-- =============================================================================
-- Copyright (C) 2009 by HUAWEI SYMANTEC TECHNOLOGIES. All rights reserved.  
-- Description: The MIB is designed to get IPSec tunnels' statistic information. 
-- Reference: Huawei Enterprise MIB
-- Version: 1.0
-- History: 
--          V1.0 The initial version created by LiShengbai 90004270. 
-- =============================================================================

HUAWEI-SECURITY-IPSEC-MIB DEFINITIONS ::= BEGIN
 
	IMPORTS
	        Gauge32, IpAddress, Counter64, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
	             FROM SNMPv2-SMI
	        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
	             FROM SNMPv2-CONF
	        enterprises
	             FROM RFC1155-SMI; 

	            
	hwIpsec MODULE-IDENTITY 
	        LAST-UPDATED "200910100900Z"        -- October 10, 2009 at 09:00 GMT
	        ORGANIZATION 
	            "Huawei Symantec Technologies Co., Ltd."
	        CONTACT-INFO 
	            "3rd Floor,Section D, Keshi Building, No.28, Xinxi Rd., Shangdi,
	             Hai-Dian District Beijing P.R. China
	             Zip:100085
	             Http://www.huaweisymantec.com
	            "
	        DESCRIPTION 
	            "V1.00 The IPSec mib is for Eudemon and USG product series."
	        ::= { hwSecurity 26 }
		
-- ===============================================
-- Node definitions
-- ===============================================
	    
	-- 1.3.6.1.4.1.2011
	huawei OBJECT IDENTIFIER ::= { enterprises 2011 }
	
	-- 1.3.6.1.4.1.2011.6
	huaweiUtility OBJECT IDENTIFIER ::= { huawei 6 }
	
	-- 1.3.6.1.4.1.2011.6.122
	hwSecurity OBJECT IDENTIFIER ::= { huaweiUtility 122 }     
		
-- ===============================================
-- Begin the hwIPSecGlobalStats.
-- ===============================================

	hwIPSecGlobalStats OBJECT IDENTIFIER ::= { hwIpsec 1 }
        
	hwIPSecGlobalTotal OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Total number of IPSec tunnels."
		::= { hwIPSecGlobalStats 1 }
		
	hwIPSecGlobalPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received security packets."
		::= { hwIPSecGlobalStats 2 }   
	
	hwIPSecGlobalPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent security packets."
		::= { hwIPSecGlobalStats 3 }   
		
	hwIPSecGlobalByteInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of received security packets."
		::= { hwIPSecGlobalStats 4 }
                                      
	hwIPSecGlobalByteOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of sent security packets."
		::= { hwIPSecGlobalStats 5 }
                          
	hwIPSecGlobalDroppedPacketInput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets that are received."
		::= { hwIPSecGlobalStats 6 }
		
	hwIPSecGlobalDroppedPacketOutput OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets that are sent."
		::= { hwIPSecGlobalStats 7 } 
		
	hwIPSecGlobalEncIntactPacket OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets that do not need to be fragmented."
		::= { hwIPSecGlobalStats 8 }   
		
	hwIPSecGlobalEncPacketFirstSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of initial packets to be encrypted."
		::= { hwIPSecGlobalStats 9 } 
		
	hwIPSecGlobalEncPacketAfterSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of follow-up packets to be encrypted."
		::= { hwIPSecGlobalStats 10 }  
		
	hwIPSecGlobalDecPacketReassFirstSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of initial packets that are fragmented and assembled."
		::= { hwIPSecGlobalStats 11 }   
		
	hwIPSecGlobalDecPacketReassAfterSlice OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of follow-up packets that are fragmented and assembled."
		::= { hwIPSecGlobalStats 12 } 
		
	hwIPSecGlobalDecPacketReassLenErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets with incorrect length during reassembling."
		::= { hwIPSecGlobalStats 13 } 
		
	hwIPSecGlobalPacketHeaderWrong OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the packet header error."
		::= { hwIPSecGlobalStats 14 }  
		
	hwIPSecGlobalMemoryApplyFail OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by memory applying failure."
		::= { hwIPSecGlobalStats 15 } 
		
	hwIPSecGlobalCannotFindSA OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by no matched security associations."
		::= { hwIPSecGlobalStats 16 } 
		
	hwIPSecGlobalWrongSA OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by incorrect security associations."
		::= { hwIPSecGlobalStats 17 }  
		
	hwIPSecGlobalBadAuthentication OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the authentication failure."
		::= { hwIPSecGlobalStats 18 }
		
	hwIPSecGlobalReplay OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the packet replay."
		::= { hwIPSecGlobalStats 19 } 
		
	hwIPSecGlobalPreRecheckErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the pre-check failure."
		::= { hwIPSecGlobalStats 20 }  
		
	hwIPSecGlobalPostRecheckErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the post-check failure"
		::= { hwIPSecGlobalStats 21 } 
		
	hwIPSecGlobalExceedByteLimit OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the exceeding of the byte limit."
		::= { hwIPSecGlobalStats 22 }   
		
	hwIPSecGlobalExceedPacketLimit OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the exceeding of the packet limit."
		::= { hwIPSecGlobalStats 23 }  
		
	hwIPSecGlobalProcessIpv4Err OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the plain-text forwarding failure."
		::= { hwIPSecGlobalStats 24 } 
		
	hwIPSecGlobalFibSearchErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of discarded packets caused by the route check failure."
		::= { hwIPSecGlobalStats 25 }   
		
	hwIPSecGlobalIKEInboundOK OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received IKE negotiation packets that successfully enter the queue."
		::= { hwIPSecGlobalStats 26 }  
		
	hwIPSecGlobalIKEInboundErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received IKE negotiation packets that fail to enter the queue."
		::= { hwIPSecGlobalStats 27 }  
		
	hwIPSecGlobalIKEOutboundOK OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent IKE negotiation packets that successfully enter the queue."
		::= { hwIPSecGlobalStats 28 }  
		
	hwIPSecGlobalIKEOutboundErr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent IKE negotiation packets that fail to enter the queue."
		::= { hwIPSecGlobalStats 29 } 
		
	hwIPSecGlobalSoftExpr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Soft timeout times."
		::= { hwIPSecGlobalStats 30 } 
		
	hwIPSecGlobalHardExpr OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Hard timeout times."
		::= { hwIPSecGlobalStats 31 } 
		
	hwIPSecGlobalDPDOper OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"DPD operation and detection times."
		::= { hwIPSecGlobalStats 32 }  
		
	hwIPSecGlobalModpCnt OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Modular exponentiation calculation."
		::= { hwIPSecGlobalStats 33 }
		
	hwIPSecGlobalSaeSucc OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"SAE computing success."
		::= { hwIPSecGlobalStats 34 } 
		
	hwIPSecGlobalSoftwareSucc OBJECT-TYPE
		SYNTAX Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Software computing success."
		::= { hwIPSecGlobalStats 35 }


-- ===============================================
-- Begin the table of hwIPSecTunnelConfigTable.
-- ===============================================
				    
    	-- 1.3.6.1.4.1.2011.6.122.26.2
	hwIPSecTunnelConfigTable OBJECT-TYPE
   		SYNTAX SEQUENCE OF HwIPSecTunnelConfigEntry
   		MAX-ACCESS not-accessible
   		STATUS current
   		DESCRIPTION
   			"This table specifies the configuration attributes for Huawei IPSec tunnel."   
   		::= { hwIpsec 2 }

	-- 1.3.6.1.4.1.2011.6.122.26.2.1
	hwIPSecTunnelConfigEntry OBJECT-TYPE
		SYNTAX HwIPSecTunnelConfigEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
    		"Each entry in the hwIPSecTunnelConfigTable holds a set of monitoring configuration parameters associated with an instance of IPSec tunnel."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum, hwIPSecTunnelIndex }
		::= { hwIPSecTunnelConfigTable 1 }

	HwIPSecTunnelConfigEntry ::=
		SEQUENCE { 
    			hwIPSecIfIndex
        			Gauge32,
    			hwIPSecTunnelPolicyNum
        			Gauge32,  
        		hwIPSecTunnelIndex
        			Gauge32,
	            	hwIPSecTunnelRuleId
        			Gauge32,
        		hwIPSecTunnelDstIP
        			IpAddress,     
	            	hwIPSecTunnelInsideIP
        			IpAddress,
        		hwIPSecTunnelRemotePort
        			Gauge32,
        	        hwIPSecTunnelCpuID
        			Gauge32, 
        		hwIPSecTunnelEncapMode
        			INTEGER,
        		hwIPSecTunnelNatTraver
        			INTEGER,
        		hwIPSecTunnelFromIKEV2 
        			INTEGER,
        		hwIPSecTunnelEncryptMode   
        			Gauge32,
        		hwIPSecTunnelESPDigestMode  
        			Gauge32,
        		hwIPSecTunnelAHDigestMode
        			Gauge32,
        		hwIPSecTunnelProto
        			Gauge32,
        		hwIPSecTunnelOutPortIndex
        			Gauge32,
        		hwIPSecTunnelSrcPort
        			Gauge32,
        		hwIPSecTunnelDstPort
        			Gauge32,
        		hwIPSecTunnelVrfIndex
        			Gauge32,
        		hwIPSecTunnelIfVrfIndex
        			Gauge32,
        		hwIPSecTunnelSrcIP
        			IpAddress,
        		hwIPSecTunnelSpeedLimitIn
        			Gauge32,
        		hwIPSecTunnelSpeedLimitOut
        			Gauge32,
           		hwIPSecTunnelInitiator
        			INTEGER,
        		hwIPSecTunnelLifeSize
        			Gauge32,
        		hwIPSecTunnelLifeTime
        			Gauge32,
        		hwIPSecTunnelPolicyName
        			OCTET STRING, 	
        		hwIPSecTunnelSaStatus
        	    	INTEGER 
 			}

	-- 1.3.6.1.4.1.2011.6.122.26.2.1.1
    	hwIPSecIfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Index of the router interface corresponding to the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 1 }
    
    	hwIPSecTunnelPolicyNum OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"ID of the ACL rule in the current IPSec policy."
        	::= { hwIPSecTunnelConfigEntry 2 }
        	
        hwIPSecTunnelIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS accessible-for-notify
        	STATUS current
        	DESCRIPTION
            		"Index of the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 3 }
                                
    	hwIPSecTunnelRuleId OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"ID of the ACL rule in the current IPSec policy."
        	::= { hwIPSecTunnelConfigEntry 4 }
   
    	hwIPSecTunnelDstIP OBJECT-TYPE
        	SYNTAX IpAddress 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Destination IP address of the tunnel (peer end)."
        	::= { hwIPSecTunnelConfigEntry 5 }
    
    	hwIPSecTunnelInsideIP OBJECT-TYPE
        	SYNTAX IpAddress 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Intranet IP address of the peer end during remote access."
        	::= { hwIPSecTunnelConfigEntry 6 }
    
    	hwIPSecTunnelRemotePort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Port number of the peer end of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 7 }	     
                                            
    	hwIPSecTunnelCpuID OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"CPU ID of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 8 }  
   
    	hwIPSecTunnelEncapMode OBJECT-TYPE
        	SYNTAX INTEGER {
                    tunnel(0),
                    transport(1)
                    } 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Encapsulation mode of the tunnel (tunneling mode or transmission mode)."
        	::= { hwIPSecTunnelConfigEntry 9 }   
    
    	hwIPSecTunnelNatTraver OBJECT-TYPE
        	SYNTAX INTEGER {
                    noNatTraversal(0),
                    natTraversal(1)
                    }  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Whether the tunnel needs NAT traversal (If yes, the value is 1.)."
        	::= { hwIPSecTunnelConfigEntry 10 }

    	hwIPSecTunnelFromIKEV2 OBJECT-TYPE
        	SYNTAX INTEGER {
                    noIkev2(0),
                    ikev2(1)
                    } 
        	MAX-ACCESS read-only
        	STATUS current                    
        	DESCRIPTION
            		"Whether the tunnel adopts IKEv2 (If yes, the value is 1.)."
        	::= { hwIPSecTunnelConfigEntry 11 }

    	hwIPSecTunnelEncryptMode OBJECT-TYPE      
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Encryption mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 12 }

    	hwIPSecTunnelESPDigestMode OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"ESP check mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 13 }

    	hwIPSecTunnelAHDigestMode OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"AH check mode of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 14 }

    	hwIPSecTunnelProto OBJECT-TYPE
        	SYNTAX Gauge32  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Protocol of the tunnel (ESP or AH, or both)."
        	::= { hwIPSecTunnelConfigEntry 15 }

    	hwIPSecTunnelOutPortIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Index of the egress of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 16 }

    	hwIPSecTunnelSrcPort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Indicates the source port number if NAT traversal is adopted."
        	::= { hwIPSecTunnelConfigEntry 17 }

    	hwIPSecTunnelDstPort OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Indicates the destination port number if NAT traversal is adopted."
        	::= { hwIPSecTunnelConfigEntry 18 }

    	hwIPSecTunnelVrfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"VPN ID protected by the tunnel."
        	::= { hwIPSecTunnelConfigEntry 19 }

    	hwIPSecTunnelIfVrfIndex OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"VPN ID of the sending interface of the tunnel."
        	::= { hwIPSecTunnelConfigEntry 20 }

    	hwIPSecTunnelSrcIP OBJECT-TYPE
        	SYNTAX IpAddress 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Source IP address of the tunnel (local end)."
        	::= { hwIPSecTunnelConfigEntry 21 }

    	hwIPSecTunnelSpeedLimitIn OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Rate limiting pre-configured in the incoming direction."
        	::= { hwIPSecTunnelConfigEntry 22 }

    	hwIPSecTunnelSpeedLimitOut OBJECT-TYPE
        	SYNTAX Gauge32 
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Rate limiting pre-configured in the outgoing direction."
        	::= { hwIPSecTunnelConfigEntry 23 }

    	hwIPSecTunnelInitiator OBJECT-TYPE
        	SYNTAX INTEGER {
                    responder(0),
                    ikev2Initiator(1),
                    ikev1Initiator(2)
                    }   
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Initiator or responder of the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 24 }

    	hwIPSecTunnelLifeSize OBJECT-TYPE
        	SYNTAX Gauge32 (8000..4194303)
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Life cycle of the IPSec tunnel (in kbytes)."
        	::= { hwIPSecTunnelConfigEntry 25 }

    	hwIPSecTunnelLifeTime OBJECT-TYPE
        	SYNTAX Gauge32 (480..604800)
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Life cycle of the IPSec tunnel (in seconds)."
        	::= { hwIPSecTunnelConfigEntry 26 }

    	hwIPSecTunnelPolicyName OBJECT-TYPE
        	SYNTAX OCTET STRING (SIZE (1..255))
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Security policy for the IPSec tunnel."
        	::= { hwIPSecTunnelConfigEntry 27 }

    	hwIPSecTunnelSaStatus OBJECT-TYPE
        	SYNTAX INTEGER {
                    free(0),
                    ocuppied(1)
                    }  
        	MAX-ACCESS read-only
        	STATUS current
        	DESCRIPTION
            		"Status of the SA."
        	::= { hwIPSecTunnelConfigEntry 28 }
	     	        
-- ===============================================
-- Begin the table of hwIPSecTunnelStatsTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.3
	hwIPSecTunnelStatsTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecTunnelStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the status attributes for Huawei IPSec tunnel."   
		::= { hwIpsec 3 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.3.1
	hwIPSecTunnelStatsEntry OBJECT-TYPE
		SYNTAX HwIPSecTunnelStatsEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"Each entry in the hwIPSecTunnelConfigTable holds a set of monitoring status parameters associated with an instance of IPSec tunnel."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum, hwIPSecTunnelIndex }
		::= { hwIPSecTunnelStatsTable 1 }
	
	HwIPSecTunnelStatsEntry ::=
		SEQUENCE { 
			hwIPSecTunnelSaIDIn
				Gauge32,
			hwIPSecTunnelSaIDOut
				Gauge32,
			hwIPSecTunnelFlowSoftExpireIn
				Gauge32,
			hwIPSecTunnelFlowSoftExpireOut   
				Gauge32,
			hwIPSecTunnelFlowHardExpireIn  
				Gauge32,
			hwIPSecTunnelFlowHardExpireOut
				Gauge32,
			hwIPSecTunnelRemainTime
				Gauge32,
			hwIPSecTunnelRemainSize
				Gauge32,
			hwIPSecTunnelSpiIn
				Gauge32,
			hwIPSecTunnelSpiOut
				Gauge32,
			hwIPSecTunnelInSideSpiIn
				Gauge32,
			hwIPSecTunnelInSideSpiOut
				Gauge32,
			hwIPSecTunnelESPSequenceNumberIn
				Gauge32,
			hwIPSecTunnelESPSequenceNumberOut
				Gauge32,
		   	hwIPSecTunnellAHSequenceNumberIn
				Gauge32,
			hwIPSecTunnellAHSequenceNumberOut
				Gauge32,
		   	hwIPSecTunnelMemApplyFail
				Counter64,
			hwIPSecTunnelBadAuth 
				Counter64, 
			hwIPSecTunnelReplay
				Counter64,
			hwIPSecTunnelAfterReCheckErr
				Counter64, 
			hwIPSecTunnelPktDropByteLimitIn
				Counter64, 
			hwIPSecTunnelPktDropByteLimitOut
				Counter64,
			hwIPSecTunnelFIBSearchErr
				Counter64
			} 
	
	hwIPSecTunnelSaIDIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Index of the incoming IPSec tunnel."
		::= { hwIPSecTunnelStatsEntry 1 }   
	
	hwIPSecTunnelSaIDOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Index of the outgoing IPSec tunnel."
		::= { hwIPSecTunnelStatsEntry 2 }
	
	hwIPSecTunnelFlowSoftExpireIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming soft timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 3 }
	
	hwIPSecTunnelFlowSoftExpireOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing soft timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 4 }
	
	hwIPSecTunnelFlowHardExpireIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming hard timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 5 }
	
	hwIPSecTunnelFlowHardExpireOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing hard timeout traffic (in bytes)."
		::= { hwIPSecTunnelStatsEntry 6 }
	
	hwIPSecTunnelRemainTime OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Remaining time of the IPSec tunnel (in seconds)."
		::= { hwIPSecTunnelStatsEntry 7 }
	
	hwIPSecTunnelRemainSize OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Remaining bytes of the IPSec tunnel (in kbytes)."
		::= { hwIPSecTunnelStatsEntry 8 }
	
	hwIPSecTunnelSpiIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Incoming SPI."
		::= { hwIPSecTunnelStatsEntry 9 }
	
	hwIPSecTunnelSpiOut OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Outgoing SPI."
		::= { hwIPSecTunnelStatsEntry 10 }
	
	hwIPSecTunnelInSideSpiIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "SPI of the internal ESP header when both AH and ESP are adopted in the incoming direction."
		::= { hwIPSecTunnelStatsEntry 11 }
	
	hwIPSecTunnelInSideSpiOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "SPI of the internal ESP header when both AH and ESP are adopted in the outgoing direction."
		::= { hwIPSecTunnelStatsEntry 12 }
	
	hwIPSecTunnelESPSequenceNumberIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the incoming ESP protocol."
		::= { hwIPSecTunnelStatsEntry 13 }
	
	hwIPSecTunnelESPSequenceNumberOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the outgoing ESP protocol."
		::= { hwIPSecTunnelStatsEntry 14 }
	
	hwIPSecTunnellAHSequenceNumberIn OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the incoming AH protocol."
		::= { hwIPSecTunnelStatsEntry 15 }   
	
	hwIPSecTunnellAHSequenceNumberOut OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Serial number of the outgoing AH protocol."
		::= { hwIPSecTunnelStatsEntry 16 }
	
	hwIPSecTunnelMemApplyFail OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets because packets to be encrypted are too long."
		::= { hwIPSecTunnelStatsEntry 17 }
	
	hwIPSecTunnelBadAuth OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the authentication failure of received packets."
		::= { hwIPSecTunnelStatsEntry 18 }
	
	hwIPSecTunnelReplay OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by receiving replayed packets."
		::= { hwIPSecTunnelStatsEntry 19 }  
	
	hwIPSecTunnelAfterReCheckErr OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the decryption  post-check failure."
		::= { hwIPSecTunnelStatsEntry 20 }
	
	hwIPSecTunnelPktDropByteLimitIn OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the exceeding the byte limit in the incoming direction."
		::= { hwIPSecTunnelStatsEntry 21 }
	    
	hwIPSecTunnelPktDropByteLimitOut OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the exceeding of the byte limit in the outgoing direction."
		::= { hwIPSecTunnelStatsEntry 22 }    
		    
	hwIPSecTunnelFIBSearchErr OBJECT-TYPE
		SYNTAX Counter64 
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		    "Number of discarded packets caused by the route check failure."
		::= { hwIPSecTunnelStatsEntry 23 }
	    
-- ===============================================
-- Begin the table of hwIPSecSaStatisticTable.
-- ===============================================
				    
	-- 1.3.6.1.4.1.2011.6.122.26.4
	hwIPSecSaStatisticTable OBJECT-TYPE
		SYNTAX SEQUENCE OF HwIPSecSaStatisticEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"This table specifies the SA numbers of policies which have been bound with interfaces."   
		::= { hwIpsec 4 }
	
	-- 1.3.6.1.4.1.2011.6.122.26.4.1
	hwIPSecSaStatisticEntry OBJECT-TYPE
		SYNTAX HwIPSecSaStatisticEntry
		MAX-ACCESS not-accessible
		STATUS current
		DESCRIPTION
			"."
		INDEX { hwIPSecIfIndex, hwIPSecTunnelPolicyNum }
		::= { hwIPSecSaStatisticTable 1 }
	
	HwIPSecSaStatisticEntry ::=
		SEQUENCE { 
			hwIPSecSaStatisticTunnelPolicyName
				OCTET STRING,
			hwIPSecSaStatisticSaInCnt
				Gauge32, 
			hwIPSecSaStatisticSaOutCnt
				Gauge32,   
			hwIPSecTunnelByteInput
				Gauge32,
			hwIPSecTunnelByteOutput
				Gauge32,
			hwIPSecTunnelPacketInput
				Gauge32,
			hwIPSecTunnelPacketOutput
				Gauge32,
			hwIPSecTunnelDroppedPacketInput
				Gauge32,
			hwIPSecTunnelDroppedPacketOutput
				Gauge32,
			hwIPSecTunnelDialUserCount
				Gauge32
			} 
   	        	
	hwIPSecSaStatisticTunnelPolicyName OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..255))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Security policy for the IPSec tunnel."
		::= { hwIPSecSaStatisticEntry 1 }    
	
	hwIPSecSaStatisticSaInCnt OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Incoming SA number."
		::= { hwIPSecSaStatisticEntry 2 }
	
	hwIPSecSaStatisticSaOutCnt OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Outgoing SA number."
		::= { hwIPSecSaStatisticEntry 3 }
		
	hwIPSecTunnelByteInput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of received security packets"
		::= { hwIPSecSaStatisticEntry 4 }
		
	hwIPSecTunnelByteOutput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes of sent security packets"
		::= { hwIPSecSaStatisticEntry 5 }
		
	hwIPSecTunnelPacketInput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of received security packets"
		::= { hwIPSecSaStatisticEntry 6 }
		
	hwIPSecTunnelPacketOutput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of sent security packets"
		::= { hwIPSecSaStatisticEntry 7 }
		
	hwIPSecTunnelDroppedPacketInput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets received but discarded by the IPSec tunnel"
		::= { hwIPSecSaStatisticEntry 8 }
		
	hwIPSecTunnelDroppedPacketOutput OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of packets encrypted but discarded by the IPSec tunnel"
		::= { hwIPSecSaStatisticEntry 9 }
		
	hwIPSecTunnelDialUserCount OBJECT-TYPE
		SYNTAX Gauge32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of remote access users"
		::= { hwIPSecSaStatisticEntry 10 }

 	        
-- ===============================================
-- IPSecTrapObject.
-- ===============================================
 
	hwIPSecTrapObject OBJECT IDENTIFIER ::= { hwIpsec 5 }
	
	hwIPSecTrapTunnelPolicyNum OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"ID of the ACL rule in the current IPSec policy."
		::= { hwIPSecTrapObject 1 }     
	
	hwIPSecTrapIfIndex OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
	 	STATUS current
		DESCRIPTION
	    		"Index of the router interface corresponding to the IPSec tunnel."
		::= { hwIPSecTrapObject 2 }  
	
	hwIPSecTrapTunnelPolicyName OBJECT-TYPE
		SYNTAX OCTET STRING (SIZE (1..255))
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"Security policy for the IPSec tunnel."
		::= { hwIPSecTrapObject 3 }   
		
	hwIPSecNegoFailReason OBJECT-TYPE
		SYNTAX Gauge32 
		MAX-ACCESS accessible-for-notify
		STATUS current
		DESCRIPTION
	    		"Reason of an unsuccessful negotiation"
		::= { hwIPSecTrapObject 4 }     
	        
-- ===============================================
-- definition of traps.      
-- ===============================================

        hwIPSecNotifications OBJECT IDENTIFIER ::= { hwIpsec 6 }
		                                
        hwIPSecTunnelStart NOTIFICATION-TYPE
		OBJECTS { 
			  hwIPSecIfIndex,
			  hwIPSecTunnelPolicyNum,  
			  hwIPSecTunnelIndex,
			  hwIPSecTunnelRuleId,
			  hwIPSecTunnelDstIP,
			  hwIPSecTunnelInsideIP,
			  hwIPSecTunnelRemotePort,
			  hwIPSecTunnelCpuID,
			  hwIPSecTunnelSrcIP,
			  hwIPSecTunnelLifeSize,
			  hwIPSecTunnelLifeTime    
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when the IPSec tunnel is established."
		::= { hwIPSecNotifications 1 }
		
        hwIPSecTunnelStop NOTIFICATION-TYPE
		OBJECTS { 
			  hwIPSecIfIndex,
			  hwIPSecTunnelPolicyNum, 
			  hwIPSecTunnelIndex,
			  hwIPSecTunnelRuleId,
			  hwIPSecTunnelDstIP,
			  hwIPSecTunnelInsideIP,
			  hwIPSecTunnelRemotePort,
			  hwIPSecTunnelCpuID,
			  hwIPSecTunnelSrcIP 
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when the IPSec tunnel is deleted."
		::= { hwIPSecNotifications 2 }   
		                
        hwIPSecPolicyAdd NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapTunnelPolicyNum,                    
		          hwIPSecTrapTunnelPolicyName
		        }
		STATUS     current
		DESCRIPTION
		    "Send the message when an IPSec policy is added."
		::= { hwIPSecNotifications 3 }
		
	hwIPSecPolicyDel NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapTunnelPolicyNum,                    
		          hwIPSecTrapTunnelPolicyName
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is deleted."
		::= { hwIPSecNotifications 4 }
		
	hwIPSecPolicyAttach NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapIfIndex,                    
		          hwIPSecTrapTunnelPolicyName
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is applied to an interface."
		::= { hwIPSecNotifications 5 }   
		
	hwIPSecPolicyDetach NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapIfIndex,                    
		          hwIPSecTrapTunnelPolicyName
		        }
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec policy is cancelled on an interface."
		::= { hwIPSecNotifications 6 }
		
	hwIPSecIKEReset NOTIFICATION-TYPE
		STATUS     current
		DESCRIPTION
		     "Send the message when an IKE SA is reset ."
		::= { hwIPSecNotifications 7 }	     
		
	hwIPSecIPSecReset NOTIFICATION-TYPE
		STATUS     current
		DESCRIPTION
		     "Send the message when an IPSec SA is reset ."
		::= { hwIPSecNotifications 8 }	    
		
	hwIPSecNegoFail NOTIFICATION-TYPE
		OBJECTS {
		          hwIPSecTrapIfIndex,                    
		          hwIPSecTrapTunnelPolicyNum,
		          hwIPSecNegoFailReason
		        }
		STATUS     current
		DESCRIPTION
		    "The alarm is generated when the IPSec tunnel negotiation fails."
		::= { hwIPSecNotifications 9 }          
		        
-- ===============================================
-- Conformance Information             
-- ===============================================

	hwIPSecMibConformance OBJECT IDENTIFIER ::= { hwIpsec 7 }
	
	hwIPSecMibCompliances OBJECT IDENTIFIER ::= { hwIPSecMibConformance 1 }
	
	hwIPSecMibGroups OBJECT IDENTIFIER ::= { hwIPSecMibConformance 2 }
		
		
-- ===============================================
-- Compliance Statements             
-- ===============================================	
	
         hwIPSecMibCompliance MODULE-COMPLIANCE
		 STATUS current
		 DESCRIPTION 
			" "
		 MODULE -- this module
		 MANDATORY-GROUPS 
			{ 
			hwIPSecGlobalStatsGroup,
			hwIPSecTunnelConfigTableGroup,
			hwIPSecTunnelStatsTableGroup,  
			hwIPSecSaStatisticTableGroup,
			hwIPSecTrapObjectGroup,
			hwIPSecNotificationsGroup
			}
		::= { hwIPSecMibCompliances 1 }   
			  
	    hwIPSecGlobalStatsGroup OBJECT-GROUP
		OBJECTS { 
			hwIPSecGlobalTotal,
			hwIPSecGlobalPacketInput,
			hwIPSecGlobalPacketOutput,
			hwIPSecGlobalByteInput,
			hwIPSecGlobalByteOutput,
			hwIPSecGlobalDroppedPacketInput, 
			hwIPSecGlobalDroppedPacketOutput,
			hwIPSecGlobalEncIntactPacket,
			hwIPSecGlobalEncPacketFirstSlice,
			hwIPSecGlobalEncPacketAfterSlice,
			hwIPSecGlobalDecPacketReassFirstSlice,
			hwIPSecGlobalDecPacketReassAfterSlice,
			hwIPSecGlobalDecPacketReassLenErr,
			hwIPSecGlobalPacketHeaderWrong,
			hwIPSecGlobalMemoryApplyFail,
			hwIPSecGlobalCannotFindSA,
			hwIPSecGlobalWrongSA,
			hwIPSecGlobalBadAuthentication,
			hwIPSecGlobalReplay,
			hwIPSecGlobalPreRecheckErr,
			hwIPSecGlobalPostRecheckErr,
			hwIPSecGlobalExceedByteLimit,
			hwIPSecGlobalExceedPacketLimit,
			hwIPSecGlobalProcessIpv4Err,
			hwIPSecGlobalFibSearchErr,
			hwIPSecGlobalIKEInboundOK,
			hwIPSecGlobalIKEInboundErr,
			hwIPSecGlobalIKEOutboundOK,
			hwIPSecGlobalIKEOutboundErr,
			hwIPSecGlobalSoftExpr,
			hwIPSecGlobalHardExpr,
			hwIPSecGlobalDPDOper,
			hwIPSecGlobalModpCnt,
			hwIPSecGlobalSaeSucc,
			hwIPSecGlobalSoftwareSucc						
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the  global statistics information for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 1 }			     

	    hwIPSecTunnelConfigTableGroup OBJECT-GROUP
		OBJECTS { 
			hwIPSecTunnelRuleId,
			hwIPSecTunnelDstIP,
			hwIPSecTunnelInsideIP,
			hwIPSecTunnelRemotePort,
			hwIPSecTunnelCpuID,                            
			hwIPSecTunnelEncapMode,
			hwIPSecTunnelNatTraver,
			hwIPSecTunnelFromIKEV2,
			hwIPSecTunnelEncryptMode,
			hwIPSecTunnelESPDigestMode,
			hwIPSecTunnelAHDigestMode,
			hwIPSecTunnelProto,
			hwIPSecTunnelOutPortIndex,
			hwIPSecTunnelSrcPort,
			hwIPSecTunnelDstPort,
			hwIPSecTunnelVrfIndex,
			hwIPSecTunnelIfVrfIndex,
			hwIPSecTunnelSrcIP,
			hwIPSecTunnelSpeedLimitIn,
			hwIPSecTunnelSpeedLimitOut,
			hwIPSecTunnelInitiator,
			hwIPSecTunnelLifeSize,
			hwIPSecTunnelLifeTime,
			hwIPSecTunnelPolicyName,
			hwIPSecTunnelSaStatus      						
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the monitoring IPSec tunnel configuration attributes for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 2 }                    
		
	    hwIPSecTunnelStatsTableGroup OBJECT-GROUP
		OBJECTS {                       
			hwIPSecTunnelSaIDIn,
			hwIPSecTunnelSaIDOut,
			hwIPSecTunnelFlowSoftExpireIn,
			hwIPSecTunnelFlowSoftExpireOut,
			hwIPSecTunnelFlowHardExpireIn,
			hwIPSecTunnelFlowHardExpireOut,
			hwIPSecTunnelRemainTime,
			hwIPSecTunnelRemainSize,
			hwIPSecTunnelSpiIn,
			hwIPSecTunnelSpiOut,
			hwIPSecTunnelInSideSpiIn,
			hwIPSecTunnelInSideSpiOut,
			hwIPSecTunnelESPSequenceNumberIn,
			hwIPSecTunnelESPSequenceNumberOut,
			hwIPSecTunnellAHSequenceNumberIn,
			hwIPSecTunnellAHSequenceNumberOut,
			hwIPSecTunnelMemApplyFail,
			hwIPSecTunnelBadAuth,
			hwIPSecTunnelReplay,
			hwIPSecTunnelAfterReCheckErr,
			hwIPSecTunnelPktDropByteLimitIn,
			hwIPSecTunnelPktDropByteLimitOut,
			hwIPSecTunnelFIBSearchErr      						
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the monitoring IPSec tunnel statistics attributes for
                         Huawei IPSec tunnel."
		::= { hwIPSecMibGroups 3 }

		
        hwIPSecSaStatisticTableGroup OBJECT-GROUP
		OBJECTS {                               
			hwIPSecSaStatisticTunnelPolicyName,
			hwIPSecSaStatisticSaInCnt,
			hwIPSecSaStatisticSaOutCnt,
			hwIPSecTunnelByteInput,
			hwIPSecTunnelByteOutput,
			hwIPSecTunnelPacketInput,
			hwIPSecTunnelPacketOutput,
			hwIPSecTunnelDroppedPacketInput,
			hwIPSecTunnelDroppedPacketOutput,
			hwIPSecTunnelDialUserCount
			}
		STATUS current
		DESCRIPTION 
			"This table specifies the SA numbers of policies which have been bound with interfaces."
		::= { hwIPSecMibGroups 4 }

		
	    hwIPSecTrapObjectGroup OBJECT-GROUP
		OBJECTS {                               
	           	hwIPSecTrapTunnelPolicyNum,
	           	hwIPSecTrapIfIndex,
	           	hwIPSecTrapTunnelPolicyName,
	           	hwIPSecNegoFailReason       						
			}
		STATUS current
		DESCRIPTION 
			"IPSec trap objects."
		::= { hwIPSecMibGroups 5 }    
		
		hwIPSecNotificationsGroup NOTIFICATION-GROUP
		NOTIFICATIONS
                        {                               
           		hwIPSecTunnelStart,
           		hwIPSecTunnelStop,
           		hwIPSecPolicyAdd,
           		hwIPSecPolicyDel,
           		hwIPSecPolicyAttach,
           		hwIPSecPolicyDetach,
           		hwIPSecIKEReset, 
           		hwIPSecIPSecReset, 
           		hwIPSecNegoFail
       		        }
		STATUS current
		DESCRIPTION 
			"IPSec traps."
		::= { hwIPSecMibGroups 6 }
		
			
	END
	