Configuring SNMP notifications for IPsec

After you enable SNMP notifications for IPsec, the IPsec module notifies the NMS of important module events. The notifications are sent to the device's SNMP module. You can configure the notification transmission parameters for the SNMP module to specify how the SNMP module displays notifications. For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.

To generate and output SNMP notifications for a specific IPsec failure or event type, perform the following tasks:

  1. Enable SNMP notifications for IPsec globally.

  2. Enable SNMP notifications for the failure or event type.

To configure SNMP notifications for IPsec:

Step

Command

Remarks

1. Enter system view

system-view

N/A

2. Enable SNMP notifications for IPsec globally.

snmp-agent trap enable ipsec global

By default, SNMP notifications for IPsec are disabled.

3. Enable SNMP notifications for the specified failure or event types.

snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | invalid-sa-failure | no-sa-failure | policy-add | policy-attach | policy-delete | policy-detach | tunnel-start | tunnel-stop ] *

By default, SNMP notifications for all failure and event types are disabled.