Data Classes


Revision: 2000-08-17

The MIB module maps the IPSec entities created dynamically to the policy entities that caused them. This is an appendix to the IPSEC-MONITOR-MIB that has been proposed to IETF for monitoring IPSec based Virtual Private Networks.

Overview of Cisco IPsec Policy Map MIB

MIB description

There are two components to this MIB:
#1 a table that maps an IPSec Phase-1
tunnel to the Internet Security Association and Key Exchange (ISAKMP) Policy


#2 a table that maps an IPSec Phase-2
tunnel to the corresponding IPSec Policy element - called ‘cryptomaps’ - in IOS (Internet Operating System)
The first mappin (also called Internet Key Exchange
or IKE mapping) yields, given the index of

the IKE tunnel in the ikeTunnelTable (IPSEC-MONITOR-MIB), the ISAKMP policy definition defined using the CLI on the managed entity.

The IPSec mapping yields, given the index of the IPSec tunnel in the ipSecTunnelTable (IPSEC-MONITOR-MIB), the IPSec transform and the cryptomap definition that gave rise to this tunnel.

In implementation and usage, this MIB cannot exist independent of the IPSEC-MONITOR-MIB.