSASimpleInfoEntry 20 }
	
mpIPsecStateId		OBJECT-TYPE
	SYNTAX	COUNTER32
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the state id of IPsec SA. "
	::= { ipsecSASimpleInfoEntry 21 }
	
mpIPsecSimpPFlowName		OBJECT-TYPE
	SYNTAX	OCTET STRING
	MAX-ACCESS	read-only
	STATUS	current
	DESCRIPTION
		"The object defines the parent policy name. "
	::= { ipsecSASimpleInfoEntry 22 }
-- *****************************************************************

-- *****************************************************************
ipsecTrapObjectsGroup		OBJECT IDENTIFIER ::= { ipsecMonitorGroup 4 }

estabSaTrapStateIndex	OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"׶ζstate. "
	::= { ipsecTrapObjectsGroup 1 }
	
estabSaTrapReplacedStateIndex	OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"滻Ľ׶ζstate. "
	::= { ipsecTrapObjectsGroup 2 }
	
estabSaTrapRemoteId	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ԶID. "
	::= { ipsecTrapObjectsGroup 3 }
	
estabSaTrapLocalId	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ID. "
	::= { ipsecTrapObjectsGroup 4 }

estabSaTrapRemoteAddress	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ԶIP. "
	::= { ipsecTrapObjectsGroup 5 }
	
estabSaTrapLocalAddress	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"IP. "
	::= { ipsecTrapObjectsGroup 6 }	
		
estabSaTrapPolSrcAddr	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Դַ. "
	::= { ipsecTrapObjectsGroup 7 }	
	
estabSaTrapPolSrcMask	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Դַ. "
	::= { ipsecTrapObjectsGroup 8 }	
	
estabSaTrapPolDstAddr	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Ŀĵַ. "
	::= { ipsecTrapObjectsGroup 9 }	

estabSaTrapPolDstMask	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Ŀĵַ. "
	::= { ipsecTrapObjectsGroup 10 }	

estabSaTrapPolProto	OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Э. "
	::= { ipsecTrapObjectsGroup 11 }	

estabSaTrapPolSrcPort	OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Դ˿. "
	::= { ipsecTrapObjectsGroup 12 }	

estabSaTrapPolDstPort	OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ĿĶ˿. "
	::= { ipsecTrapObjectsGroup 13 }			

delSaTrapStateIndex	OBJECT-TYPE
	SYNTAX		COUNTER32
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ɾstate. "
	::= { ipsecTrapObjectsGroup 14 }	

delSaTrapRemoteId	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ԶID. "
	::= { ipsecTrapObjectsGroup 15 }	

delSaTrapLocalId	OBJECT-TYPE
	SYNTAX		OCTET STRING
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ID. "
	::= { ipsecTrapObjectsGroup 16 }	

delSaTrapDurationTime	OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"ʱ䳤. "
	::= { ipsecTrapObjectsGroup 17 }	

delSaTrapOutboundKBytes	OBJECT-TYPE
	SYNTAX		COUNTER64
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		". "
	::= { ipsecTrapObjectsGroup 18 }	

delSaTrapInboundKBytes	OBJECT-TYPE
	SYNTAX		COUNTER64
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"뱨. "
	::= { ipsecTrapObjectsGroup 19 }	

-- *****************************************************************

-- *****************************************************************
-- IPsec Diagnostic Information Table

ipsecDiagInfoTable	OBJECT-TYPE
    	SYNTAX SEQUENCE OF IPsecDiagInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"The table contains all IPsec diagnostic informations for all policy-tunnel pairs."
    	::={ ipsecMonitorGroup 5 }
    
ipsecDiagInfoEntry	OBJECT-TYPE
    	SYNTAX IPsecDiagInfoEntry
    	MAX-ACCESS not-accessible
    	STATUS current
    	DESCRIPTION
		"Each entry contains the diagnostic informations for one policy-tunnel pair. "
    	INDEX { ipsecDiagInfoPolicyId, ipsecDiagInfoTunnelId }
    	::= { ipsecDiagInfoTable 1 }
    
IPsecDiagInfoEntry	::=
	SEQUENCE {	
			ipsecDiagInfoPolicyId		UInteger32,
			ipsecDiagInfoTunnelId		UInteger32,
			ipsecDiagInfoPolicyName	DisplayString,
			ipsecDiagInfoTunnelName	DisplayString,
			ipsecDiagInfoStatus		UInteger32
		}

ipsecDiagInfoPolicyId		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the policy id. "
	::= { ipsecDiagInfoEntry 1 }

ipsecDiagInfoTunnelId		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the tunnel id. "
	::= { ipsecDiagInfoEntry 2 }
		
ipsecDiagInfoPolicyName		OBJECT-TYPE
	SYNTAX		DisplayString (SIZE (0..32))
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the policy name. "
	::= { ipsecDiagInfoEntry 3 }
	
ipsecDiagInfoTunnelName		OBJECT-TYPE
	SYNTAX		DisplayString (SIZE (0..32))
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the tunnel name. "
	::= { ipsecDiagInfoEntry 4 }
	
ipsecDiagInfoStatus		OBJECT-TYPE
	SYNTAX		UInteger32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The object defines the status of specify policy-tunnel pair. "
	::= { ipsecDiagInfoEntry 5 }
	
-- *****************************************************************

END

