WATCHGUARD-IPSEC-SA-MON-MIB-EXT: View SNMP OID List / Download MIB

VENDOR: WATCHGUARD TECHNOLOGIES INC.


 Home MIB: WATCHGUARD-IPSEC-SA-MON-MIB-EXT
Download as:   

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 wgIpsecSaMonModule 1.3.6.1.4.1.3097.3
The MIB module describes generic IPSec objects defined in IETF working draft 'draft-ieft-ipsec-monitor-mib-01' and WatchGuard's extension.
     wgIpsecSaMonitorMIB 1.3.6.1.4.1.3097.3.1
This is the base object identifier for all IPSec branches.
         wgSaTables 1.3.6.1.4.1.3097.3.1.1
This is the base object identifier for all SA tables.
             wgIpsecSaEspInTable 1.3.6.1.4.1.3097.3.1.1.1 no-access
The (conceptual) table containing information on IPSec inbound ESP SAs. There should be one row for every inbound ESP security association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaEspInEntry 1.3.6.1.4.1.3097.3.1.1.1.1 no-access
An entry (conceptual row) containing the information on a particular IPSec inbound ESP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaEspInAddress 1.3.6.1.4.1.3097.3.1.1.1.1.1 ipaddress read-only
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaEspInSpi 1.3.6.1.4.1.3097.3.1.1.1.1.2 integer32 read-only
The security parameters index of the SA.
                     wgIpsecSaEspInDestId 1.3.6.1.4.1.3097.3.1.1.1.1.3 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchanged during SA creation negotiation.
                     wgIpsecSaEspInDestIdType 1.3.6.1.4.1.3097.3.1.1.1.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaEspInDestId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaEspInSourceId 1.3.6.1.4.1.3097.3.1.1.1.1.5 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation.
                     wgIpsecSaEspInSourceIdType 1.3.6.1.4.1.3097.3.1.1.1.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaEspInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaEspInProtocol 1.3.6.1.4.1.3097.3.1.1.1.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaEspInDestPort 1.3.6.1.4.1.3097.3.1.1.1.1.8 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaEspInSourcePort 1.3.6.1.4.1.3097.3.1.1.1.1.9 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaEspInCreator 1.3.6.1.4.1.3097.3.1.1.1.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaEspInEncapsulation 1.3.6.1.4.1.3097.3.1.1.1.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaEspInEncAlg 1.3.6.1.4.1.3097.3.1.1.1.1.12 ipsecdoiesptransform read-only
A unique value representing the encryption algorithm applied to traffic or 0 if there is no encryption used.
                     wgIpsecSaEspInEncKeyLength 1.3.6.1.4.1.3097.3.1.1.1.1.13 integer32 read-only
The length of the encryption key in bits used for the algorithm specified in the 'wgIpsecSaEspInEncAlg' object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified.
                     wgIpsecSaEspInAuthAlg 1.3.6.1.4.1.3097.3.1.1.1.1.14 ipsecdoiauthalgorithm read-only
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used.
                     wgIpsecSaEspInLimitSeconds 1.3.6.1.4.1.3097.3.1.1.1.1.15 integer32 read-only
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated.
                     wgIpsecSaEspInLimitKbytes 1.3.6.1.4.1.3097.3.1.1.1.1.16 integer32 read-only
The maximum traffic in kilobytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated.
                     wgIpsecSaEspInAccSeconds 1.3.6.1.4.1.3097.3.1.1.1.1.17 counter32 read-only
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed.
                     wgIpsecSaEspInAccKbytes 1.3.6.1.4.1.3097.3.1.1.1.1.18 counter32 read-only
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic.
                     wgIpsecSaEspInUserOctets 1.3.6.1.4.1.3097.3.1.1.1.1.19 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
                     wgIpsecSaEspInPackets 1.3.6.1.4.1.3097.3.1.1.1.1.20 counter32 read-only
The number of packets handled by the SA.
                     wgIpsecSaEspInDecryptErrors 1.3.6.1.4.1.3097.3.1.1.1.1.21 counter32 read-only
The number of packets discarded by the SA due to decryption errors.
                     wgIpsecSaEspInAuthErrors 1.3.6.1.4.1.3097.3.1.1.1.1.22 counter32 read-only
The number of packets discarded by the SA due to authentication errors.
                     wgIpsecSaEspInReplayErrors 1.3.6.1.4.1.3097.3.1.1.1.1.23 counter32 read-only
The number of packets discarded by the SA due to replay errors.
                     wgIpsecSaEspInPolicyErrors 1.3.6.1.4.1.3097.3.1.1.1.1.24 counter32 read-only
The number of packets discarded by the SA due to policy errors. This includes packets where the next protocol is invalid.
                     wgIpsecSaEspInPadErrors 1.3.6.1.4.1.3097.3.1.1.1.1.25 counter32 read-only
The number of packets discarded by the SA due to pad value errors. Implementations that do not check this must not support this object.
                     wgIpsecSaEspInOtherReceiveErrors 1.3.6.1.4.1.3097.3.1.1.1.1.26 counter32 read-only
The number of packets discarded by the SA due to errors other than decryption, authentication or replay errors. This may include packets dropped due to a lack of receive buffers, and may include packets dropped due to congestion at the decryption element.
             wgIpsecSaAhInTable 1.3.6.1.4.1.3097.3.1.1.2 no-access
The (conceptual) table containing information on IPSec inbound AH SAs. There should be one row for every inbound AH security association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaAhInEntry 1.3.6.1.4.1.3097.3.1.1.2.1 no-access
An entry (conceptual row) containing the information on a particular IPSec inbound AH SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaAhInAddress 1.3.6.1.4.1.3097.3.1.1.2.1.1 ipaddress read-only
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaAhInSpi 1.3.6.1.4.1.3097.3.1.1.2.1.2 integer32 read-only
The security parameters index of the SA.
                     wgIpsecSaAhInDestId 1.3.6.1.4.1.3097.3.1.1.2.1.3 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation.
                     wgIpsecSaAhInDestIdType 1.3.6.1.4.1.3097.3.1.1.2.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaAhInDestId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaAhInSourceId 1.3.6.1.4.1.3097.3.1.1.2.1.5 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during SA creation negotiation.
                     wgIpsecSaAhInSourceIdType 1.3.6.1.4.1.3097.3.1.1.2.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaAhInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaAhInProtocol 1.3.6.1.4.1.3097.3.1.1.2.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaAhInDestPort 1.3.6.1.4.1.3097.3.1.1.2.1.8 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaAhInSourcePort 1.3.6.1.4.1.3097.3.1.1.2.1.9 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaAhInCreator 1.3.6.1.4.1.3097.3.1.1.2.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaAhInEncapsulation 1.3.6.1.4.1.3097.3.1.1.2.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaAhInAuthAlg 1.3.6.1.4.1.3097.3.1.1.2.1.12 ipsecdoiahtransform read-only
A unique value representing the hash algorithm applied to traffic carried by this SA if it uses ESP or 0 if there is no authentication applied by ESP.
                     wgIpsecSaAhInLimitSeconds 1.3.6.1.4.1.3097.3.1.1.2.1.13 integer32 read-only
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated.
                     wgIpsecSaAhInLimitKbytes 1.3.6.1.4.1.3097.3.1.1.2.1.14 integer32 read-only
The maximum traffic in Kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated.
                     wgIpsecSaAhInAccSeconds 1.3.6.1.4.1.3097.3.1.1.2.1.15 counter32 read-only
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed.
                     wgIpsecSaAhInAccKbytes 1.3.6.1.4.1.3097.3.1.1.2.1.16 counter32 read-only
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic.
                     wgIpsecSaAhInUserOctets 1.3.6.1.4.1.3097.3.1.1.2.1.17 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
                     wgIpsecSaAhInPackets 1.3.6.1.4.1.3097.3.1.1.2.1.18 counter32 read-only
The number of packets handled by the SA.
                     wgIpsecSaAhInAuthErrors 1.3.6.1.4.1.3097.3.1.1.2.1.19 counter32 read-only
The number of packets discarded by the SA due to authentication errors.
                     wgIpsecSaAhInReplayErrors 1.3.6.1.4.1.3097.3.1.1.2.1.20 counter32 read-only
The number of packets discarded by the SA due to replay errors.
                     wgIpsecSaAhInPolicyErrors 1.3.6.1.4.1.3097.3.1.1.2.1.21 counter32 read-only
The number of packets discarded by the SA due to policy errors. This includes packets where the next protocol is invalid.
                     wgIpsecSaAhInOtherReceiveErrors 1.3.6.1.4.1.3097.3.1.1.2.1.22 counter32 read-only
The number of packets discarded by the SA due to errors other than decryption, authentication or replay errors. This may include packets dropped due to a lack of receive buffers, and may include packets dropped due to congestion at the authentication element.
             wgIpsecSaIpcompInTable 1.3.6.1.4.1.3097.3.1.1.3 no-access
The (conceptual) table containing information on IPSec inbound IPCOMP SAs. There should be one row for every inbound IPCOMP (security) association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaIpcompInEntry 1.3.6.1.4.1.3097.3.1.1.3.1 no-access
An entry (conceptual row) containing the information on a particular IPSec inbound IPCOMP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaIpcompInAddress 1.3.6.1.4.1.3097.3.1.1.3.1.1 ipaddress read-only
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaIpcompInCpi 1.3.6.1.4.1.3097.3.1.1.3.1.2 ipsecdoiipcomptransform read-only
The CPI of the SA. Since the lower values of CPIs are reserved to be the same as the algorithm, the syntax for this object is the same as the transform.
                     wgIpsecSaIpcompInDestId 1.3.6.1.4.1.3097.3.1.1.3.1.3 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during SA creation negotiation.
                     wgIpsecSaIpcompInDestIdType 1.3.6.1.4.1.3097.3.1.1.3.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaIpcompInDestId', or 0 if unknown or if the SA uses transport mode, or 0 if this SA is used with multiple SAs in protection suites.
                     wgIpsecSaIpcompInSourceId 1.3.6.1.4.1.3097.3.1.1.3.1.5 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during SA creation negotiation.
                     wgIpsecSaIpcompInSourceIdType 1.3.6.1.4.1.3097.3.1.1.3.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaIpcompInSourceId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites.
                     wgIpsecSaIpcompInProtocol 1.3.6.1.4.1.3097.3.1.1.3.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaIpcompInDestPort 1.3.6.1.4.1.3097.3.1.1.3.1.8 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaIpcompInSourcePort 1.3.6.1.4.1.3097.3.1.1.3.1.9 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaIpcompInCreator 1.3.6.1.4.1.3097.3.1.1.3.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaIpcompInEncapsulation 1.3.6.1.4.1.3097.3.1.1.3.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaIpcompInDecompAlg 1.3.6.1.4.1.3097.3.1.1.3.1.12 ipsecdoiipcomptransform read-only
A unique value representing the decompression algorithm applied to traffic.
                     wgIpsecSaIpcompInSeconds 1.3.6.1.4.1.3097.3.1.1.3.1.13 counter32 read-only
The number of seconds that the SA has existed.
                     wgIpsecSaIpcompInUserOctets 1.3.6.1.4.1.3097.3.1.1.3.1.14 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA.
                     wgIpsecSaIpcompInPackets 1.3.6.1.4.1.3097.3.1.1.3.1.15 counter32 read-only
The number of packets handled by the SA.
                     wgIpsecSaIpcompInDecompErrors 1.3.6.1.4.1.3097.3.1.1.3.1.16 counter32 read-only
The number of packets discarded by the SA due to decompression errors.
                     wgIpsecSaIpcompInOtherReceiveErrors 1.3.6.1.4.1.3097.3.1.1.3.1.17 counter32 read-only
The number of packets discarded by the SA due to errors other than decompression errors. This may include packets dropped due to a lack of receive buffers, and packets dropped due to congestion at the decompression element.
             wgIpsecSaEspOutTable 1.3.6.1.4.1.3097.3.1.1.4 no-access
The (conceptual) table containing information on IPSec Outbound ESP SAs. There should be one row for every outbound ESP security association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaEspOutEntry 1.3.6.1.4.1.3097.3.1.1.4.1 no-access
An entry (conceptual row) containing the information on a particular IPSec Outbound ESP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaEspOutAddress 1.3.6.1.4.1.3097.3.1.1.4.1.1 ipaddress read-only
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaEspOutSpi 1.3.6.1.4.1.3097.3.1.1.4.1.2 integer32 read-only
The security parameters index of the SA.
                     wgIpsecSaEspOutSourceId 1.3.6.1.4.1.3097.3.1.1.4.1.3 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaEspOutSourceIdType 1.3.6.1.4.1.3097.3.1.1.4.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaEspOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaEspOutDestId 1.3.6.1.4.1.3097.3.1.1.4.1.5 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaEspOutDestIdType 1.3.6.1.4.1.3097.3.1.1.4.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaEspOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaEspOutProtocol 1.3.6.1.4.1.3097.3.1.1.4.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaEspOutSourcePort 1.3.6.1.4.1.3097.3.1.1.4.1.8 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaEspOutDestPort 1.3.6.1.4.1.3097.3.1.1.4.1.9 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaEspOutCreator 1.3.6.1.4.1.3097.3.1.1.4.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaEspOutEncapsulation 1.3.6.1.4.1.3097.3.1.1.4.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaEspOutEncAlg 1.3.6.1.4.1.3097.3.1.1.4.1.12 ipsecdoiesptransform read-only
A unique value representing the encryption algorithm applied to traffic or 0 if there is no encryption used.
                     wgIpsecSaEspOutEncKeyLength 1.3.6.1.4.1.3097.3.1.1.4.1.13 integer32 read-only
The length of the encryption key in bits used for the algorithm specified in the 'wgIpsecSaEspOutEncAlg' object, or 0 if the key length is implicit in the specified algorithm or there is no encryption specified.
                     wgIpsecSaEspOutAuthAlg 1.3.6.1.4.1.3097.3.1.1.4.1.14 ipsecdoiauthalgorithm read-only
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used.
                     wgIpsecSaEspOutLimitSeconds 1.3.6.1.4.1.3097.3.1.1.4.1.15 integer32 read-only
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated.
                     wgIpsecSaEspOutLimitKbytes 1.3.6.1.4.1.3097.3.1.1.4.1.16 integer32 read-only
The maximum traffic in kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated.
                     wgIpsecSaEspOutAccSeconds 1.3.6.1.4.1.3097.3.1.1.4.1.17 counter32 read-only
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed.
                     wgIpsecSaEspOutAccKbytes 1.3.6.1.4.1.3097.3.1.1.4.1.18 counter32 read-only
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic.
                     wgIpsecSaEspOutUserOctets 1.3.6.1.4.1.3097.3.1.1.4.1.19 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
                     wgIpsecSaEspOutPackets 1.3.6.1.4.1.3097.3.1.1.4.1.20 counter32 read-only
The number of packets handled by the SA.
                     wgIpsecSaEspOutSendErrors 1.3.6.1.4.1.3097.3.1.1.4.1.21 counter32 read-only
The number of packets discarded by the SA due to any error. This may include errors due to a lack of transmit buffers.
             wgIpsecSaAhOutTable 1.3.6.1.4.1.3097.3.1.1.5 no-access
The (conceptual) table containing information on IPSec Outbound AH SAs. There should be one row for every outbound AH security association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaAhOutEntry 1.3.6.1.4.1.3097.3.1.1.5.1 no-access
An entry (conceptual row) containing the information on a particular IPSec Outbound AH SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaAhOutAddress 1.3.6.1.4.1.3097.3.1.1.5.1.1 ipaddress read-only
The destination address of the SA. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaAhOutSpi 1.3.6.1.4.1.3097.3.1.1.5.1.2 integer32 read-only
The security parameters index of the SA.
                     wgIpsecSaAhOutSourceId 1.3.6.1.4.1.3097.3.1.1.5.1.3 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaAhOutSourceIdType 1.3.6.1.4.1.3097.3.1.1.5.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaAhOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaAhOutDestId 1.3.6.1.4.1.3097.3.1.1.5.1.5 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation. This value is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaAhOutDestIdType 1.3.6.1.4.1.3097.3.1.1.5.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaAhOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation.
                     wgIpsecSaAhOutProtocol 1.3.6.1.4.1.3097.3.1.1.5.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaAhOutSourcePort 1.3.6.1.4.1.3097.3.1.1.5.1.8 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaAhOutDestPort 1.3.6.1.4.1.3097.3.1.1.5.1.9 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaAhOutCreator 1.3.6.1.4.1.3097.3.1.1.5.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaAhOutEncapsulation 1.3.6.1.4.1.3097.3.1.1.5.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaAhOutAuthAlg 1.3.6.1.4.1.3097.3.1.1.5.1.12 ipsecdoiahtransform read-only
A unique value representing the hash algorithm applied to traffic or 0 if there is no authentication used.
                     wgIpsecSaAhOutLimitSeconds 1.3.6.1.4.1.3097.3.1.1.5.1.13 integer32 read-only
The maximum lifetime in seconds of the SA, or 0 if there is no time constraint on its expiration. The display value is limited to 4294967295 seconds (more than 136 years); values greater than that value will be truncated.
                     wgIpsecSaAhOutLimitKbytes 1.3.6.1.4.1.3097.3.1.1.5.1.14 integer32 read-only
The maximum traffic in Kbytes that the SA is allowed to support, or 0 if there is no traffic constraint on its expiration. The display value is limited to 4294967295 kilobytes; values greater than that value will be truncated.
                     wgIpsecSaAhOutAccSeconds 1.3.6.1.4.1.3097.3.1.1.5.1.15 counter32 read-only
The number of seconds accumulated against the SA's expiration by time. This is also the number of seconds that the SA has existed.
                     wgIpsecSaAhOutAccKbytes 1.3.6.1.4.1.3097.3.1.1.5.1.16 counter32 read-only
The amount of traffic accumulated that counts against the SA's expiration by traffic limitation, measured in Kbytes. This value may be 0 if the SA does not expire based on traffic.
                     wgIpsecSaAhOutUserOctets 1.3.6.1.4.1.3097.3.1.1.5.1.17 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
                     wgIpsecSaAhOutPackets 1.3.6.1.4.1.3097.3.1.1.5.1.18 counter32 read-only
The number of packets handled by the SA.
                     wgIpsecSaAhOutSendErrors 1.3.6.1.4.1.3097.3.1.1.5.1.19 counter32 read-only
The number of packets discarded by the SA due to any error. This may include errors due to a lack of transmit buffers.
             wgIpsecSaIpcompOutTable 1.3.6.1.4.1.3097.3.1.1.6 no-access
The (conceptual) table containing information on IPSec Outbound IPCOMP SAs. There should be one row for every outbound IPCOMP (security) association that exists in the entity. The maximum number of rows is implementation dependent.
                 wgIpsecSaIpcompOutEntry 1.3.6.1.4.1.3097.3.1.1.6.1 no-access
An entry (conceptual row) containing the information on a particular IPSec Outbound IPCOMP SA. A row in this table cannot be created or deleted by SNMP operations on columns of the table.
                     wgIpsecSaIpcompOutAddress 1.3.6.1.4.1.3097.3.1.1.6.1.1 ipaddress read-only
The destination address of the SA. If the IPCOMP SA is shared across multiple SAs in protection suites, this value may be 0. For implementations that do not support IPv6, this address should appear as one of the IPv4-mapped IPv6 addresses as defined in Section 2.5.4 of [IPV6AA]. Specifically, the prefix '0000:0000:0000:0000:0000:FFFF:' is used for IPv4 only nodes, while the prefix '0000:0000:0000:0000:0000:0000:' is used for bi-lingual nodes.
                     wgIpsecSaIpcompOutCpi 1.3.6.1.4.1.3097.3.1.1.6.1.2 ipsecdoiipcomptransform read-only
The CPI of the SA. Since the lower values of CPIs are reserved to be the same as the algorithm, the syntax for this object is the same as the transform.
                     wgIpsecSaIpcompOutSourceId 1.3.6.1.4.1.3097.3.1.1.6.1.3 octet string read-only
The source identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaIpcompOutSourceIdType 1.3.6.1.4.1.3097.3.1.1.6.1.4 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaIpcompOutSourceId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites.
                     wgIpsecSaIpcompOutDestId 1.3.6.1.4.1.3097.3.1.1.6.1.5 octet string read-only
The destination identifier of the SA, or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites. This value, if non-zero, is taken directly from the optional ID payloads that are exchange during phase 2 negotiations.
                     wgIpsecSaIpcompOutDestIdType 1.3.6.1.4.1.3097.3.1.1.6.1.6 ipsecdoiidenttype read-only
The type of identifier presented by 'wgIpsecSaIpcompOutDestId', or 0 if unknown or if the SA uses transport mode encapsulation, or 0 if this SA is used with multiple SAs in protection suites.
                     wgIpsecSaIpcompOutProtocol 1.3.6.1.4.1.3097.3.1.1.6.1.7 integer32 read-only
The transport-layer protocol number that this SA carries, or 0 if it carries any protocol.
                     wgIpsecSaIpcompOutSourcePort 1.3.6.1.4.1.3097.3.1.1.6.1.8 integer32 read-only
The source port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaIpcompOutDestPort 1.3.6.1.4.1.3097.3.1.1.6.1.9 integer32 read-only
The destination port number of the protocol that this SA carries, or 0 if it carries any port number.
                     wgIpsecSaIpcompOutCreator 1.3.6.1.4.1.3097.3.1.1.6.1.10 ipsecsacreatorident read-only
The creator of this SA. This MIB makes no assumptions about how the SAs are created. They may be created statically, or by a key exchange protocol such as IKE, or by some other method.
                     wgIpsecSaIpcompOutEncapsulation 1.3.6.1.4.1.3097.3.1.1.6.1.11 ipsecdoiencapsulationmode read-only
The type of encapsulation used by this SA.
                     wgIpsecSaIpcompOutCompAlg 1.3.6.1.4.1.3097.3.1.1.6.1.12 ipsecdoiipcomptransform read-only
A unique value representing the compression algorithm applied to traffic.
                     wgIpsecSaIpcompOutSeconds 1.3.6.1.4.1.3097.3.1.1.6.1.13 counter32 read-only
The number of seconds that the SA has existed.
                     wgIpsecSaIpcompOutUserOctets 1.3.6.1.4.1.3097.3.1.1.6.1.14 counter32 read-only
The amount of user level traffic measured in bytes handled by the SA. This is not necessarily the same as the amount of traffic applied against the traffic expiration limit.
                     wgIpsecSaIpcompOutPackets 1.3.6.1.4.1.3097.3.1.1.6.1.15 counter32 read-only
The number of packets handled by the SA.
         wgSaStatistics 1.3.6.1.4.1.3097.3.1.2
This is the base object identifier for all objects which are global counters for IPSec security associations.
             wgIpsecEspCurrentInboundSAs 1.3.6.1.4.1.3097.3.1.2.1 gauge32 read-only
The current number of inbound ESP SAs in the entity.
             wgIpsecEspTotalInboundSAs 1.3.6.1.4.1.3097.3.1.2.2 counter32 read-only
The total number of inbound ESP SAs created in the entity since boot time.
             wgIpsecEspCurrentOutboundSAs 1.3.6.1.4.1.3097.3.1.2.3 gauge32 read-only
The current number of outbound ESP SAs in the entity.
             wgIpsecEspTotalOutboundSAs 1.3.6.1.4.1.3097.3.1.2.4 counter32 read-only
The total number of outbound ESP SAs created in the entity since boot time.
             wgIpsecAhCurrentInboundSAs 1.3.6.1.4.1.3097.3.1.2.5 gauge32 read-only
The current number of inbound AH SAs in the entity.
             wgIpsecAhTotalInboundSAs 1.3.6.1.4.1.3097.3.1.2.6 counter32 read-only
The total number of inbound AH SAs created in the entity since boot time.
             wgIpsecAhCurrentOutboundSAs 1.3.6.1.4.1.3097.3.1.2.7 gauge32 read-only
The current number of outbound AH SAs in the entity.
             wgIpsecAhTotalOutboundSAs 1.3.6.1.4.1.3097.3.1.2.8 counter32 read-only
The total number of outbound AH SAs created in the entity since boot time.
             wgIpsecIpcompCurrentInboundSAs 1.3.6.1.4.1.3097.3.1.2.9 gauge32 read-only
The current number of inbound IPCOMP SAs in the entity.
             wgIpsecIpcompTotalInboundSAs 1.3.6.1.4.1.3097.3.1.2.10 counter32 read-only
The total number of inbound IPCOMP SAs created in the entity since boot time.
             wgIpsecIpcompCurrentOutboundSAs 1.3.6.1.4.1.3097.3.1.2.11 gauge32 read-only
The current number of outbound IPCOMP SAs in the entity.
             wgIpsecIpcompTotalOutboundSAs 1.3.6.1.4.1.3097.3.1.2.12 counter32 read-only
The total number of outbound IPCOMP SAs created in the entity since boot time.
         wgSaErrors 1.3.6.1.4.1.3097.3.1.3
This is the base object identifier for all objects which are global error counters for IPSec security associations.
             wgIpsecDecryptionErrors 1.3.6.1.4.1.3097.3.1.3.1 counter32 read-only
The total number of packets received by the entity in SAs since boot time with decryption errors.
             wgIpsecAuthenticationErrors 1.3.6.1.4.1.3097.3.1.3.2 counter32 read-only
The total number of packets received by the entity in SAs since boot time with authentication errors. This includes all packets in which the hash value is determined to be invalid, for both ESP and AH SAs.
             wgIpsecReplayErrors 1.3.6.1.4.1.3097.3.1.3.3 counter32 read-only
The total number of packets received by the entity in SAs since boot time with replay errors.
             wgIpsecPolicyErrors 1.3.6.1.4.1.3097.3.1.3.4 counter32 read-only
The total number of packets received by the entity in SAs since boot time and discarded due to policy errors. This includes packets that had selectors that were invalid for the SA that carried them.
             wgIpsecOtherReceiveErrors 1.3.6.1.4.1.3097.3.1.3.5 counter32 read-only
The total number of packets received by the entity in SAs since boot time and discarded due to errors not due to decryption, authentication, replay or policy.
             wgIpsecSendErrors 1.3.6.1.4.1.3097.3.1.3.6 counter32 read-only
The total number of packets to be sent by the entity in SAs since boot time and discarded due to errors.
             wgIpsecUnknownSpiErrors 1.3.6.1.4.1.3097.3.1.3.7 counter32 read-only
The total number of packets received by the entity since boot time with SPIs or CPIs that were not valid.