Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    IPsec Phase 2 IKE Tunnel Table

    Table 1 identifies objects listed in the IPsec Phase 2 IKE Tunnel Table.

    During this phase, IKE negotiates IPsec SA parameters and setup, matching IPsec SA in the peers.

    Phase 2 VPN includes tunnel peer connection, associated with a specific policy or a tunnel interface. Phase 2 SA components include encryption and authentication algorithms, proxy-IDs, and optional DH group values.

    Table 1: IPsec Phase 2 IKE Tunnel Table

    Object

    Object ID

    Description

    Note: The jnxIpSecNumOfTunnels object is not supported in this release.

    jnxIpSecNumOfTunnels

    jnxIpSecFlowMonPhaseTwo 1

    Number of IPsec VPN tunnels. This attribute should report the number of IPsec VPN tunnels in jnxIpSecTunnelTable.

    jnxIpSecTunnelMonTable

    jnxIpSecFlowMonPhaseTwo 2

    The IPsec Phase 2 Tunnel Table. There is one entry in this table for each active IPsec Phase 2 tunnel. If the tunnel is terminated, then the entry is no longer available after the table has been refreshed.

    jnxIpSecTunnelMonEntry

    jnxIpSecTunnelMonTable 1

    Each entry contains the attributes associated with an active IPsec Phase 2 tunnel.

    Sequence of attributes:

    • jnxIpSecTunMonRemoteGwAddrType
    • jnxIpSecTunMonRemoteGwAddr
    • jnxIpSecTunMonIndex
    • jnxIpSecTunMonLocalGwAddrType
    • jnxIpSecTunMonLocalGwAddr
    • jnxIpSecTunMonLocalProxyId
    • jnxIpSecTunMonRemoteProxyId
    • jnxIpSecTunMonKeyType
    • jnxIpSecTunMonRemotePeerType
    • jnxIpSecTunMonOutEncryptedBytes
    • jnxIpSecTunMonOutEncryptedPkts
    • jnxIpSecTunMonInDecryptedBytes
    • jnxIpSecTunMonInDecryptedPkts
    • jnxIpSecTunMonAHInBytes
    • jnxIpSecTunMonAHInPkts
    • jnxIpSecTunMonAHOutBytes
    • jnxIpSecTunMonAHOutPkts
    • jnxIpSecTunMonReplayDropPkts
    • jnxIpSecTunMonAhAuthFails
    • jnxIpSecTunMonDecryptFails
    • jnxIpSecTunMonBadHeaders
    • jnxIpSecTunMonBadTrailers
    • jnxIkeTunMonOutOctets
    • jnxIpSecTunMonDroppedPkts (not supported in this release)

    jnxIpSecTunMonRemoteGwAddrType

    jnxIpSecTunnelMonEntry 1

    IP address type of remote gateway (endpoint) for the IPsec Phase 2 tunnel.

    jnxIpSecTunMonRemoteGwAddr

    jnxIpSecTunnelMonEntry 2

    IP address of remote gateway (endpoint) for the IPsec Phase 2 tunnel.

    jnxIpSecTunMonIndex

    jnxIpSecTunnelMonEntry 3

    Index number of IPsec Phase 2 Tunnel Table. The index number begins at 1 and is incremented with each tunnel that is created. The value of this object will wrap at 2,147,483,647.

    jnxIpSecTunMonLocalGwAddrType

    jnxIpSecTunnelMonEntry 4

    IP address type of local gateway (endpoint) for the IPsec Phase 2 tunnel.

    jnxIpSecTunMonLocalGwAddr

    jnxIpSecTunnelMonEntry 5

    IP address of local gateway (endpoint) for the IPsec Phase 2 tunnel.

    jnxIpSecTunMonLocalProxyId

    jnxIpSecTunnelMonEntry 6

    Identifier for local end.

    jnxIpSecTunMonRemoteProxyId

    jnxIpSecTunnelMonEntry 7

    Identifier for remote end.

    jnxIpSecTunMonKeyType

    jnxIpSecTunnelMonEntry 8

    Type of key used by IPsec Phase 2 tunnel. It can be one of the following two types:

    • IKE-negotiated
    • Manually installed

    jnxIpSecTunMonRemotePeerType

    jnxIpSecTunnelMonEntry 9

    Type of the remote peer gateway (endpoint). It can be one of the following two types:

    • Static (remote peer whose IP address is known beforehand)
    • Dynamic (remote peer whose IP address is not known beforehand)

    jnxIpSecTunMonOutEncryptedBytes

    jnxIpSecTunnelMonEntry 10

    Number of bytes encrypted by this Phase 2 tunnel.

    jnxIpSecTunMonOutEncryptedPkts

    jnxIpSecTunnelMonEntry 11

    Number of packets encrypted by this Phase 2 tunnel.

    jnxIpSecTunMonInDecryptedBytes

    jnxIpSecTunnelMonEntry 12

    Number of bytes decrypted by this Phase 2 tunnel.

    jnxIpSecTunMonInDecryptedPkts

    jnxIpSecTunnelMonEntry 13

    Number of packets decrypted by this Phase 2 tunnel.

    jnxIpSecTunMonAHInBytes

    jnxIpSecTunnelMonEntry 14

    Number of incoming bytes authenticated using AH by this Phase 2 tunnel.

    jnxIpSecTunMonAHInPkts

    jnxIpSecTunnelMonEntry 15

    Number of incoming packets authenticated using AH by this Phase 2 tunnel.

    jnxIpSecTunMonAHOutBytes

    jnxIpSecTunnelMonEntry 16

    Number of outgoing bytes applied AH by this Phase 2 tunnel.

    jnxIpSecTunMonAHOutPkts

    jnxIpSecTunnelMonEntry 17

    Number of outgoing packets applied AH by this Phase 2 tunnel.

    jnxIpSecTunMonReplayDropPkts

    jnxIpSecTunnelMonEntry 18

    Number of packets dropped by this Phase 2 tunnel due to antireplay check failure.

    jnxIpSecTunMonAhAuthFails

    jnxIpSecTunnelMonEntry 19

    Number of packets received by this Phase 2 tunnel that failed AH authentication.

    jnxIpSecTunMonEspAuthFails

    jnxIpSecTunnelMonEntry 20

    Number of packets received by this Phase 2 tunnel that failed ESP authentication.

    jnxIpSecTunMonDecryptFails

    jnxIpSecTunnelMonEntry 21

    Number of packets received by this Phase 2 tunnel that failed decryption.

    jnxIpSecTunMonBadHeaders

    jnxIpSecTunnelMonEntry 22

    Number of packets received by this Phase 2 tunnel that failed due to bad headers.

    jnxIpSecTunMonBadTrailers

    jnxIpSecTunnelMonEntry 23

    Number of packets received by this Phase 2 tunnel that failed due to bad ESP trailers.

    Note: The jnxIpSecTunMonDroppedPkts object is not supported in this release.

    jnxIpSecTunMonDroppedPkts

    jnxIpSecTunnelMonEntry 26

    Total number of dropped packets for this Phase 2 tunnel.

     

    Related Documentation

     

    Published: 2014-09-17

    Previous Page Next Page