CISCO-IPSEC-FLOW-MONITOR-MIB is not identifying all OID's

[cusvenus]

We imported CISCO-IPSEC-FLOW-MONITOR-MIB.my (http://tools.cisco.com/Support/SNMP/do/ ... ONITOR-MIB)

addmib CISCO-IPSEC-FLOW-MONITOR-MIB.my

CISCO-IPSEC-FLOW-MONITOR-MIB.txt

And I don't see in /etc/snmp/snmptt.conf

cikeTunRemoteValue cikeTunRemoteValue 1.3.6.1.4.1.9.9.171.1.2.3.1.7
cikeTunRemoteAddr cikeTunRemoteAddr 1.3.6.1.4.1.9.9.171.1.2.3.1.8
cikeTunRemoteName cikeTunRemoteName 1.3.6.1.4.1.9.9.171.1.2.3.1.9

however they are part of the MIB. I have imported the pre-reqs and restarted snmptt service

[Box293]

Can you try importing the MIB from the command line and report the errors:

Code: Select all

addmib /usr/share/snmp/mibs/CISCO-IPSEC-FLOW-MONITOR-MIB.txt

If you get a message saying it has already been added, run this command:

Code: Select all

sed -i '/MIB: CISCO-IPSEC-FLOW-MONITOR-MIB/d' /etc/snmp/snmptt.conf

Then run the addmib command above.

[cusvenus]

I have already added the mib but i don't see the OID's which are in mib file added to snmptt.conf

[cusvenus]

This is the tree I am interested in this MIB.

cikeTunnelEntry OBJECT-TYPE
SYNTAX CikeTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains the attributes associated with
an active IPsec Phase-1 IKE Tunnel."
INDEX { cikeTunIndex }
::= { cikeTunnelTable 1 }

CikeTunnelEntry ::= SEQUENCE {
cikeTunIndex Integer32,
cikeTunLocalType IkePeerType,
cikeTunLocalValue DisplayString,
cikeTunLocalAddr IPSIpAddress,
cikeTunLocalName DisplayString,
cikeTunRemoteType IkePeerType,
cikeTunRemoteValue DisplayString,
cikeTunRemoteAddr IPSIpAddress,
cikeTunRemoteName DisplayString,
cikeTunNegoMode IkeNegoMode,
cikeTunDiffHellmanGrp DiffHellmanGrp,
cikeTunEncryptAlgo EncryptAlgo,
cikeTunHashAlgo IkeHashAlgo,
cikeTunAuthMethod IkeAuthMethod,
cikeTunLifeTime Integer32,
cikeTunActiveTime TimeInterval,
cikeTunSaRefreshThreshold Integer32,
cikeTunTotalRefreshes Counter32,
cikeTunInOctets Counter32,
cikeTunInPkts Counter32,
cikeTunInDropPkts Counter32,
cikeTunInNotifys Counter32,
cikeTunInP2Exchgs Counter32,
cikeTunInP2ExchgInvalids Counter32,
cikeTunInP2ExchgRejects Counter32,
cikeTunInP2SaDelRequests Counter32,
cikeTunOutOctets Counter32,
cikeTunOutPkts Counter32,
cikeTunOutDropPkts Counter32,
cikeTunOutNotifys Counter32,
cikeTunOutP2Exchgs Counter32,
cikeTunOutP2ExchgInvalids Counter32,
cikeTunOutP2ExchgRejects Counter32,
cikeTunOutP2SaDelRequests Counter32,
cikeTunStatus TunnelStatus
}

[Box293]

I have already added the mib but i don't see the OID's which are in mib file added to snmptt.conf

I understand that, but can you please run the commands I requested and post the output.

[ssax]

I had to download the the other cisco MIBs from that page as well and then it added just fine for me but there isn't a trap defined in the MIB for those, they are just objects (values) that will be translated from the trap that contains that OID.

So as an example, you would could see a trap come in with an OID of .1.3.6.1.4.1.9.9.171.2.0.3 (which is in the MIB and /etc/snmp/snmptt.conf defined as a trap) but that same trap may contain those other OIDs you are looking for.

Does that make sense?

Thank you

[cusvenus]

ssax,

So we cannot create the TRAP for below items. Its our requirement for these OID's

cikeTunStatus 1.3.6.1.4.1.9.9.171.1.2.3.1.35
cikeTunLocalAddr cikeTunLocalAddr 1.3.6.1.4.1.9.9.171.1.2.3.1.4
cikeTunLocalName cikeTunLocalName 1.3.6.1.4.1.9.9.171.1.2.3.1.5
cikeTunRemoteType cikeTunRemoteType 1.3.6.1.4.1.9.9.171.1.2.3.1.6
cikeTunRemoteValue cikeTunRemoteValue 1.3.6.1.4.1.9.9.171.1.2.3.1.7
cikeTunRemoteAddr cikeTunRemoteAddr 1.3.6.1.4.1.9.9.171.1.2.3.1.8
cikeTunRemoteName cikeTunRemoteName 1.3.6.1.4.1.9.9.171.1.2.3.1.9

[tgriep]

Can the Cisco device send a trap for those OID's you are requesting?
If not, adding the entries to the snmptt.conf file will not work for you if the device never sends the trap.