-- ***************************************************************
-- CISCO-SSLVPN-MIB.my:  Cisco SSLVPN Configuration
-- Monitoring MIB
--   
-- OCT 2014, Y Vasavi
--   
-- Copyright (c) 2014-2015 by cisco Systems Inc.
-- All rights reserved.
--   
-- *****************************************************************

CISCO-SSLVPN-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY,
    OBJECT-TYPE,
    NOTIFICATION-TYPE,
    Unsigned32,
    Counter64
        FROM SNMPv2-SMI
    MODULE-COMPLIANCE,
    NOTIFICATION-GROUP,
    OBJECT-GROUP
        FROM SNMPv2-CONF
    DateAndTime
        FROM SNMPv2-TC
    InetAddressType,
    InetAddress,
    InetAddressPrefixLength
        FROM INET-ADDRESS-MIB
    SnmpAdminString
        FROM SNMP-FRAMEWORK-MIB
    ciscoMgmt
        FROM CISCO-SMI;


ciscoSslvpnMIB MODULE-IDENTITY
    LAST-UPDATED    "201511170000Z"
    ORGANIZATION    "Cisco Systems, Inc."
    CONTACT-INFO
            "Cisco Systems
            Customer Service

            Postal: 170 W Tasman Drive
            San Jose, CA  95134
            USA

            Tel: +1 800 553-NETS

            E-mail: cs-vpn@cisco.com"
    DESCRIPTION
        "This MIB module defines management objects for
        configuration and monitoring of the Cisco secure
        gateway that implements SSLVPN.

        Glossary:

        AnyConnect - Cisco AnyConnect a unified agent that delivers
                     multiple security services to help enable and
                     protect the enterprise.

        SSL - Secure Sockets Layer

        URL - Uniform Resource Locator

        VPN - Virtual Private Network"
    REVISION        "201511170000Z"
    DESCRIPTION
        "Incorporated MIB review comments."
    REVISION        "201510141200Z"
    DESCRIPTION
        "Initial version of this MIB module."
    ::= { ciscoMgmt 829 }


ciscoSslvpnMIBNotifs  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIB 0 }

ciscoSslvpnMIBObjects  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIB 1 }

ciscoSslvpnMIBConform  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIB 2 }

csslvpnGlobalStatistics  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIBObjects 1 }

csslvpnSession  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIBObjects 2 }

csslvpnNotificationControl  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIBObjects 3 }


csslvpnMaxSessionAllowed OBJECT-TYPE
    SYNTAX          Unsigned32
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the maximum number of active SSLVPN
        sessions that are supported by the device." 
    ::= { csslvpnGlobalStatistics 1 }

csslvpnActiveSessions OBJECT-TYPE
    SYNTAX          Unsigned32
    UNITS           "sessions"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of active SSLVPN
        sessions." 
    ::= { csslvpnGlobalStatistics 2 }

csslvpnPeakSessions OBJECT-TYPE
    SYNTAX          Unsigned32
    UNITS           "sessions"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of sessions during peak
        time." 
    ::= { csslvpnGlobalStatistics 3 }

csslvpnInControlPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of control packets
        received by the Secure Gateway." 
    ::= { csslvpnGlobalStatistics 4 }

csslvpnInDataPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of data packets
        received by the Secure Gateway." 
    ::= { csslvpnGlobalStatistics 5 }

csslvpnOutControlPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of control
        packets sent by the Secure Gateway." 
    ::= { csslvpnGlobalStatistics 6 }

csslvpnOutDataPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of data packets sent by
        the Secure Gateway." 
    ::= { csslvpnGlobalStatistics 7 }

csslvpnAuthFailures OBJECT-TYPE
    SYNTAX          Unsigned32
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of authentication
        failures." 
    ::= { csslvpnGlobalStatistics 8 }

csslvpnConnectFailures OBJECT-TYPE
    SYNTAX          Unsigned32
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of connect failures." 
    ::= { csslvpnGlobalStatistics 9 }

csslvpnReconnectFailures OBJECT-TYPE
    SYNTAX          Unsigned32
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of reconnect failures." 
    ::= { csslvpnGlobalStatistics 10 }

csslvpnDpdTimeouts OBJECT-TYPE
    SYNTAX          Counter64
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of Dead Peer Detection
        timeouts." 
    ::= { csslvpnGlobalStatistics 11 }

csslvpnAuthRequests OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "requests"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of authentication
        requests." 
    ::= { csslvpnGlobalStatistics 12 }

csslvpnAuthResponses OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "responses"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of authentication
        responses." 
    ::= { csslvpnGlobalStatistics 13 }

csslvpnInDpdRequests OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "requests"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of Dead Peer Detection
        requests received by Secure Gateway." 
    ::= { csslvpnGlobalStatistics 14 }

csslvpnOutDpdRequests OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "requests"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of Dead Peer Detection
        requests sent by Secure Gateway." 
    ::= { csslvpnGlobalStatistics 15 }

csslvpnInDpdResponses OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "responses"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of Dead Peer Detection
        responses received by Secure Gateway." 
    ::= { csslvpnGlobalStatistics 16 }

csslvpnOutDpdResponses OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "responses"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of Dead Peer Detection
        responses sent by Secure Gateway." 
    ::= { csslvpnGlobalStatistics 17 }

csslvpnSessionTable OBJECT-TYPE
    SYNTAX          SEQUENCE OF CsslvpnSessionEntry 
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION
        "A list of SSLVPN sessions which has been successfully
        created by the secure gateway."
    ::= { csslvpnSession 1 }

csslvpnSessionEntry OBJECT-TYPE
    SYNTAX          CsslvpnSessionEntry
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION
        "An entry providing the management information of a
        SSLVPN session.

        An entry will be created when the SSLVPN session has been
        successfully provisioned by the secure gateway.

        An entry will be removed when the SSLVPN session has been
        removed by the secure gateway."
    INDEX           { csslvpnSessionID } 
    ::= { csslvpnSessionTable 1 }

CsslvpnSessionEntry ::= SEQUENCE {
        csslvpnSessionID               Unsigned32,
        csslvpnSessionUser             SnmpAdminString,
        csslvpnSessionProfile          SnmpAdminString,
        csslvpnSessionPolicy           SnmpAdminString,
        csslvpnSessionClientIpAddrType InetAddressType,
        csslvpnSessionClientIpAddr     InetAddress,
        csslvpnSessionTunnelIpAddrType InetAddressType,
        csslvpnSessionTunnelIpAddr     InetAddress,
        csslvpnSessionTunnelNetmask    InetAddressPrefixLength,
        csslvpnSessionNumConnections   Unsigned32,
        csslvpnSessionRxPackets        Counter64,
        csslvpnSessionTxPackets        Counter64,
        csslvpnSessionRxBytes          Counter64,
        csslvpnSessionTxBytes          Counter64,
        csslvpnSessionLastUsed         DateAndTime,
        csslvpnSessionCreated          DateAndTime
}

csslvpnSessionID OBJECT-TYPE
    SYNTAX          Unsigned32 (1..4294967295)
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION
        "This object indicates the index of a SSLVPN session.
        The value of csslvpnSessionID is assigned uniquely during session
        creation." 
    ::= { csslvpnSessionEntry 1 }

csslvpnSessionUser OBJECT-TYPE
    SYNTAX          SnmpAdminString
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the username with which session is
        authenticated." 
    ::= { csslvpnSessionEntry 2 }

csslvpnSessionProfile OBJECT-TYPE
    SYNTAX          SnmpAdminString
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the SSL profile to which session is
        connected. 

        The SSL profile defines authentication and accounting
        lists. Profile selection will be based on policy and URL
        values.  Profile may also optionally associate with default
        authorization policy" 
    ::= { csslvpnSessionEntry 3 }

csslvpnSessionPolicy OBJECT-TYPE
    SYNTAX          SnmpAdminString
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the SSL policy to which session is
        connected. 

        SSL policy defines the cipher suites to be supported and the
        trust point to be used during SSL negotiation. SSL policy is a
        container of all the parameters used in the SSL negotiation.
        The policy selection would be done by matching the session
        parameters against the parameters configured under the policy" 
    ::= { csslvpnSessionEntry 4 }

csslvpnSessionClientIpAddrType OBJECT-TYPE
    SYNTAX          InetAddressType
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the type of public IP Address of the
        client that initiated the session." 
    ::= { csslvpnSessionEntry 5 }

csslvpnSessionClientIpAddr OBJECT-TYPE
    SYNTAX          InetAddress
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the public IP Address of the client that
        initiated the session.

        The type of this address is determined by the value of
        csslvpnSessionClientIpAddrType object." 
    ::= { csslvpnSessionEntry 6 }

csslvpnSessionTunnelIpAddrType OBJECT-TYPE
    SYNTAX          InetAddressType
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the type of IP address assigned to
        AnyConnect client during tunnel bring up." 
    ::= { csslvpnSessionEntry 7 }

csslvpnSessionTunnelIpAddr OBJECT-TYPE
    SYNTAX          InetAddress
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the IP address assigned to AnyConnect
        client during tunnel bring up.

        The type of this address is determined by the value of
        csslvpnSessionTunnelIpAddrType object." 
    ::= { csslvpnSessionEntry 8 }

csslvpnSessionTunnelNetmask OBJECT-TYPE
    SYNTAX          InetAddressPrefixLength
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the netmask assigned to the client
        during the session bring up.

        This object is always interpreted with the value of
        csslvpnSessionTunnelIpAddrType object." 
    ::= { csslvpnSessionEntry 9 }

csslvpnSessionNumConnections OBJECT-TYPE
    SYNTAX          Unsigned32
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of connections
        associated with a particular session." 
    ::= { csslvpnSessionEntry 10 }

csslvpnSessionRxPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of packets received
        during the session." 
    ::= { csslvpnSessionEntry 11 }

csslvpnSessionTxPackets OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "packets"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of packets transmitted
        during the session." 
    ::= { csslvpnSessionEntry 12 }

csslvpnSessionRxBytes OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "bytes"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of bytes received
        during the session." 
    ::= { csslvpnSessionEntry 13 }

csslvpnSessionTxBytes OBJECT-TYPE
    SYNTAX          Counter64
    UNITS           "bytes"
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the total number of bytes transmitted
        during the session." 
    ::= { csslvpnSessionEntry 14 }

csslvpnSessionLastUsed OBJECT-TYPE
    SYNTAX          DateAndTime
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the time, when the session was last
        used." 
    ::= { csslvpnSessionEntry 15 }

csslvpnSessionCreated OBJECT-TYPE
    SYNTAX          DateAndTime
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
        "This object indicates the time, when the session was created." 
    ::= { csslvpnSessionEntry 16 }
 


csslvpnNotificationEnable OBJECT-TYPE
    SYNTAX          BITS {
                        sessionLimit(0),
                        tunnelUp(1),
                        tunnelDown(2)
                    }
    MAX-ACCESS      read-write
    STATUS          current
    DESCRIPTION
        "This object specifies whether a specified notification is
        enabled or not.  If a bit corresponding to a notification
        is set to 1, then the specified notification can be generated.

        sessionLimit  -- the csslvpnSessionLimitNotif
                               notification.

        tunnelUp      -- the csslvpnTunnelUpNotif notification.

        tunnelDown    -- the csslvpnTunnelDownNotif notification." 
    ::= { csslvpnNotificationControl 1 }

-- Notifications

csslvpnSessionLimitNotif NOTIFICATION-TYPE
    OBJECTS         { csslvpnMaxSessionAllowed }
    STATUS          current
    DESCRIPTION
        "This notification would be sent when the attempt of creating
        a new active sessions may exceed the maximum number of sessions
        supported by the device."
   ::= { ciscoSslvpnMIBNotifs 1 }

csslvpnTunnelUpNotif NOTIFICATION-TYPE
    OBJECTS         {
                        csslvpnSessionUser,
                        csslvpnSessionTunnelIpAddrType,
                        csslvpnSessionTunnelIpAddr,
                        csslvpnSessionTunnelNetmask
                    }
    STATUS          current
    DESCRIPTION
        "This notification would be sent when SSLVPN tunnel gets
        created."
   ::= { ciscoSslvpnMIBNotifs 2 }

csslvpnTunnelDownNotif NOTIFICATION-TYPE
    OBJECTS         {
                        csslvpnSessionUser,
                        csslvpnSessionTunnelIpAddrType,
                        csslvpnSessionTunnelIpAddr,
                        csslvpnSessionTunnelNetmask
                    }
    STATUS          current
    DESCRIPTION
        "This notification would be sent when SSLVPN tunnel tears
        down."
   ::= { ciscoSslvpnMIBNotifs 3 }
-- Conformance

ciscoSslvpnMIBCompliances  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIBConform 1 }

ciscoSslvpnMIBGroups  OBJECT IDENTIFIER
    ::= { ciscoSslvpnMIBConform 2 }


ciscoSslvpnMIBCompliance MODULE-COMPLIANCE
    STATUS          current
    DESCRIPTION
        "The compliance statement for entities which
        implement CISCO-SSLVPN-MIB."
    MODULE          -- this module
    MANDATORY-GROUPS {
                        csslvpnGlobalSessionGroup,
                        csslvpnStatisticsGroup,
                        csslvpnSessionGroup,
                        csslvpnNotificationGroup,
                        csslvpnNotificationControlGroup
                    }

    OBJECT          csslvpnNotificationEnable
    MIN-ACCESS      read-only
    DESCRIPTION
        "Write access is not required."
    ::= { ciscoSslvpnMIBCompliances 1 }

-- Units of Conformance

csslvpnGlobalSessionGroup OBJECT-GROUP
    OBJECTS         {
                        csslvpnMaxSessionAllowed,
                        csslvpnActiveSessions,
                        csslvpnPeakSessions
                    }
    STATUS          current
    DESCRIPTION
        "A collection of objects providing management information
        for global SSLVPN session statistics."
    ::= { ciscoSslvpnMIBGroups 1 }

csslvpnStatisticsGroup OBJECT-GROUP
    OBJECTS         {
                        csslvpnInControlPackets,
                        csslvpnInDataPackets,
                        csslvpnOutControlPackets,
                        csslvpnOutDataPackets,
                        csslvpnAuthFailures,
                        csslvpnConnectFailures,
                        csslvpnReconnectFailures,
                        csslvpnDpdTimeouts,
                        csslvpnAuthRequests,
                        csslvpnAuthResponses,
                        csslvpnInDpdRequests,
                        csslvpnOutDpdRequests,
                        csslvpnInDpdResponses,
                        csslvpnOutDpdResponses
                    }
    STATUS          current
    DESCRIPTION
        "A collection of objects providing management information
        for global SSLVPN statistics."
    ::= { ciscoSslvpnMIBGroups 2 }

csslvpnSessionGroup OBJECT-GROUP
    OBJECTS         {
                        csslvpnSessionUser,
                        csslvpnSessionProfile,
                        csslvpnSessionPolicy,
                        csslvpnSessionClientIpAddrType,
                        csslvpnSessionClientIpAddr,
                        csslvpnSessionTunnelIpAddrType,
                        csslvpnSessionTunnelIpAddr,
                        csslvpnSessionTunnelNetmask,
                        csslvpnSessionNumConnections,
                        csslvpnSessionRxPackets,
                        csslvpnSessionTxPackets,
                        csslvpnSessionRxBytes,
                        csslvpnSessionTxBytes,
                        csslvpnSessionLastUsed,
                        csslvpnSessionCreated
                    }
    STATUS          current
    DESCRIPTION
        "A collection of objects providing management information
        for SSLVPN sessions."
    ::= { ciscoSslvpnMIBGroups 3 }

csslvpnNotificationGroup NOTIFICATION-GROUP
   NOTIFICATIONS    {
                        csslvpnSessionLimitNotif,
                        csslvpnTunnelUpNotif,
                        csslvpnTunnelDownNotif
                    }
    STATUS          current
    DESCRIPTION
        "A collection of SSLVPN notifications."
    ::= { ciscoSslvpnMIBGroups 4 }

csslvpnNotificationControlGroup OBJECT-GROUP
    OBJECTS         { csslvpnNotificationEnable }
    STATUS          current
    DESCRIPTION
        "A collection of objects providing control on the
        generation of SSLVPN notifications."
    ::= { ciscoSslvpnMIBGroups 5 }

END





























































































































































































