NS-VPN-USR.mib

-- This module defines enterprise MIBs for VPN User
-- 
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.

NETSCREEN-VPN-USER-MIB DEFINITIONS ::= BEGIN

IMPORTS
--PSIM(Modif)     netscreenVpnMibModule
    netscreenVpnMibModule, netscreenVpn
        FROM NETSCREEN-SMI
    Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
        FROM SNMPv2-SMI
    DisplayString
        FROM SNMPv2-TC
    ;

netscreenUserMibModule MODULE-IDENTITY
    LAST-UPDATED  "200405032022Z" -- May 03, 2004
    ORGANIZATION
        "Juniper Networks, Inc."
    CONTACT-INFO
        "Customer Support

         1194 North Mathilda Avenue 
         Sunnyvale, California 94089-1206
         USA

         Tel: 1-800-638-8296
         E-mail: customerservice@juniper.net
         HTTP://www.juniper.net"
    DESCRIPTION
        "This module defines NetScreen private MIBs for VPN User"
    REVISION      "200405030000Z" -- May 03, 2004
    DESCRIPTION
        "Modified copyright and contact information"
    REVISION      "200403030000Z" -- March 03, 2004
    DESCRIPTION
        "Converted to SMIv2 by Longview Software"
    REVISION      "200311130000Z" -- November 13, 2003
    DESCRIPTION
        "Correct spelling mistake"
    REVISION      "200205050000Z" -- May 05, 2002
    DESCRIPTION
        "Add dial-up group type"
    REVISION      "200105140000Z" -- May 14, 2001
    DESCRIPTION
        "Creation Date"
    ::= { netscreenVpnMibModule 10 }

NsVpnAILUsrEntry ::= SEQUENCE
{
    nsVpnAILUsrIndex         Integer32,
    nsVpnAILUsrName          DisplayString,
    nsVpnAILUsrGrp           DisplayString,
    nsVpnAILUsrStatus        INTEGER,
    nsVpnAILUsrIKE           INTEGER,
    nsVpnAILUsrIKEIdType     INTEGER,
    nsVpnAILUsrIKEId         DisplayString,
    nsVpnAILUsrAuth          INTEGER,
    nsVpnAILUsrL2TP          INTEGER,
    nsVpnAILUsrL2tpRemoteIp  IpAddress,
    nsVpnAILUsrL2tpIpPool    DisplayString,
    nsVpnAILUsrL2tpIp        IpAddress,
    nsVpnAILUsrL2tpPriDnsIp  IpAddress,
    nsVpnAILUsrL2tpSecDnsIp  IpAddress,
    nsVpnAILUsrL2tpPriWinsIp IpAddress,
    nsVpnAILUsrL2tpSecWinsIp IpAddress,
    nsVpnAILUsrVsys          Integer32
}

NsVpnManualKeyUsrEntry ::= SEQUENCE
{
    nsVpnManualKeyUsrIndex      Integer32,
    nsVpnManualKeyUsrName       DisplayString,
    nsVpnManualKeyUsrGrp        DisplayString,
    nsVpnManualKeyUsrSILocal    Integer32,
    nsVpnManualKeyUsrSIRemote   Integer32,
    nsVpnManualKeyUsrTunnelType INTEGER,
    nsVpnManualKeyUsrEspEncAlg  INTEGER,
    nsVpnManualKeyUsrEspAuthAlg INTEGER,
    nsVpnManualKeyUsrAhHash     INTEGER,
    nsVpnManualKeyUsrVsys       Integer32
}

NsVpnUsrDialupGrpEntry ::= SEQUENCE
{
    nsVpnUsrDialupGrpIndex Integer32,
    nsVpnUsrDialupGrpName  DisplayString,
    nsVpnUsrDialupGrpType  INTEGER,
    nsVpnUsrDialupGrpVsys  Integer32
}

nsVpnUser OBJECT IDENTIFIER ::= { netscreenVpn 10 }

nsVpnUsrDialupGrpTable OBJECT-TYPE
    SYNTAX        SEQUENCE OF NsVpnUsrDialupGrpEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "NetScreen supports using dialup group to organize vpn
         user.This table collects the information of dialup group in
         NetScreen device."
    ::= { nsVpnUser 1 }

nsVpnUsrDialupGrpEntry OBJECT-TYPE
    SYNTAX        NsVpnUsrDialupGrpEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "Each entry in this table holds a set of configuration
         information about dialup group."
    INDEX
        { nsVpnUsrDialupGrpIndex }
    ::= { nsVpnUsrDialupGrpTable 1 }

nsVpnUsrDialupGrpIndex OBJECT-TYPE
    SYNTAX        Integer32 (0..2147483647)
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "A unique value for schedule.  Its value ranges between 0 and
         65535 and may not be contiguous."
    ::= { nsVpnUsrDialupGrpEntry 1 }

nsVpnUsrDialupGrpName OBJECT-TYPE
    SYNTAX        DisplayString (SIZE(0..32))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "dialup user group name."
    ::= { nsVpnUsrDialupGrpEntry 2 }

nsVpnUsrDialupGrpType OBJECT-TYPE
    SYNTAX        INTEGER {
        undefined(0),
        manual(1),
        ike(2),
        l2tp(3),
        xauth(4),
        auth(5),
        external(6)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "dial up group type."
    ::= { nsVpnUsrDialupGrpEntry 3 }

nsVpnUsrDialupGrpVsys OBJECT-TYPE
    SYNTAX        Integer32
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "vsys this group belongs to."
    ::= { nsVpnUsrDialupGrpEntry 4 }

nsVpnManualKeyUsrTable OBJECT-TYPE
    SYNTAX        SEQUENCE OF NsVpnManualKeyUsrEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "This table specifies the configuration attributes for  manual
         key user."
    ::= { nsVpnUser 2 }

nsVpnManualKeyUsrEntry OBJECT-TYPE
    SYNTAX        NsVpnManualKeyUsrEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "Each entry in the nsVpnManualkeyUsrTable holds a set of
         configuration parameters associated with an instance of manual
         key user."
    INDEX
        { nsVpnManualKeyUsrIndex }
    ::= { nsVpnManualKeyUsrTable 1 }

nsVpnManualKeyUsrIndex OBJECT-TYPE
    SYNTAX        Integer32 (0..2147483647)
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "A unique value for manual key user table.  Its value ranges
         between 0 and 65535 and may not be contiguous."
    ::= { nsVpnManualKeyUsrEntry 1 }

nsVpnManualKeyUsrName OBJECT-TYPE
    SYNTAX        DisplayString (SIZE(0..32))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "User name."
    ::= { nsVpnManualKeyUsrEntry 2 }

nsVpnManualKeyUsrGrp OBJECT-TYPE
    SYNTAX        DisplayString (SIZE(0..32))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "group this user belongs to."
    ::= { nsVpnManualKeyUsrEntry 3 }

nsVpnManualKeyUsrSILocal OBJECT-TYPE
    SYNTAX        Integer32
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "Local Security Index"
    ::= { nsVpnManualKeyUsrEntry 4 }

nsVpnManualKeyUsrSIRemote OBJECT-TYPE
    SYNTAX        Integer32
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "Remote Security Index"
    ::= { nsVpnManualKeyUsrEntry 5 }

nsVpnManualKeyUsrTunnelType OBJECT-TYPE
    SYNTAX        INTEGER {
        esp(0),
        ah(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "vpn tunnel type."
    ::= { nsVpnManualKeyUsrEntry 6 }

nsVpnManualKeyUsrEspEncAlg OBJECT-TYPE
    SYNTAX        INTEGER {
        null(0),
        des-cbc(1),
        triple-des-cbc(2),
            aes(3),
                aes-192(4),
                aes-256(5)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "ESP Encryption Algorithm."
    ::= { nsVpnManualKeyUsrEntry 7 }

nsVpnManualKeyUsrEspAuthAlg OBJECT-TYPE
    SYNTAX        INTEGER {
        null(0),
        md5(1),
        sha(2)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "ESP Authentication Algorithm."
    ::= { nsVpnManualKeyUsrEntry 8 }

nsVpnManualKeyUsrAhHash OBJECT-TYPE
    SYNTAX        INTEGER {
        null(0),
        md5(1),
        sha(2)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "AH Hash Algorithm."
    ::= { nsVpnManualKeyUsrEntry 9 }

nsVpnManualKeyUsrVsys OBJECT-TYPE
    SYNTAX        Integer32
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "vsys this user belongs to."
    ::= { nsVpnManualKeyUsrEntry 10 }

nsVpnAILUsrTable OBJECT-TYPE
    SYNTAX        SEQUENCE OF NsVpnAILUsrEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "This table specifies the configuration attributes for
         AUTH/IKE/L2TP user."
    ::= { nsVpnUser 3 }

nsVpnAILUsrEntry OBJECT-TYPE
    SYNTAX        NsVpnAILUsrEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
        "Each entry in the nsVpnManualkeyUsrTable holds a set of
         configuration parameters associated with an instance of
         AUTH/IKE/L2TP user."
    INDEX
        { nsVpnAILUsrIndex }
    ::= { nsVpnAILUsrTable 1 }

nsVpnAILUsrIndex OBJECT-TYPE
    SYNTAX        Integer32 (0..2147483647)
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "A unique value for Auth/Ike/l2tp user table.  Its value ranges
         between 1 and 65535 and may not be contiguous."
    ::= { nsVpnAILUsrEntry 1 }

nsVpnAILUsrName OBJECT-TYPE
    SYNTAX        DisplayString (SIZE(0..32))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "User name."
    ::= { nsVpnAILUsrEntry 2 }

nsVpnAILUsrGrp OBJECT-TYPE
    SYNTAX        DisplayString (SIZE(0..32))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "group this user belongs to."
    ::= { nsVpnAILUsrEntry 3 }

nsVpnAILUsrStatus OBJECT-TYPE
    SYNTAX        INTEGER {
        disable(0),
        enabled(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "User status"
    ::= { nsVpnAILUsrEntry 4 }

nsVpnAILUsrIKE OBJECT-TYPE
    SYNTAX        INTEGER {
        no(0),
        yes(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "Since Authentication, IKE L2TP can be combined together. This
         attribute is used to indicate if this user is an IKE user."
    ::= { nsVpnAILUsrEntry 5 }

nsVpnAILUsrIKEIdType OBJECT-TYPE
    SYNTAX        INTEGER {
        not-set(0),
        ipv4-addr(1),
        fqdn(2),
        usr-fqdn(3),
        ipv4-addr-subnet(4),
        ipv6-addr(5),
        ipv6-addr-subnet(6),
        ipv4-addr-addr-range(7),
        ipv6-addr-addr-range(8),
        der-asn1-dn(9),
        der-asn1-gn(10)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "IKE user type 1 means auto, other values are undefined."
    ::= { nsVpnAILUsrEntry 6 }

nsVpnAILUsrIKEId OBJECT-TYPE
    SYNTAX        DisplayString
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "IKE id."
    ::= { nsVpnAILUsrEntry 7 }

nsVpnAILUsrAuth OBJECT-TYPE
    SYNTAX        INTEGER {
        no(0),
        yes(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "Since Authentication, IKE L2TP can be combined together. This
         attribute is used to indicate if this user is an Authentication
         user."
    ::= { nsVpnAILUsrEntry 8 }

nsVpnAILUsrL2TP OBJECT-TYPE
    SYNTAX        INTEGER {
        no(0),
        yes(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "Since Authentication, IKE L2TP can be combined together. This
         attribute is used to indicate if this user is a L2TP user. The
         NetScreen-1000 does not support L2TP."
    ::= { nsVpnAILUsrEntry 9 }

nsVpnAILUsrL2tpRemoteIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "L2TP remote peer ip address."
    ::= { nsVpnAILUsrEntry 10 }

nsVpnAILUsrL2tpIpPool OBJECT-TYPE
    SYNTAX        DisplayString
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "ip pool entity name."
    ::= { nsVpnAILUsrEntry 11 }

nsVpnAILUsrL2tpIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "L2TP local ip address."
    ::= { nsVpnAILUsrEntry 12 }

nsVpnAILUsrL2tpPriDnsIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "primary DNS server IP address for L2TP user."
    ::= { nsVpnAILUsrEntry 13 }

nsVpnAILUsrL2tpSecDnsIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "secondary DNS server IP address for L2TP user."
    ::= { nsVpnAILUsrEntry 14 }

nsVpnAILUsrL2tpPriWinsIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "primary WINS server IP address for L2TP user."
    ::= { nsVpnAILUsrEntry 15 }

nsVpnAILUsrL2tpSecWinsIp OBJECT-TYPE
    SYNTAX        IpAddress
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "secondary WINS server IP address for L2TP user."
    ::= { nsVpnAILUsrEntry 16 }

nsVpnAILUsrVsys OBJECT-TYPE
    SYNTAX        Integer32
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
        "vsys this user belongs to."
    ::= { nsVpnAILUsrEntry 17 }

END
OID .1.3.6.1.4.1.3224.4.0.10OID .1.3.6.1.4.1.3224.4.10OID .1.3.6.1.4.1.3224.4.10.1OID .1.3.6.1.4.1.3224.4.10.1.1OID .1.3.6.1.4.1.3224.4.10.1.1.1OID .1.3.6.1.4.1.3224.4.10.1.1.2OID .1.3.6.1.4.1.3224.4.10.1.1.3OID .1.3.6.1.4.1.3224.4.10.1.1.4OID .1.3.6.1.4.1.3224.4.10.2OID .1.3.6.1.4.1.3224.4.10.2.1OID .1.3.6.1.4.1.3224.4.10.2.1.1OID .1.3.6.1.4.1.3224.4.10.2.1.2OID .1.3.6.1.4.1.3224.4.10.2.1.3OID .1.3.6.1.4.1.3224.4.10.2.1.4OID .1.3.6.1.4.1.3224.4.10.2.1.5OID .1.3.6.1.4.1.3224.4.10.2.1.6OID .1.3.6.1.4.1.3224.4.10.2.1.7OID .1.3.6.1.4.1.3224.4.10.2.1.8OID .1.3.6.1.4.1.3224.4.10.2.1.9OID .1.3.6.1.4.1.3224.4.10.2.1.10OID .1.3.6.1.4.1.3224.4.10.3OID .1.3.6.1.4.1.3224.4.10.3.1OID .1.3.6.1.4.1.3224.4.10.3.1.1OID .1.3.6.1.4.1.3224.4.10.3.1.2OID .1.3.6.1.4.1.3224.4.10.3.1.3OID .1.3.6.1.4.1.3224.4.10.3.1.4OID .1.3.6.1.4.1.3224.4.10.3.1.5OID .1.3.6.1.4.1.3224.4.10.3.1.6OID .1.3.6.1.4.1.3224.4.10.3.1.7OID .1.3.6.1.4.1.3224.4.10.3.1.8OID .1.3.6.1.4.1.3224.4.10.3.1.9OID .1.3.6.1.4.1.3224.4.10.3.1.10OID .1.3.6.1.4.1.3224.4.10.3.1.11OID .1.3.6.1.4.1.3224.4.10.3.1.12OID .1.3.6.1.4.1.3224.4.10.3.1.13OID .1.3.6.1.4.1.3224.4.10.3.1.14OID .1.3.6.1.4.1.3224.4.10.3.1.15OID .1.3.6.1.4.1.3224.4.10.3.1.16OID .1.3.6.1.4.1.3224.4.10.3.1.17