-- **********************************************************
-- Copyright 2018-2019 VMware, Inc.  All rights reserved.
-- **********************************************************

VMWARE-TUNNEL-SERVER-MIB DEFINITIONS ::= BEGIN

IMPORTS

    OBJECT-TYPE, Unsigned32, Gauge32, Counter64, MODULE-IDENTITY
        FROM SNMPv2-SMI
    MODULE-COMPLIANCE, OBJECT-GROUP
        FROM SNMPv2-CONF
    TEXTUAL-CONVENTION, DateAndTime, TruthValue
        FROM SNMPv2-TC
    vmwPerAppTunnel
        FROM VMWARE-ROOT-MIB
    VmwLongDisplayString
        FROM VMWARE-TC-MIB;


vmwTunnelServerMIB MODULE-IDENTITY
    LAST-UPDATED "201910300000Z"
    ORGANIZATION "VMware, Inc."
    CONTACT-INFO
		"VMware, Inc.
		3401 Hillview Ave
		Palo Alto, CA 94304
		Tel: 1-877-486-9273 or 650-427-5000
		Fax: 650-427-5001
		Web: https://kb.vmware.com/s/article/1013445
		"
    DESCRIPTION
        "This MIB file contains the definition of the SNMP
        interface of VMware Tunnel Server.
        
        VMware Tunnel is part of Workspace ONE by VMware:
        https://www.vmware.com/products/workspace-one.html
        
        For more information about VMware Tunnel, please see 
        Architecture->Tunnel in the latest documentation of
        VMware Workspace ONE UEM:
        https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/
        "

    REVISION     "201910300000Z"
    DESCRIPTION
        "Adding whitelist check failure counters"
    REVISION     "201808300000Z"
    DESCRIPTION
        "Initial revision"

    ::= { vmwPerAppTunnel 1 }


vmwTunnelServerStat OBJECT IDENTIFIER ::= { vmwTunnelServerMIB 1 }
vmwTunnelServerInfo OBJECT IDENTIFIER ::= { vmwTunnelServerMIB 2 }


--
-- Textual-Conventions
--


VmwTunnelUpDownState ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
        "Can hold one of the following values: 1 = up or 2 = down."
    SYNTAX  INTEGER { up(1), down(2) }

VmwTunnelCascadeModeState ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
        "Can hold one of the following values:
         1 = off, 2 = frontend or 3 = backend."
    SYNTAX  INTEGER { off(1), frontend(2), backend(3) }


--
-- Statistic Objects
--


vmwTunnelNumDevices OBJECT-TYPE
    SYNTAX      Gauge32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of devices currently connected."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 1 }

vmwTunnelNumDevicesPeak OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "High watermark of number of devices connected. 
         The is the greatest number of devices connected
         since Tunnel Server process restarted."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 2 }

vmwTunnelNumConnections OBJECT-TYPE
    SYNTAX      Gauge32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of connections currently connected to hosts."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 3 }

vmwTunnelNumConnectionsPeak OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "High watermark of number of connections to hosts.
         This is the greatest number of outbound connections
         to hosts since Tunnel Server process restarted."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 4 }

vmwTunnelDownstreamBitRate OBJECT-TYPE
    SYNTAX      Unsigned32
    UNITS       "kB/s"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Downstream bitrate of all traffic."
    ::= { vmwTunnelServerStat 20 }

vmwTunnelUpstreamBitRate OBJECT-TYPE
    SYNTAX      Unsigned32
    UNITS       "kB/s"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Upstream bitrate of all traffic."
    ::= { vmwTunnelServerStat 21 }

vmwTunnelNumProxies OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of proxies defined in traffic rules."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 40 }

vmwTunnelNumProxiesDown OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of proxies defined in traffic rules but
         currently unreachable."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 41 }

vmwTunnelNumTrafficRules OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of traffic rules defined."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 50 }

vmwTunnelNumWhiteListedDevices OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of white-listed devices."
    DEFVAL { 0 }
    ::= { vmwTunnelServerStat 60 }

vmwTunnelNumClosedHandshakes OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of TLS handshakes closed before authenticated.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 70 }

vmwTunnelNumFailedHandshakes OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of TLS handshakes failed authentication.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 71 }
    
vmwTunnelNumNotInWhitelist OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of devices failed to connect due to not in whitelist.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 72 }
    
vmwTunnelNumNonCompliant OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of devices failed to connect due to non-compliant
         status.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 73 }
    
vmwTunnelNumNonManaged OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of devices failed to connect due to non-managed
         status.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 74 }        

vmwTunnelNumDevicesSinceStart OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Number of device connections since process restart.
        
         Discontinuities in the value of this counter can occur at
         re-initialization of the Tunnel Server process."
    ::= { vmwTunnelServerStat 80 }


--
-- Information Objects
--


vmwTunnelServerVersion OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel server version."
    ::= { vmwTunnelServerInfo 1 }

vmwTunnelConsoleVersion OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Console server version."
    ::= { vmwTunnelServerInfo 2 }

vmwTunnelOperatingSystem OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel server machine operating system."
    ::= { vmwTunnelServerInfo 3 }

vmwTunnelAPIConnectivity OBJECT-TYPE
    SYNTAX      VmwTunnelUpDownState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel server to Console API connectivity."
    ::= { vmwTunnelServerInfo 10 }

vmwTunnelAWCMConnectivity OBJECT-TYPE
    SYNTAX      VmwTunnelUpDownState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel server to AWCM server connectivity."
    ::= { vmwTunnelServerInfo 11 }

vmwTunnelAPILastResponse OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Last HTTP response from Console API. 
         Value can be any HTTP response codes such as
         '200 OK', '401 Unauthorized' etc."
    ::= { vmwTunnelServerInfo 12 }

vmwTunnelAWCMLastResponse OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Last HTTP response from AWCM server.
         Value can be any HTTP response codes such as
         '200 OK', '401 Unauthorized' etc."
    ::= { vmwTunnelServerInfo 13 }

vmwTunnelAPILastSyncTime OBJECT-TYPE
    SYNTAX      DateAndTime
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The date and time the last Console API configuration
         was downloaded."
    ::= { vmwTunnelServerInfo 14 }

vmwTunnelAWCMLastSyncTime OBJECT-TYPE
    SYNTAX      DateAndTime
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The date and time the last AWCM message was received."
    ::= { vmwTunnelServerInfo 15 }

vmwTunnelProcessStartTime OBJECT-TYPE
    SYNTAX      DateAndTime
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The date and time the vpnserv process restarted."
    ::= { vmwTunnelServerInfo 20 }

vmwTunnelCascadeMode OBJECT-TYPE
    SYNTAX      VmwTunnelCascadeModeState
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel Server cascade mode."
    ::= { vmwTunnelServerInfo 30 }

vmwTunnelDeploymentMode OBJECT-TYPE
    SYNTAX      VmwLongDisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel Server deployment mode."
    ::= { vmwTunnelServerInfo 40 }

vmwTunnelTrafficRulesEnabled OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel Server traffic rules mode."
    ::= { vmwTunnelServerInfo 50 }

vmwTunnelFIPSEnabled OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel Server FIPS mode."
    ::= { vmwTunnelServerInfo 60 }

vmwTunnelNSXEnabled OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Tunnel Server to NSX integration. 
        
         See here for more details: 
         https://techzone.vmware.com/sites/default/files/
         vmware-tunnel-NSX-micro-segmentation-Integration.pdf"
    ::= { vmwTunnelServerInfo 70 }


--
-- Groups
--


vmwTunnelServerMIBConformance OBJECT IDENTIFIER 
    ::= { vmwTunnelServerMIB 3 }
vmwTunnelServerMIBCompliances OBJECT IDENTIFIER 
    ::= { vmwTunnelServerMIBConformance 1 }
vmwTunnelServerMIBGroups      OBJECT IDENTIFIER 
    ::= { vmwTunnelServerMIBConformance 2 }


vmwTunnelServerStatGroup OBJECT-GROUP
    OBJECTS {
        vmwTunnelNumDevices,
        vmwTunnelNumDevicesPeak,
        vmwTunnelNumConnections,
        vmwTunnelNumConnectionsPeak,
        vmwTunnelDownstreamBitRate,
        vmwTunnelUpstreamBitRate,
        vmwTunnelNumProxies,
        vmwTunnelNumProxiesDown,
        vmwTunnelNumTrafficRules,
        vmwTunnelNumWhiteListedDevices,
        vmwTunnelNumClosedHandshakes,
        vmwTunnelNumFailedHandshakes,
        vmwTunnelNumDevicesSinceStart
    }
    STATUS current
    DESCRIPTION
        "A collection of VMware Tunnel Server runtime values."
    ::= { vmwTunnelServerMIBGroups 1 }
	
	

vmwTunnelServerInfoGroup OBJECT-GROUP
    OBJECTS {
        vmwTunnelServerVersion,
        vmwTunnelConsoleVersion,
        vmwTunnelOperatingSystem,
        vmwTunnelAPIConnectivity,
        vmwTunnelAWCMConnectivity,
        vmwTunnelAPILastResponse,
        vmwTunnelAWCMLastResponse,
        vmwTunnelAPILastSyncTime,
        vmwTunnelAWCMLastSyncTime,
        vmwTunnelProcessStartTime,
        vmwTunnelCascadeMode,
        vmwTunnelDeploymentMode,
        vmwTunnelTrafficRulesEnabled,
        vmwTunnelFIPSEnabled,
        vmwTunnelNSXEnabled
    }
    STATUS current
    DESCRIPTION
        "A collection of VMware Tunnel Server runtime information."
    ::= { vmwTunnelServerMIBGroups 2 }


vmwTunnelServerStatGroup2 OBJECT-GROUP
    OBJECTS {
        vmwTunnelNumNotInWhitelist,
        vmwTunnelNumNonCompliant,
        vmwTunnelNumNonManaged
    }
    STATUS current
    DESCRIPTION
        "A collection of VMware Tunnel Server runtime values."
    ::= { vmwTunnelServerMIBGroups 3 }

--
-- Compliance
--


vmwTunnelServerMIBCompliance MODULE-COMPLIANCE
    STATUS     current
    DESCRIPTION
        "The compliance statement for VMware Tunnel Server SNMP
         interface."
    MODULE
        MANDATORY-GROUPS { vmwTunnelServerStatGroup, 
        vmwTunnelServerInfoGroup,
        vmwTunnelServerStatGroup2 }

    ::= { vmwTunnelServerMIBCompliances 1 }


END
