Smarts IP: How are IPsec and IKE Tunnels created and monitored in Smarts IP for Cisco devices?
search cancel

Smarts IP: How are IPsec and IKE Tunnels created and monitored in Smarts IP for Cisco devices?

book

Article ID: 327696

calendar_today

Updated On:

Products

VMware Smart Assurance

Environment

VMware Smart Assurance - SMARTS

Resolution

How are IPsec and IKE Tunnels created and monitored in Smarts IP for Cisco devices?



IPsec and IKE Tunnels are created and monitored in Smarts IP for Cisco devices as follows:

  • IPSec or IKE Tunnel interfaces are not created from the ifTable, but are instead created from the Vendor Specific MIB. 
     
    • For Cisco devices, IPSec or IKE Tunnel interfaces are created using cipSecTunnelEntry MIB (1.3.6.1.4.1.9.9.171.1.3.2.1). Smarts get the local and remote addresses from the MIB and the tunnel interface is created with that.
       
  • AdminStatus is hardcoded as UP while OperStatus is obtained from cipSecTunStatus OID (1.3.6.1.4.1.9.9.171.1.3.2.1.51).       


Additional Information

It is possible to suppress the discovery of IPSec / IKE tunnels by making "EnableIPSecDiscovery FALSE" in tpmgr-param.conf