To configure SNMP notifications for IPsec:
Step
1.
Enter system view
2.
Enable SNMP notifications
for IPsec globally.
3.
Enable SNMP notifications
for the specified failure or
event types.
Displaying and maintaining IPsec
Execute display commands in any view and reset commands in user view.
Task
Display IPsec policy information.
Display IPsec policy template information.
Display IPsec profile information.
Display IPsec transform set information.
Display IPsec SA information.
Display IPsec statistics.
Display IPsec tunnel information.
Clear IPsec SAs.
Clear IPsec statistics.
Command
system-view
snmp-agent trap enable ipsec global
snmp-agent trap enable ipsec
[ auth-failure | decrypt-failure |
encrypt-failure | invalid-sa-failure |
no-sa-failure | policy-add |
policy-attach | policy-delete |
policy-detach | tunnel-start |
tunnel-stop ] *
Command
display ipsec { ipv6-policy | policy } [ policy-name
[ seq-number ] ]
display ipsec { ipv6-policy-template | policy-template }
[ template-name [ seq-number ] ]
display ipsec profile [ profile-name ]
display ipsec transform-set [ transform-set-name ]
display ipsec sa [ brief | count | interface interface-type
interface-number | { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote [ ipv6 ]
ip-address ]
display ipsec statistics [ tunnel-id tunnel-id ]
display ipsec tunnel { brief | count | tunnel-id tunnel-id }
reset ipsec sa [ { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote
{ ipv4-address | ipv6 ipv6-address } | spi { ipv4-address |
ipv6 ipv6-address } { ah | esp } spi-num ]
reset ipsec statistics [ tunnel-id tunnel-id ]
271
Remarks
N/A
By default, SNMP notifications for
IPsec are disabled.
By default, SNMP notifications for
all failure and event types are
disabled.