snmp-agent trap enable ipsec
Use snmp-agent trap enable ipsec command to enable SNMP notifications for IPsec.
Use undo snmp-agent trap enable ipsec command to disable SNMP notifications for IPsec.
Syntax
snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | global | invalid-sa-failure | no-sa-failure | policy-add | policy-attach | policy-delete | policy-detach | tunnel-start | tunnel-stop] *
undo snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | global | invalid-sa-failure | no-sa-failure | policy-add | policy-attach | policy-delete | policy-detach | tunnel-start | tunnel-stop] *
Default
All SNMP notifications for IPsec are disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
auth-failure: Specifies notifications about authentication failures.
decrypt-failure: Specifies notifications about decryption failures.
encrypt-failure: Specifies notifications about encryption failures.
global: Specifies notifications globally.
invalid-sa-failure: Specifies notifications about invalid-SA failures.
no-sa-failure: Specifies notifications about SA-not-found failures.
policy-add: Specifies notifications about events of adding IPsec policies.
policy-attach: Specifies notifications about events of applying IPsec policies to interfaces.
policy-delete: Specifies notifications about events of deleting IPsec policies.
policy-detach: Specifies notifications about events of removing IPsec policies from interfaces.
tunnel-start: Specifies notifications about events of creating IPsec tunnels.
tunnel-stop: Specifies notifications about events of deleting IPsec tunnels.
Usage guidelines
If you do not specify any keywords, this command enables or disables all SNMP notifications for IPsec.
To generate and output SNMP notifications for a specific IPsec failure type or event type, perform the following tasks:
Enable SNMP notifications for IPsec globally.
Enable SNMP notifications for the failure type or event type.
Examples
# Enable SNMP notifications for IPsec globally.
<Sysname> system-view [Sysname] snmp-agent trap enable ipsec global
# Enable SNMP notifications for events of creating IPsec tunnels.
[Sysname] snmp-agent trap enable ipsec tunnel-start