-- * $Source$
-- *------------------------------------------------------------------
-- * CISCO-REMOTE-ACCESS-MONITOR-MIB.my: Cisco Remote Access MIB
-- *
-- * May 2003, S Ramakrishnan
-- *
-- * Copyright (c) 2003, 2008 by cisco Systems, Inc.
-- * All rights reserved.
-- *
-- *------------------------------------------------------------------CISCO-REMOTE-ACCESS-MONITOR-MIB DEFINITIONS::=BEGINIMPORTSMODULE-IDENTITY,OBJECT-TYPE,NOTIFICATION-TYPE,Counter32,Counter64,Gauge32,Integer32,Unsigned32,zeroDotZero
FROM SNMPv2-SMI
TEXTUAL-CONVENTION,TimeStamp,TruthValueFROM SNMPv2-TC
MODULE-COMPLIANCE,OBJECT-GROUP,NOTIFICATION-GROUPFROM SNMPv2-CONF
InetAddressType,InetAddressFROM INET-ADDRESS-MIB
SnmpAdminStringFROM SNMP-FRAMEWORK-MIB
ciscoMgmt
FROM CISCO-SMI;ciscoRemoteAccessMonitorMIB MODULE-IDENTITYLAST-UPDATED"200402030000Z"ORGANIZATION"Cisco Systems"CONTACT-INFO"
Cisco Systems
Customer Service
Postal: 170 W Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
E-mail: cs-snmp@cisco.com"DESCRIPTION"
Acronyms and Definitions
The following acronyms and terms are used in this
document:
IPSec: Secure IP Protocol
VPN: Virtual Private Network
RAS: Remote Access Service
ISP: Internet Service Provider.
LAN: Local Area Network
Group: A collection of remote access users grouped
and managed together as a single entity for
administrative convenience.
Session: A Remote Access Session.
SVC: SSL VPN Client
Webvpn: VPN connection established using web browser.
Overview of the MIB
This is a MIB Module for monitoring the structures in Virtual
Private Networks based remote access networks. The MIB seeks
to create a common model of Remote Access across implementations
of the service on layer 2 (PPTP, L2TP, L2F), layer 3 (IPsec) and
layer 4 (SSL) virtual private networks. The MIB defines counters
and objects of interest to performance/fault monitoring in a
way which is independent of the technology of the remote access
implementation.
MIB contains eight major groups of objects which are used
to manage Remote Access connections:
a) Remote Access capacity group
This section defines metrics to gauge the limits of
resources on this device which are critical to RAS
service.
b) Remote Access resource usage group
This section defines metrics to gauge the usage of
resources on this device which are critical to RAS
service service.
c) Current activity and performance of RAS service
This section defines metrics to gauge the current
remote access activity.
d) Remote Access Service failures
This section defines metrics to monitor session
failures and failures of the service itself, measured
at aggregate level, session level and group level.
e) Security violations in the Remote Access service
This section defines metrics which reflect the state
of remote access service of interest to Security
Operations staff in an enterprise.
f) Threshold group (allows definition of high water marks)
This section allows the management entity to define
thresholds to set high water marks on critical metrics.
g) Notifications
This section defines notifications to signal
significant events pertaining to the Remote Access
Service.
"REVISION"200808280000Z"DESCRIPTION"Added crasEmailNumSessions
crasEmailCumulateSessions
crasEmailPeakConcurrentSessions
crasIPSecNumSessions
crasIPSecCumulateSessions
crasIPSecPeakConcurrentSessions
crasL2LNumSessions
crasL2LCumulateSessions
crasL2LPeakConcurrentSessions
crasLBNumSessions
crasLBCumulateSessions
crasLBPeakConcurrentSessions
crasSVCNumSessions
crasSVCCumulateSessions
crasSVCPeakConcurrentSessions
crasWebvpnNumSessions
crasWebvpnCumulateSessions
crasWebvpnPeakConcurrentSessions objects
"::={ ciscoMgmt 392}-- Tentative anchor under ciscoMgmt
-- +++++++++++++++++++++++++++++++++++++++++++++++++++
-- Local Textual Conventions
-- +++++++++++++++++++++++++++++++++++++++++++++++++++RasProtocol ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The protocol immediately underlying the remote
access session.
The value 'other' has been listed to allow for the
MIB to be supported on proprietary protocols not
listed here.
"SYNTAXINTEGER{other(1),ipsec(2),l2tp(3),l2tpoveripsec(4),pptp(5),l2f(6),ssl(7)}UserAuthenMethod ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The mechanism used to authenticate the user.
The value 'other' has been listed to allow for the
MIB to support proprietary authentication methods
not listed here.
"SYNTAXINTEGER{none(1),other(2),radius(3),tacacsplus(4),kerberos(5),local(6),ldap(7),ntlm(8),sdi(9)}UserAuthorMethod ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The mechanism used to authorize the user.
The value 'other' has been listed to allow for the
MIB to support proprietary authorization mechanisms
not listed here.
"SYNTAXINTEGER{
none(1),other(2),radius(3),tacacsplus(4),kerberos(5),local(6),ldap(7)}SessionEncrAlgo ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The encryption algorithm used to secure the remote
access session.
"SYNTAXINTEGER{none(1),des(2),des3(3),rc4(4),rc5(5),
idea(6),cast(7),blowfish(8),aes(9)}SessionAuthAlgo ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The authentication algorithm used by to perform
packet authentication in the remote access session.
The value 'other' has been listed to allow for the
MIB to support packet validation algorithms not
listed here.
"SYNTAXINTEGER{none(1),other(2),hmacMd5(3),hmacSha(4)}SessionCompressionAlgo ::=TEXTUAL-CONVENTIONSTATUScurrent
DESCRIPTION"The compression algorithm used in the remote access
session.
The value 'other' has been listed to allow for the
MIB to support compression not listed here.
"SYNTAXINTEGER{none(1),other(2),lzs(3)}SessionStatus ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The status of a remote access session.
initializing: the session is in the process
of being established
established : the session is established and
is ready to carry application
traffic. Sessions in this state
may also be referred to as
'active' sessions.
terminating : the session is in the process
of termination.
Objects of this type may be used to terminate an
established session by setting value of the object
to terminating(3).
Management entity may not write values initializing(1)
or established(2) onto objects of this type. Doing so
would cause the managed entity to return an error
condition.
"SYNTAXINTEGER{initializing(1),established(2),terminating(3)}SessionIndex ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The type used to index a remote access session."SYNTAXInteger32(1..2147483647)FailureRecordIndex ::=TEXTUAL-CONVENTIONSTATUScurrentDESCRIPTION"The type used to index failure records in the
failure archive."SYNTAXUnsigned32(1..4294967295)-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Remote Access MIB Object Groups
--
-- This MIB module contains the following groups:
-- 1) Remote Access capacity group
-- 2) Remote Access resource usage group
-- 3) Current activity and performance
-- 4) Failures
-- 5) Security violations
-- 6) Threshold group
-- 7) Notifications:
-- 7a) Controls
-- 7b) Notification definitions
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++ciscoRasMonitorMIBNotifs OBJECTIDENTIFIER::={ ciscoRemoteAccessMonitorMIB 0}ciscoRasMonitorMIBObjects OBJECTIDENTIFIER::={ciscoRemoteAccessMonitorMIB 1}ciscoRasMonitorMIBConform OBJECTIDENTIFIER::={ ciscoRemoteAccessMonitorMIB 2}crasCapacity OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 1}crasResourceUsage OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 2}crasActivity OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 3}crasFailures OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 4}crasSecurity OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 5}crasThresholds OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 6}crasNotifCntl OBJECTIDENTIFIER::={ ciscoRasMonitorMIBObjects 7}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access capacity group.
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasMaxSessionsSupportable OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The maximum number of remote access sessions
that may be supported on this device.
If the device imposes no arbitrary limit on the
maximum number of sessions, it should return a
value of 0."::={ crasCapacity 1}crasMaxUsersSupportable OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Users"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The maximum number of remote access users
for whom Remote Access sessions may be supported on
this device.
If the device imposes no arbitrary limit on the
maximum number of users, it should return a
value of 0."::={ crasCapacity 2}crasMaxGroupsSupportable OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Groups"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The maximum number of remote access groups
that may be defined on this device. 'Group'
refers to a collection of users grouped together
for administrative convenience.
If the device imposes no arbitrary limit on
the maximum number of groups, it should return
a value of 0."::={ crasCapacity 3}crasNumCryptoAccelerators OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Users"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The maximum number of hardware crypto accelerators
which can be installed on this device to support
remote access sessions. 'cryptoaccelerator' denotes
a hardware/software entity which the managed entity
uses to offload some or all computations pertaining
to cryptographic operations.
If the device imposes no arbitrary limit on the
number of crypto accelerators to support Remote Access
function, it should return a value of 0."::={ crasCapacity 4}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access resource usage group.
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasGlobalBwUsage OBJECT-TYPE
SYNTAXGauge32UNITS"MBytes/second"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The average bandwidth used by all the active
remote access sessions."::={ crasResourceUsage 1}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access activity usage group.
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active sessions.
A session is a connection terminating on the managed
entity which has been established to provide remote
access connectivity to a user. A session is said to be
'active' if it is ready to carry application traffic
between the user and the managed entity. A session which
is not active is defined to be 'dormant'.
"::={ crasActivity 1}crasNumPrevSessions OBJECT-TYPE
SYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of remote access sessions which were
previously active but which where since terminated.
Measured since the last reboot of the device."::={ crasActivity 2}crasNumUsers OBJECT-TYPESYNTAXGauge32UNITS"Users"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of users who have active sessions.
"::={ crasActivity 3}crasNumGroups OBJECT-TYPESYNTAXGauge32UNITS"Groups"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of user groups whose members have
active sessions."::={ crasActivity 4}
crasGlobalInPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets received by all
currently and previously active remote access
sessions."::={ crasActivity 5}crasGlobalOutPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets transmitted by all
currently and previously active remote access
sessions."::={ crasActivity 6}crasGlobalInOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets received by all currently
and previously active remote access sessions.
This value is accumulated BEFORE determining whether
or not the packet should be decompressed.
"::={ crasActivity 7}crasGlobalInDecompOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of decompressed octets received
by all current and previous remote access sessions.
This value is accumulated AFTER the packet is
decompressed. If compression is not being used,
this value will match the value of crasGlobalInOctets.
"::={ crasActivity 8}crasGlobalOutOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets transmitted by all
currently and previously active remote access
sessions.
This value is accumulated AFTER determining
whether or not the packet should be compressed.
"::={ crasActivity 9}crasGlobalOutUncompOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of uncompressed octets sent
by all current and previous remote access sessions.
This value is accumulated BEFORE the packet is
compressed. If compression is not being used, this
value will match the value of crasGlobalOutOctets.
"::={ crasActivity 10}crasGlobalInDropPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets which were dropped
during receive processing by all currently and
previously active remote access sessions."::={ crasActivity 11}crasGlobalOutDropPkts OBJECT-TYPE
SYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets which were
dropped during receive processing by all
currently and previously active remote access
sessions."::={ crasActivity 12}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access session table
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasSessionTable OBJECT-TYPESYNTAXSEQUENCEOF CrasSessionEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"This table lists all the currently active sessions.
For each session, it lists the attributes (user,
group, protocol, security), statistics (packet and
octets) and status."::={ crasActivity 21}crasSessionEntry OBJECT-TYPESYNTAX CrasSessionEntry
MAX-ACCESSnot-accessibleSTATUScurrent
DESCRIPTION"Each entry contains the attributes, statistics and
status of an active session."INDEX{ crasUsername,
crasSessionIndex}::={ crasSessionTable 1}
CrasSessionEntry ::=SEQUENCE{
crasUsername SnmpAdminString,
crasGroup SnmpAdminString,
crasSessionIndex SessionIndex,
crasAuthenMethod UserAuthenMethod,
crasAuthorMethod UserAuthorMethod,
crasSessionDuration Counter32,
crasLocalAddressType InetAddressType,
crasLocalAddress InetAddress,
crasISPAddressType InetAddressType,
crasISPAddress InetAddress,
crasSessionProtocol RasProtocol,
crasProtocolElement OBJECTIDENTIFIER,
crasSessionEncryptionAlgo SessionEncrAlgo,
crasSessionPktAuthenAlgo SessionAuthAlgo,
crasSessionCompressionAlgo SessionCompressionAlgo,
crasHeartbeatInterval Unsigned32,
crasClientVendorString SnmpAdminString,
crasClientVersionString SnmpAdminString,
crasClientOSVendorString SnmpAdminString,
crasClientOSVersionString SnmpAdminString,--
crasPrimWINSServerAddrType InetAddressType,
crasPrimWINSServer InetAddress,
crasSecWINSServerAddrType InetAddressType,
crasSecWINSServer InetAddress,
crasPrimDNSServerAddrType InetAddressType,
crasPrimDNSServer InetAddress,
crasSecDNSServerAddrType InetAddressType,
crasSecDNSServer InetAddress,
crasDHCPServerAddrType InetAddressType,
crasDHCPServer InetAddress,--
crasSessionInPkts Counter64,
crasSessionOutPkts Counter64,
crasSessionInDropPkts Counter64,
crasSessionOutDropPkts Counter64,
crasSessionInOctets Counter64,
crasSessionOutOctets Counter64,
crasSessionState SessionStatus
--}crasUsername OBJECT-TYPESYNTAXSnmpAdminString(SIZE(0..128))MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The name of the user associated with this remote
access session."::={ crasSessionEntry 1}crasGroup OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The name of the user group to which this remote
access session belongs."::={ crasSessionEntry 2}
crasSessionIndex OBJECT-TYPESYNTAX SessionIndex
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Unique index to distinguish between multiple
Remote Access Sessions associated with the same
user.
The value of crasSessionIndex must increase monotonically
till it wraps. An implementation may choose to wrap this
index before the value of 2147483647.
"::={ crasSessionEntry 3}crasAuthenMethod OBJECT-TYPESYNTAX UserAuthenMethod
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The method used to authenticate the user prior to
establishing the session."::={ crasSessionEntry 4}crasAuthorMethod OBJECT-TYPESYNTAX UserAuthorMethod
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The method used to authorize the user prior to
establishing the session."
::={ crasSessionEntry 5}crasSessionDuration OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds elapsed since this session
was established."::={ crasSessionEntry 6}crasLocalAddressType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in 'crasLocalAddress'.
"::={ crasSessionEntry 7}crasLocalAddress OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The IP address assigned to the client of this session
in the private network assigned by the managed entity."::={ crasSessionEntry 8}
crasISPAddressType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in 'crasISPAddress'.
"::={ crasSessionEntry 9}crasISPAddress OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The IP address of the peer (client) assigned by the ISP.
This is the address of the client device in the public
network."::={ crasSessionEntry 10}crasSessionProtocol OBJECT-TYPESYNTAX RasProtocol
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The protocol underlying this remote access session."::={ crasSessionEntry 11}crasProtocolElement OBJECT-TYPE
SYNTAXOBJECTIDENTIFIERMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"A reference to MIB definitions specific to the protocol
underlying corresponding to the session or tunnel
used to realized the remote access session corresponding
to this conceptual row.
For instance, if this remote access session is based on
IPsec, then this object must contain the complete
instance identifier of the IPsec tunnel corresponding
to this remote access session.
If no MIB definitions specific to the underlying
protocol are available, the value should be set to the
OBJECT IDENTIFIER { 0 0 }.
"DEFVAL{ zeroDotZero }::={ crasSessionEntry 12}crasSessionEncryptionAlgo OBJECT-TYPESYNTAX SessionEncrAlgo
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The algorithm used by this remote access session to
encrypt its payload."::={ crasSessionEntry 13}crasSessionPktAuthenAlgo OBJECT-TYPE
SYNTAX SessionAuthAlgo
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The algorithm used by this remote access session to
to validate packets."::={ crasSessionEntry 14}crasSessionCompressionAlgo OBJECT-TYPESYNTAX SessionCompressionAlgo
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The algorithm used by this remote access session to
compress packets."::={ crasSessionEntry 15}crasHeartbeatInterval OBJECT-TYPESYNTAXUnsigned32(0..4294967295)UNITS"Seconds"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The interval in seconds between two successive heartbeats
employed by this session. Value of 0 denotes that no
heartbeat is used."
::={ crasSessionEntry 16}crasClientVendorString OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The string identifying the vendor of the client
application initiating this Remote Access session."::={ crasSessionEntry 17}crasClientVersionString OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The string identifying the version of the of the client
application initiating the Remote Access session.
This can be used by the administrator to identify which
users are running unsupported client versions."::={ crasSessionEntry 18}crasClientOSVendorString OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The string identifying the vendor of the operating system
on which the client application initiating the Remote Access
Session is running."::={ crasSessionEntry 19}crasClientOSVersionString OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The string identifying the version of the operating
system of the entity which initiated this Remote Access
session."::={ crasSessionEntry 20}crasPrimWINSServerAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasPrimWINSServer'.
"::={ crasSessionEntry 21}crasPrimWINSServer OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The IP address of the primary WINS server assigned
managed entity to this client session."::={ crasSessionEntry 22}crasSecWINSServerAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasSecWINSServer'.
"::={ crasSessionEntry 23}crasSecWINSServer OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The IP address of the secondary WINS server assigned
by the managed entity to this client session."::={ crasSessionEntry 24}crasPrimDNSServerAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The type of the address returned in
'crasPrimDNSServer'.
"::={ crasSessionEntry 25}crasPrimDNSServer OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The IP address of the primary DNS server assigned by
the managed entity to this client session."::={ crasSessionEntry 26}crasSecDNSServerAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasSecDNSServer'.
"::={ crasSessionEntry 27}crasSecDNSServer OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The IP address of the secondary DNS server assigned
by the managed entity to this client session."::={ crasSessionEntry 28}crasDHCPServerAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasDHCPServer'.
"::={ crasSessionEntry 29}crasDHCPServer OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The IP address of the DHCP server assigned by the
managed entity to this client session."::={ crasSessionEntry 30}crasSessionInPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The total number of packets received by this Remote
Access session."::={ crasSessionEntry 31}crasSessionOutPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets transmitted by this
Remote Access Session."::={ crasSessionEntry 32}crasSessionInDropPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets received for processing
on this session which were dropped by the managed entity."::={ crasSessionEntry 33}crasSessionOutDropPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of outgoing packets on this session
which were dropped during transmit processing by the
managed entity."::={ crasSessionEntry 34}crasSessionInOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets received by this Remote
Access Session.
This value is accumulated BEFORE determining whether
or not the packet should be decompressed.
"::={ crasSessionEntry 35}crasSessionOutOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets transmitted by this Remote
Access Session.
This value is accumulated AFTER determining whether
or not the packet should be compressed.
"::={ crasSessionEntry 36}crasSessionState OBJECT-TYPESYNTAX SessionStatus
MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"The state of the remote access session corresponding
to this conceptual row.
The management entity may use this object to terminate
an established session by setting value of the object
to 'terminating'.
"::={ crasSessionEntry 37}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access session table organized by user group
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasActGroupTable OBJECT-TYPESYNTAXSEQUENCEOF CrasActGroupEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"This table lists all the currently active remote
access user groups. For each group, it lists the
attributes (group, aggregate activity, aggregate
traffic), and status."::={ crasActivity 22}
crasActGroupEntry OBJECT-TYPESYNTAX CrasActGroupEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Each entry contains the attributes, statistics and
status of an active session."INDEX{ crasActGrpName }::={ crasActGroupTable 1}
CrasActGroupEntry ::=SEQUENCE{
crasActGrpName SnmpAdminString,
crasActGrNumUsers Integer32,
crasActGrpInPkts Counter64,
crasActGrpOutPkts Counter64,
crasActGrpInDropPkts Counter64,
crasActGrpOutDropPkts Counter64,
crasActGrpInOctets Counter64,
crasActGrpOutOctets Counter64}crasActGrpName OBJECT-TYPESYNTAXSnmpAdminString(SIZE(0..64))
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The name of the active user group corresponding to
this entry."::={ crasActGroupEntry 1}crasActGrNumUsers OBJECT-TYPESYNTAXInteger32(1..2147483647)MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of users in this group currently connected
to the managed device."::={ crasActGroupEntry 2}crasActGrpInPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets received by this session."::={ crasActGroupEntry 3}
crasActGrpOutPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets transmitted by this session."::={ crasActGroupEntry 4}crasActGrpInDropPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of packets dropped by this session
which were received for processing."::={ crasActGroupEntry 5}crasActGrpOutDropPkts OBJECT-TYPESYNTAXCounter64UNITS"Packets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of outgoing packets which were
dropped during transmit processing by this session."
::={ crasActGroupEntry 6}crasActGrpInOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets received by this session."::={ crasActGroupEntry 7}crasActGrpOutOctets OBJECT-TYPESYNTAXCounter64UNITS"Octets"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of octets transmitted by this session."::={ crasActGroupEntry 8}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access session activity global statistics.
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++crasEmailNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active Email proxy sessions."::={ crasActivity 23}crasEmailCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative Email proxy sessions since system up."::={ crasActivity 24}crasEmailPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent Email proxy sessions since system up."::={ crasActivity 25}crasIPSecNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active IPSec sessions."::={ crasActivity 26}crasIPSecCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative IPSec sessions since system up."::={ crasActivity 27}crasIPSecPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent Email proxy sessions since system up."::={ crasActivity 28}crasL2LNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active LAN to LAN sessions."::={ crasActivity 29}crasL2LCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative LAN to LAN sessions since system up."::={ crasActivity 30}crasL2LPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent LAN to LAN sessions since system up."::={ crasActivity 31}crasLBNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active Load Balancing sessions."::={ crasActivity 32}crasLBCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative Load Balancing sessions since system up."::={ crasActivity 33}crasLBPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent Load Balancing sessions since system up."::={ crasActivity 34}
crasSVCNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active SVC sessions."::={ crasActivity 35}crasSVCCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative SVC sessions since system up."::={ crasActivity 36}crasSVCPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent SVC sessions since system up."::={ crasActivity 37}
crasWebvpnNumSessions OBJECT-TYPESYNTAXGauge32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of currently active Webvpn sessions."::={ crasActivity 38}crasWebvpnCumulateSessions OBJECT-TYPESYNTAXCounter32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of cumulative Webvpn sessions since system up."::={ crasActivity 39}crasWebvpnPeakConcurrentSessions OBJECT-TYPESYNTAXUnsigned32UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of peak concurrent Webvpn sessions since system up."
::={ crasActivity 40}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Remote Access Failures Group
--
-- This group consists of:
-- 1) Remote Access global failures
-- 2) Remote Access session failures
-- 3) Remote Access Group failures
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The global failures group
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasFailuresGlobals OBJECTIDENTIFIER::={ crasFailures 1}crasNumTotalFailures OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of attempts to establish sessions which
failed, since the last reboot of the managed device."::={ crasFailuresGlobals 1}crasNumDeclinedSessions OBJECT-TYPESYNTAXUnsigned32(0..4294967295)UNITS"Sessions"
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of session setup attempts, counted since
the last time the notification
'ciscoRasTooManyFailedAuths' was issued, which were
declined due to authentication or authorization
failure.
"::={ crasFailuresGlobals 2}crasNumSetupFailInsufResources OBJECT-TYPESYNTAXCounter64UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of session setup attempts that failed
due to insufficient resources."::={ crasFailuresGlobals 3}crasNumAbortedSessions OBJECT-TYPESYNTAXCounter64UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of sessions which were successfully
setup but were since terminated abnormally."
::={ crasFailuresGlobals 4}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Failure Global Control Objects
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasFailGlobalCntl OBJECTIDENTIFIER::={ crasFailures 2}crasFailTableSize OBJECT-TYPESYNTAXUnsigned32(0..4294967295)MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"The window size of the Remote Access Failure tables.
The failure tables for session and group failures
maintain only the last crasFailTableSize number of
failure records. A value of 0 for this MIB variable
indicates that archiving of the failures is disabled.
An implementation may choose suitable minimum and
maximum values for this element based on the local
policy and available resources. If an SNMP SET request
specifies a value outside this window for this element,
a BAD VALUE may be returned."::={ crasFailGlobalCntl 1}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- The Remote Access Service failure history
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasSessFailures OBJECTIDENTIFIER::={ crasFailures 3}crasSessFailTable OBJECT-TYPESYNTAXSEQUENCEOF CrasSessFailEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"
This table records the last 'N' session failures,
where 'N' is the value of the MIB element
'crasFailTableSize' defined earlier.
A failure could be a failure to establish a session
('setup' failure) or a failure of a session after it
was established ('operational' failure).
"::={ crasSessFailures 1}crasSessFailEntry OBJECT-TYPESYNTAX CrasSessFailEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Each entry contains the attributes associated with
a remote access session failure."INDEX{ crasSessFailIndex }
::={ crasSessFailTable 1}
CrasSessFailEntry ::=SEQUENCE{
crasSessFailIndex FailureRecordIndex,
crasSessFailUsername SnmpAdminString,
crasSessFailGroupname SnmpAdminString,
crasSessFailType INTEGER,
crasSessFailReason INTEGER,
crasSessFailTime TimeStamp,
crasSessFailSessionIndex SessionIndex,
crasSessFailISPAddrType InetAddressType,
crasSessFailISPAddr InetAddress,
crasSessFailLocalAddrType InetAddressType,
crasSessFailLocalAddr InetAddress}crasSessFailIndex OBJECT-TYPESYNTAX FailureRecordIndex
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The index of the session failure table.
The value of the index is a number which
begins at one and is incremented with each
session failure. The value of this object will
wrap at 4,294,967,295."::={ crasSessFailEntry 1}crasSessFailUsername OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The name of the user associated with this failed
remote access session."::={ crasSessFailEntry 2}crasSessFailGroupname OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The name of the user group to which this failed
remote access session belongs."::={ crasSessFailEntry 3}crasSessFailType OBJECT-TYPESYNTAXINTEGER{setupFailure(1),operationalFailure(2)
}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the failure:
1 = failure occurred during session setup
2 = failed occurred after the session was setup
successfully.
"::={ crasSessFailEntry 4}crasSessFailReason OBJECT-TYPESYNTAXINTEGER{other(1),internalError(2),authenticationFailure(3),authorizationFailure(4),sysCapExceeded(5),peerAbortRequest(6),peerLost(7),operRequest(8)}MAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The reason for the failure. Possible reasons
include:
1 = other (error which cannot be classified in
any of the types listed below).
2 = internal error occurred
3 = failed to authenticate the peer/user
4 = failed to authorize the peer/user
5 = system capacity exceeded (memory, cpu, max
users etc)
6 = peer requested to abort the session or the
setup
7 = lost peer's heartbeat
8 = local management request."::={ crasSessFailEntry 5}crasSessFailTime OBJECT-TYPESYNTAXTimeStampMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The value of the MIB element 'sysUpTime'
at the time of the failure."::={ crasSessFailEntry 6}crasSessFailSessionIndex OBJECT-TYPESYNTAX SessionIndex
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The index of the session which failed (in case
this was an operational failure). In case of setup
failures (where the value of 'crasSessFailType' of
this conceptual row is 'operationalFailure'), the
value of this object is undefined and should not be
processed."::={ crasSessFailEntry 7}crasSessFailISPAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasSessFailISPAddr'.
"::={ crasSessFailEntry 8}crasSessFailISPAddr OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The public address of the peer."::={ crasSessFailEntry 9}crasSessFailLocalAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The type of the address returned in
'crasSessFailLocalAddr'.
"::={ crasSessFailEntry 10}crasSessFailLocalAddr OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The address assigned to the peer by the local
address management mechanism. In case no address
was assigned to the peer when the failure occurred,
this MIB variable would contain the IPv4 address
value 0.0.0.0"::={ crasSessFailEntry 11}crasFailLastFailIndex OBJECT-TYPESYNTAX FailureRecordIndex
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The value of column 'crasSessFailIndex'
corresponding to the last row added to the
crasSessFailTable.
The value of this object is undefined and should
not be processed by the management entity if the
value of the object 'crasFailTableSize' is 0.
"::={ crasSessFailures 2}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Remote Access session failure history, catalogued by
-- user group
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasGroupFailures OBJECTIDENTIFIER::={ crasFailures 4}crasGrpFailTable OBJECT-TYPESYNTAXSEQUENCEOF CrasGrpFailEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"This table records the last 'N' occurrences of
failures (setup or operational) per user group,
where 'N' is the value of the MIB element
'crasFailTableSize' defined earlier.
When 'N' entries have been created, the failure
information about a new user group must be created by
deleting the oldest entry in this table.
"::={ crasGroupFailures 1}crasGrpFailEntry OBJECT-TYPESYNTAX CrasGrpFailEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Each entry contains the summary of failures for a
specific user group."INDEX{ crasGrpFailGroupname }
::={ crasGrpFailTable 1}
CrasGrpFailEntry ::=SEQUENCE{
crasGrpFailGroupname SnmpAdminString,
crasGrpFailNumFailAuths Counter64,
crasGrpFailNumResourceFailures Counter64,
crasGrpFailNumDeclined Counter64,
crasGrpFailNumTerminatedMgmt Counter64,
crasGrpFailNumTerminatedOther Counter64}crasGrpFailGroupname OBJECT-TYPESYNTAXSnmpAdminString(SIZE(0..64))MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The name of the user group to which this failure
record corresponds.
This is the index of the group failure table."::={ crasGrpFailEntry 1}crasGrpFailNumFailAuths OBJECT-TYPESYNTAXCounter64
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of sessions belonging to this group which
failed authentication; counted since last reboot."::={ crasGrpFailEntry 2}crasGrpFailNumResourceFailures OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of session setup attempts which failed due
to insufficient resources."::={ crasGrpFailEntry 3}crasGrpFailNumDeclined OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of session setup attempts which were declined
by the managed entity due to local policy. These would
include sessions which were denied due to rate control
settings."::={ crasGrpFailEntry 4}crasGrpFailNumTerminatedMgmt OBJECT-TYPE
SYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of established sessions which were terminated
by explicit management action. The termination may have
been triggered locally or based on a request from the peer."::={ crasGrpFailEntry 5}crasGrpFailNumTerminatedOther OBJECT-TYPESYNTAXCounter64MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of established sessions which were
terminated due to insufficient reasons, internal error
or other reasons not caused by management action."::={ crasGrpFailEntry 6}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- RAS Security Group
--
-- This group consists of:
-- 1) RAS security global counters
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasSecurityGlobals OBJECTIDENTIFIER::={ crasSecurity 1}crasNumDisabledAccounts OBJECT-TYPE
SYNTAXCounter64UNITS"Users"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The total number of user accounts which were
disabled due to repeated login failures."::={ crasSecurityGlobals 1}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- RAS Thrshold Group
--
-- This group consists of threshold values for RAS parameters
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasThrMaxSessions OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Sessions"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The maximum number of sessions which are successfully
setup after which the managed entity should alert the
network management entity using the notification
'ciscoRasTooManySessions', if the notification has been
enabled.
A value of 0 indicates that the threshold has not been
set."DEFVAL{0}
::={ crasThresholds 1}crasThrMaxFailedAuths OBJECT-TYPESYNTAXUnsigned32(0..4294967295)MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The value of object 'crasNumDeclinedSessions' at
which the managed entity should alert the network
management entity using the notification
'ciscoRasTooManyFailedAuths', if the notification
has been enabled.
A value of 0 indicates that the threshold has not been
set."DEFVAL{4294967295}::={ crasThresholds 2}crasThrMaxThroughput OBJECT-TYPESYNTAXInteger32(0..2147483647)UNITS"Octets Per Second"MAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The highest throughput of the Remote Access Service at
which the managed entity should alert the network management
entity using the notification 'ciscoRasTooHighThroughput',
if the notification has been enabled.
The notification is disabled till the value of the
aggregate throughput of the managed entity drops below
the value of this object.
A value of 0 indicates that the threshold has not been
set."DEFVAL{0}::={ crasThresholds 3}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Notification Control Group
--
-- This group of objects controls the sending of
-- Remote Access MIB TRAPs.
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++crasCntlTooManySessions OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object defines the administrative state of
sending the trap to signal the violation of the
Max session threshold."DEFVAL{ false }::={ crasNotifCntl 1}crasCntlTooManyFailedAuths OBJECT-TYPE
SYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object defines the administrative state of
sending the trap to signal the violation of the
Max authentication failure count threshold."DEFVAL{ false }::={ crasNotifCntl 2}crasCntlTooHighThroughput OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object defines the administrative state of
sending the trap to signal the violation of the
Max throughput threshold."DEFVAL{ false }::={ crasNotifCntl 3}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Cisco Remote Access Notifications - TRAPs
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++ciscoRasTooManySessions NOTIFICATION-TYPEOBJECTS{
crasNumSessions,
crasNumUsers,
crasMaxSessionsSupportable,
crasMaxUsersSupportable,
crasThrMaxSessions
}STATUScurrentDESCRIPTION"This notification is generated when the managed entity
detects that the number of sessions established exceeds
the set threshold crasThrMaxSessions.
Once the notification has been issued, further
notifications are suppressed till the value returns
below the specified threshold."::={ ciscoRasMonitorMIBNotifs 1}ciscoRasTooManyFailedAuths NOTIFICATION-TYPEOBJECTS{
crasNumDeclinedSessions,
crasThrMaxFailedAuths
}STATUScurrentDESCRIPTION"This notification is generated when the managed entity
detects that the number of login attempts (over all
users) exceeds the set threshold for throughput
(crasThrMaxFailedAuths).
Once the notification has been issued, further
notifications are suppressed till the value returns
below the specified threshold."::={ ciscoRasMonitorMIBNotifs 2}
ciscoRasTooHighThroughput NOTIFICATION-TYPEOBJECTS{
crasGlobalInOctets,
crasGlobalOutOctets,
crasThrMaxThroughput
}STATUScurrentDESCRIPTION"This notification is generated when the managed entity
detects that the current throughput of the device exceeds
the set threshold for throughput (crasThrMaxThroughput).
Once the notification has been issued, further
notiifcations are suppressed till the value returns
below the specified threshold."::={ ciscoRasMonitorMIBNotifs 3}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Conformance Information
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++ciscoRasMonitorMIBCompliances OBJECTIDENTIFIER::={ ciscoRasMonitorMIBConform 1}ciscoRasMonitorMIBGroups OBJECTIDENTIFIER::={ ciscoRasMonitorMIBConform 2}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Compliance Statements
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
ciscoRasMonitorMIBCompliance MODULE-COMPLIANCESTATUSdeprecatedDESCRIPTION"The compliance statement for SNMP entities
the Cisco Remote Access Monitoring MIB."MODULE-- this moduleMANDATORY-GROUPS{
ciscoRasCapacityGroup,
ciscoRasResourceUsageGroup,
ciscoRasActivityGroup,
ciscoRasMandatoryFailureGroup
}GROUP ciscoRasGrpActivityGroup
DESCRIPTION"This group is optional."GROUP ciscoRasOptionalFailureGroup
DESCRIPTION"This group is optional."GROUP ciscoRasSecurityGroup
DESCRIPTION"This group is optional."GROUP ciscoRasThresholdsGroup
DESCRIPTION"This group is optional."GROUP ciscoRasNotificationsGroup
DESCRIPTION"This group is mandatory if and only if
the SNMP agent on the managed entity
implements the group
'ciscoRasThresholdsGroup'."
GROUP ciscoRasNotificationCntlGroup
DESCRIPTION"This group is mandatory if and only if
the SNMP agent on the managed entity
implements the group
'ciscoRasNotificationsGroup'."OBJECT crasSessionState
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooManySessions
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooManyFailedAuths
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooHighThroughput
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."::={ ciscoRasMonitorMIBCompliances 1}ciscoRasMonitorMIBComplianceRev1 MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for SNMP entities
the Cisco Remote Access Monitoring MIB."MODULE-- this moduleMANDATORY-GROUPS{
ciscoRasCapacityGroup,
ciscoRasResourceUsageGroup,
ciscoRasActivityGroup,
ciscoRasActivityGroupRev1,
ciscoRasMandatoryFailureGroup
}GROUP ciscoRasGrpActivityGroup
DESCRIPTION"This group is optional."GROUP ciscoRasOptionalFailureGroup
DESCRIPTION"This group is optional."GROUP ciscoRasSecurityGroup
DESCRIPTION"This group is optional."GROUP ciscoRasThresholdsGroup
DESCRIPTION"This group is optional."GROUP ciscoRasNotificationsGroup
DESCRIPTION"This group is mandatory if and only if
the SNMP agent on the managed entity
implements the group
'ciscoRasThresholdsGroup'."GROUP ciscoRasNotificationCntlGroup
DESCRIPTION"This group is mandatory if and only if
the SNMP agent on the managed entity
implements the group
'ciscoRasNotificationsGroup'."OBJECT crasSessionState
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooManySessions
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooManyFailedAuths
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT crasCntlTooHighThroughput
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."::={ ciscoRasMonitorMIBCompliances 2}-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Units of Conformance
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++ciscoRasCapacityGroup OBJECT-GROUPOBJECTS{-- The RAS capacity group
crasMaxSessionsSupportable ,
crasMaxUsersSupportable ,
crasMaxGroupsSupportable ,
crasNumCryptoAccelerators
}STATUScurrentDESCRIPTION"This group consists of the MIB objects pertaining
to Remote Access Service capacity parameters defined
in the Cisco Remote Access MIB."::={ ciscoRasMonitorMIBGroups 1}ciscoRasResourceUsageGroup OBJECT-GROUPOBJECTS{
crasGlobalBwUsage
}STATUScurrentDESCRIPTION"This group consists of the MIB objects pertaining
to Remote Access Service resource usage parameters
defined in the Cisco Remote Access MIB."::={ ciscoRasMonitorMIBGroups 2}ciscoRasActivityGroup OBJECT-GROUPOBJECTS{
crasNumSessions ,
crasNumPrevSessions ,
crasNumUsers ,
crasGlobalInPkts ,
crasGlobalOutPkts ,
crasGlobalInOctets ,
crasGlobalOutOctets ,
crasGlobalInDecompOctets,
crasGlobalOutUncompOctets,
crasGlobalInDropPkts ,
crasGlobalOutDropPkts ,
crasGroup ,
crasAuthenMethod ,
crasAuthorMethod ,
crasSessionDuration ,
crasLocalAddressType,
crasLocalAddress ,
crasISPAddressType ,
crasISPAddress ,
crasSessionProtocol ,
crasProtocolElement,
crasSessionEncryptionAlgo ,
crasSessionPktAuthenAlgo ,
crasSessionCompressionAlgo ,
crasHeartbeatInterval ,
crasClientVendorString ,
crasClientVersionString ,
crasClientOSVendorString ,
crasClientOSVersionString ,--
crasPrimWINSServerAddrType ,
crasPrimWINSServer ,
crasSecWINSServerAddrType ,
crasSecWINSServer ,
crasPrimDNSServerAddrType,
crasPrimDNSServer ,
crasSecDNSServerAddrType ,
crasSecDNSServer ,
crasDHCPServerAddrType ,
crasDHCPServer ,--
crasSessionInPkts ,
crasSessionOutPkts ,
crasSessionInDropPkts ,
crasSessionOutDropPkts ,
crasSessionInOctets ,
crasSessionOutOctets,
crasSessionState
--}STATUScurrentDESCRIPTION"This group consists of the MIB objects pertaining
to the Cisco Remote Access MIB Activity group.
Following are definitions of some terms used in
this compliance group:
User:
A remote access user.
Group:
A collection of remote access users grouped
and managed together as a single entity for
administrative convenience.
ISP:
Internet Service Provider.
Crypto Accelerator
'Crypto Accelerator' denotes a device which
the managed entity uses to offload some or all
computations pertaining to cryptographic
operations.
Session
A connection terminating on the managed device
which has been established to provide remote access
connectivity to a user.
"::={ ciscoRasMonitorMIBGroups 3}ciscoRasGrpActivityGroup OBJECT-GROUPOBJECTS{
crasNumGroups,
crasActGrNumUsers,
crasActGrpInPkts,
crasActGrpOutPkts,
crasActGrpInDropPkts,
crasActGrpOutDropPkts,
crasActGrpInOctets,
crasActGrpOutOctets
}STATUScurrentDESCRIPTION"This group consists of the MIB objects pertaining
to activity of user groups.
"::={ ciscoRasMonitorMIBGroups 4}ciscoRasMandatoryFailureGroup OBJECT-GROUPOBJECTS{
crasNumTotalFailures,
crasNumDeclinedSessions,
crasNumAbortedSessions,
crasFailTableSize
}STATUScurrentDESCRIPTION"This group categorizes objects pertaining to
failures in the Remote Access Service which are
essential for successful monitoring of the
service.
"::={ ciscoRasMonitorMIBGroups 5}ciscoRasOptionalFailureGroup OBJECT-GROUPOBJECTS{
crasNumSetupFailInsufResources,
crasSessFailUsername,
crasSessFailGroupname,
crasSessFailType,
crasSessFailReason,
crasSessFailTime,
crasSessFailSessionIndex,
crasSessFailISPAddr,
crasSessFailLocalAddr,
crasSessFailISPAddrType,
crasSessFailLocalAddrType,
crasFailLastFailIndex,
crasGrpFailNumFailAuths,
crasGrpFailNumResourceFailures,
crasGrpFailNumDeclined,
crasGrpFailNumTerminatedMgmt,
crasGrpFailNumTerminatedOther
}STATUScurrentDESCRIPTION"This group categorizes optional objects pertaining
to failures in the Remote Access Service."::={ ciscoRasMonitorMIBGroups 6}
ciscoRasSecurityGroup OBJECT-GROUPOBJECTS{
crasNumDisabledAccounts
}STATUScurrentDESCRIPTION"This group categorizes objects pertaining to the
monitoring state of security in the Remote Access
Service."::={ ciscoRasMonitorMIBGroups 7}ciscoRasThresholdsGroup OBJECT-GROUPOBJECTS{
crasThrMaxSessions,
crasThrMaxFailedAuths,
crasThrMaxThroughput
}STATUScurrentDESCRIPTION"This group categorizes objects which are used to
establish baseline values of metrics instrumenting
the Remote Access Service."::={ ciscoRasMonitorMIBGroups 8}ciscoRasNotificationCntlGroup OBJECT-GROUPOBJECTS{
crasCntlTooManySessions,
crasCntlTooManyFailedAuths,
crasCntlTooHighThroughput
}STATUScurrent
DESCRIPTION"This group of objects controls the sending of
notifications defined in this MIB module."::={ ciscoRasMonitorMIBGroups 9}ciscoRasNotificationsGroup NOTIFICATION-GROUPNOTIFICATIONS{
ciscoRasTooHighThroughput,
ciscoRasTooManyFailedAuths,
ciscoRasTooManySessions
}STATUScurrentDESCRIPTION"This group contains the notifications for the
Remote Access MIB."::={ ciscoRasMonitorMIBGroups 10}ciscoRasActivityGroupRev1 OBJECT-GROUPOBJECTS{
crasEmailNumSessions,
crasEmailCumulateSessions,
crasEmailPeakConcurrentSessions,
crasIPSecNumSessions,
crasIPSecCumulateSessions,
crasIPSecPeakConcurrentSessions,
crasL2LNumSessions,
crasL2LCumulateSessions,
crasL2LPeakConcurrentSessions,
crasLBNumSessions,
crasLBCumulateSessions,
crasLBPeakConcurrentSessions,
crasSVCNumSessions,
crasSVCCumulateSessions,
crasSVCPeakConcurrentSessions,
crasWebvpnNumSessions,
crasWebvpnCumulateSessions,
crasWebvpnPeakConcurrentSessions
}STATUScurrentDESCRIPTION"This group contains activity information related
to sessions."::={ ciscoRasMonitorMIBGroups 11}END