Configuring SNMP notifications for IPsec
After you enable SNMP notifications for IPsec, the IPsec module notifies the NMS of important module events. The notifications are sent to the device's SNMP module. You can configure the notification transmission parameters for the SNMP module to specify how the SNMP module displays notifications. For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
To generate and output SNMP notifications for a specific IPsec failure or event type, perform the following tasks:
Enable SNMP notifications for IPsec globally.
Enable SNMP notifications for the failure or event type.
To configure SNMP notifications for IPsec:
Step | Command | Remarks |
|---|---|---|
1. Enter system view | system-view | N/A |
2. Enable SNMP notifications for IPsec globally. | snmp-agent trap enable ipsec global | By default, SNMP notifications for IPsec are disabled. |
3. Enable SNMP notifications for the specified failure or event types. | snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | invalid-sa-failure | no-sa-failure | policy-add | policy-attach | policy-delete | policy-detach | tunnel-start | tunnel-stop ] * | By default, SNMP notifications for all failure and event types are disabled. |