jnxIPSecTunnelTable
The IPsec phase 2 tunnel table jnxIPSecTunnelTable), whose object identifier is {jnxIPSecPhaseTwo 1}, is used to monitor the IPsec phase 2 tunnel attributes along with the statistics for the tunnel. There is one entry for each tunnel to the peer security gateway. This table does not contain information about IPsec security associations (SAs) because multiple SAs can be present for each tunnel.
Similar to the IKE tunnel table (jnxIkeTunnelTable), the key of this table is a combination of the service set name, remote gateway address, and the IPsec tunnel index. This table can be queried just like the IKE tunnel table.
To get only IPsec tunnels specific to a particular remote gateway in a service set, the SNMP manager can specify the corresponding service set name and the remote gateway address in the query.
The jnxIPSecTunnelEntry, whose object identifier is {jnxIPSecTunnelTable 1}, has 27 objects, which are listed in Table 1. Each entry contains attributes associated with an active IPsec phase 2 tunnel.
Table 1: jnxIPSecTunnelTable
Object | Object Identifier | Description |
|---|---|---|
jnxIPSecTunIndex | jnxIPSecTunnelEntry 1 | Index for the table. The value of the index is a number that begins at 1 and is incremented with each tunnel that is created. When the index number reaches 2,147,483,647, the value wraps back to 1. |
jnxIPSecRuleName | jnxIPSecTunnelEntry 2 | The name of the rule defined in the IPsec configuration. |
jnxIPSecTermName | jnxIPSecTunnelEntry 3 | The name of the term configured under the IPsec rule. |
jnxIPSecTunLocalGwAddrType | jnxIPSecTunnelEntry 4 | The IP address type of the local gateway (endpoint) for the IPsec phase 2 tunnel. |
jnxIPSecTunLocalGwAddr | jnxIPSecTunnelEntry 5 | The IP address of the local gateway (endpoint) for the IPsec phase 2 tunnel. |
jnxIPSecTunRemoteGwAddrType | jnxIPSecTunnelEntry 6 | The IP address type of the remote gateway (endpoint) for the IPsec phase 2 tunnel. |
jnxIPSecTunRemoteGwAddr | jnxIPSecTunnelEntry 7 | The IP address of the remote gateway (endpoint) for the IPsec phase 2 tunnel. |
jnxIPSecTunLocalProxyId | jnxIPSecTunnelEntry 8 | The identifier for the local endpoint. |
jnxIPSecTunRemoteProxyId | jnxIPSecTunnelEntry 9 | The identifier for the remote endpoint. |
jnxIPSecTunKeyType | jnxIPSecTunnelEntry 10 | The type of key used by the IPsec phase 2 tunnel. The key type can be IKE negotiated or Manually installed. |
jnxIPSecRemotePeerType | jnxIPSecTunnelEntry 11 | The type of the remote peer gateway (endpoint). If the remote peer’s IP address is known beforehand, the type is static. If the IP address is not known beforehand, the type is dynamic. |
jnxIPSecTunMtu | jnxIPSecTunnelEntry 12 | The maximum transmission unit (MTU) value of the IPsec phase 2 tunnel. |
jnxIPSecTunOutEncryptedBytes | jnxIPSecTunnelEntry 13 | The number of bytes encrypted by the IPsec phase 2 tunnel. |
jnxIPSecTunOutEncryptedPkts | jnxIPSecTunnelEntry 14 | The number of packets encrypted by the IPsec phase 2 tunnel. |
jnxIPSecTunInDecryptedBytes | jnxIPSecTunnelEntry 15 | The number of bytes decrypted by the IPsec phase 2 tunnel. |
jnxIPSecTunInDecryptedPkts | jnxIPSecTunnelEntry 16 | The number of packets decrypted by the IPsec phase 2 tunnel. |
jnxIPSecTunAHInBytes | jnxIPSecTunnelEntry 17 | The number of incoming bytes authenticated using the authentication header (AH) by the IPsec phase 2 tunnel. |
jnxIPSecTunAHInPkts | jnxIPSecTunnelEntry 18 | The number of incoming packets authenticated using the authentication header (AH) by the IPsec phase 2 tunnel. |
jnxIPSecTunAHOutBytes | jnxIPSecTunnelEntry 19 | The number of outgoing bytes on the IPsec phase 2 tunnel where the AH is applied. |
jnxIPSecTunHAOutPkts | jnxIPSecTunnelEntry 20 | The number of outgoing packets on the IPsec phase 2 tunnel where the AH is applied. |
jnxIPSecTunReplayDropPkts | jnxIPSecTunnelEntry 21 | The number of packets dropped by the IPsec phase 2 tunnel because of an anti-replay check failure. |
jnxIPSecTunAhAuthFails | jnxIPSecTunnelEntry 22 | The number of packets received by the IPsec phase 2 tunnel that failed AH authentication. |
jnxIPSecTunEspAuthFails | jnxIPSecTunnelEntry 23 | The number of packets received by this IPsec phase 2 tunnel that failed ESP authentication. |
jnxIPSecTunDecryptFails | jnxIPSecTunnelEntry 24 | The number of packets received by this IPsec phase 2 tunnel that failed decryption. |
jnxIPSecTunBadHeaders | jnxIPSecTunnelEntry 25 | The number of packets received by this IPsec phase 2 tunnel that failed because of bad headers. |
jnxIPSecTunBadTrailers | jnxIPSecTunnelEntry 26 | The number of packets received by this IPsec phase 2 tunnel that failed because of bad ESP trailers. |
jnxIPSecTunDroppedPkts | jnxIPSecTunnelEntry 27 | The total number of packets dropped from this IPsec phase 2 tunnel. |
