WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

initial commit; version 22.5.12042

Browse Source
This commit is contained in:
Chris Hammer
2022-12-12 23:28:25 -05:00
commit af1b03d79f
17653 changed files with 22692970 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

949
mibs/cisco/CISCO-LWAPP-WAPI-MIB Normal file
View File

@ -0,0 +1,949 @@
--**********************************************
-- CISCO-LWAPP-WAPI-MIB
-- CISCO Private version for WAPI
-- Sunday, 05-23, 2010 at 00:00:00
--
--Copyright (c) 2010 by Cisco Systems Inc.
--ALL rights reserved
--*********************************************
CISCO-LWAPP-WAPI-MIB DEFINITIONS ::= BEGIN
IMPORTS
Counter32,
IpAddress,
OBJECT-TYPE,
MODULE-IDENTITY
FROM SNMPv2-SMI
MacAddress
FROM SNMPv2-TC
cLWlanIndex
FROM CISCO-LWAPP-WLAN-MIB
cldcClientMacAddress
FROM CISCO-LWAPP-DOT11-CLIENT-MIB
ciscoMgmt
FROM CISCO-SMI
CLSecKeyFormat
FROM CISCO-LWAPP-TC-MIB
DisplayString,
TruthValue
FROM SNMPv2-TC
cLApSysMacAddress
FROM CISCO-LWAPP-AP-MIB;
ciscoLwappWapiMIB MODULE-IDENTITY
LAST-UPDATED "201005230000Z" -- MAY 23, 2010 at 00:00 GMT
ORGANIZATION "Cisco Systems, Inc."
CONTACT-INFO
"Cisco Systems Customer Service
Postal: 170 West Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
Email : cs-wnbu-snmp@cisco.com"
DESCRIPTION
"cisco WiFi Controller Snmp agent support for Wapi.
WAPI is a Chinese National Standard for Wireless LAN (GB 15629.11-2003)
GLOSSARY:
WAPI - WLAN Authentication and Privacy Infrastructures
WAI - WLAN Authentication Interface
WLAN - Wireless Local Area Network
WPI - Wireless Privacy Interface
MSK - multicast session key
AKM - authentication and key management
BKID - Base Key IDentification"
REVISION "201012180000Z"
DESCRIPTION
"cisco WiFi Controller Snmp agent support for Wapi.
WAPI is a Chinese National Standard for Wireless LAN (GB 15629.11-2003)"
::= {ciscoMgmt 9997}
ciscoLwappWapiMIBObjects OBJECT IDENTIFIER ::={ciscoLwappWapiMIB 1}
-- wapiStatsTable
cLWapiWlanStats OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiWlanStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the WAPI statistics for each WLAN on which WAPI is configured as the security protocol."
::= {ciscoLwappWapiMIBObjects 1}
cLWapiWlanStatsEntry OBJECT-TYPE
SYNTAX CiscoWapiWlanStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWWSW Table"
INDEX {cLWlanIndex}
::= {cLWapiWlanStats 1}
CiscoWapiWlanStatsEntry ::=
SEQUENCE
{
cLWWSWAISignatureErrors Counter32,
cLWWSWAIHMACErrors Counter32,
cLWWSWAIAuthResultFailures Counter32,
cLWWSWAIDiscardCounters Counter32,
cLWWSWAITimeoutCounters Counter32,
cLWWSWAIFormatErrors Counter32,
cLWWSWAICertHandshakeFailures Counter32,
cLWWSWAIUnicastHandshakeFailures Counter32,
cLWWSWAIMulticastHandshakeFailures Counter32,
cLWWSWPIRXReplayCounters Counter32,
cLWWSWPIRXMicErrorCounters Counter64,
cLWWSWPIRXDecryptErrorCounters Counter64 }
cLWWSWAISignatureErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the signature in the received WAI message is incorrect"
::= { cLWapiWlanStatsEntry 1 }
cLWWSWAIHMACErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the message authentication code in the received WAI message is incorrect"
::= { cLWapiWlanStatsEntry 2 }
cLWWSWAIAuthResultFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI authentication is unsuccessful"
::= { cLWapiWlanStatsEntry 3 }
cLWWSWAIDiscardCounters OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the received WAI message is discarded"
::= { cLWapiWlanStatsEntry 4 }
cLWWSWAITimeoutCounters OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI message is timeout"
::= { cLWapiWlanStatsEntry 5 }
cLWWSWAIFormatErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when there exists format error in the WAI message"
::= { cLWapiWlanStatsEntry 6 }
cLWWSWAICertHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Certificate Authentication is unsuccessful"
::= { cLWapiWlanStatsEntry 7 }
cLWWSWAIUnicastHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Unicast Key Negotiation is unsuccessful"
::= { cLWapiWlanStatsEntry 8 }
cLWWSWAIMulticastHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Multicast Key Negotiation is unsuccessful"
::= { cLWapiWlanStatsEntry 9 }
cLWWSWPIRXReplayCounters OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WPI RX replay check is unsuccessful"
::= { cLWapiWlanStatsEntry 10 }
cLWWSWPIRXMicErrorCounters OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WPI MIC is error"
::= { cLWapiWlanStatsEntry 11 }
cLWWSWPIRXDecryptErrorCounters OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WPI Decryption is error"
::= { cLWapiWlanStatsEntry 12 }
-- wapiClientStatsTable
cLWapiClientStats OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiClientStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the WAPI statistics for each client connected to a WLAN on which WAPI is configured as the security protocol."
::= {ciscoLwappWapiMIBObjects 2}
cLWapiClientStatsEntry OBJECT-TYPE
SYNTAX CiscoWapiClientStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWapiClientStats Table"
INDEX {cldcClientMacAddress}
::= {cLWapiClientStats 1}
CiscoWapiClientStatsEntry ::=
SEQUENCE{
cLWCSWapiClientVersion Integer32,
cLWCSWAISignatureErrors Counter32,
cLWCSWAIHMACErrors Counter32,
cLWCSWAIAuthResultFailures Counter32,
cLWCSWAIDiscardCounters Counter32,
cLWCSWAITimeoutCounters Counter32,
cLWCSWAIFormatErrors Counter32,
cLWCSWAICertHandshakeFailures Counter32,
cLWCSWAIUnicastHandshakeFailures Counter32,
cLWCSWAIMulticastHandshakeFailures Counter32,
cLWCSWAIUnicastCipherSuite OCTET STRING,
cLWCSWAIMcastCipherSuite OCTET STRING,
cLWCSWAIAuthenticationSuiteRequested OCTET STRING,
cLWCSWAIBKIDUsed OCTET STRING,
cLWCSWAICtrPortState TruthValue }
cLWCSWapiClientVersion OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI draft version used by the WAPI client"
::= { cLWapiClientStatsEntry 1 }
cLWCSWAISignatureErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the signature in the received WAI message is incorrect"
::= { cLWapiClientStatsEntry 2 }
cLWCSWAIHMACErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the message authentication code in the received WAI message is incorrect"
::= { cLWapiClientStatsEntry 3 }
cLWCSWAIAuthResultFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI authentication is unsuccessful"
::= { cLWapiClientStatsEntry 4 }
cLWCSWAIDiscardCounters OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the received WAI message is discarded"
::= { cLWapiClientStatsEntry 5 }
cLWCSWAITimeoutCounters OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI message is timeout"
::= { cLWapiClientStatsEntry 6 }
cLWCSWAIFormatErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when there exists format error in the WAI message"
::= { cLWapiClientStatsEntry 7 }
cLWCSWAICertHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Certificate Authentication is unsuccessful"
::= { cLWapiClientStatsEntry 8 }
cLWCSWAIUnicastHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Unicast Key Negotiation is unsuccessful"
::= { cLWapiClientStatsEntry 9 }
cLWCSWAIMulticastHandshakeFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This counter shall increment when the WAI Multicast Key Negotiation is unsuccessful"
::= { cLWapiClientStatsEntry 10 }
cLWCSWAIUnicastCipherSuite OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This value represents the Client Unicast Cipher Suite in use, of which obtained from Assoc req frame"
::= { cLWapiClientStatsEntry 11 }
cLWCSWAIMcastCipherSuite OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This value represents the Client Multicast Cipher Suite in use, of which obtained from Assoc req frame"
::= { cLWapiClientStatsEntry 12}
cLWCSWAIAuthenticationSuiteRequested OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specificies the last AKM suite requested from client.
0x 00 14 72 01 : cert
0x 00 14 72 02 : psk "
::= { cLWapiClientStatsEntry 13 }
cLWCSWAIBKIDUsed OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This value represents the selector of the last BKID used in the last Unicast Key Negotiation Handshake"
::= { cLWapiClientStatsEntry 14 }
cLWCSWAICtrPortState OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This value represents the state of client controlled port entity,
true means authenticated, false means not authenticated"
::= { cLWapiClientStatsEntry 15 }
-- wapiWlanConfigTable
cLWapiWlanConfig OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiWlanConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the WAPI config entry for the WLAN."
::= {ciscoLwappWapiMIBObjects 3}
cLWapiWlanConfigEntrty OBJECT-TYPE
SYNTAX CiscoWapiWlanConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWapiWlanConfig Table"
INDEX {cLWlanIndex}
::= {cLWapiWlanConfig 1}
CiscoWapiWlanConfigEntry ::=
SEQUENCE{
cLWCSWlanWapiEnable TruthValue,
cLWCSWlanWapiAkmKeyMgmtMode INTEGER,
cLWCSWlanWapiEncryptType BITS,
cLWCSWlanWapiPskFmt CLSecKeyFormat,
cLWCSWlanWapiPsk OCTET STRING,
cLWCSWlanWapiConfigUnicasCiphersEntry OCTET STRING,
cLWCSWlanWapiConfigUnicastCipherSize Unsigned32,
cLWCSWlanWapiMcastCipherSize Unsigned32,
cLWCSWlanBKLifeTime Unsigned32,
cLWCSWlanBKReauthThreshold Unsigned32,
cLWCSWlanWapiConfigMulticastCipher OCTET STRING,
cLWCSWlanWapiAuthenticationSuiteSelected OCTET STRING,
cLWCSWlanWapiUnicastCipherSelected OCTET STRING,
cLWCSWlanWapiMulticastCipherSelected OCTET STRING,
cLWCSWlanWapiPreauthenticationState TruthValue}
cLWCSWlanWapiEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable the WAPI security on the WLAN."
::= { cLWapiWlanConfigEntrty 1 }
cLWCSWlanWapiAkmKeyMgmtMode OBJECT-TYPE
SYNTAX INTEGER {
invalid(0),
cert (1),
psk (2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable the AKM type to be used for the WAPI WLAN."
::= { cLWapiWlanConfigEntrty 2 }
cLWCSWlanWapiEncryptType OBJECT-TYPE
SYNTAX BITS {
sms4 (0) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable the encryption type for WAPI WLAN."
::= { cLWapiWlanConfigEntrty 3 }
cLWCSWlanWapiPskFmt OBJECT-TYPE
SYNTAX CLSecKeyFormat
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the type of the authentication preshared key
configured through the object cLWCSWlanWapiPskSetkey.
Note that the key configuration is applicable only when psk is configured
as the key management mechanism through the cLWCSWlanWapiAkmKeyMgmtMode object."
DEFVAL { default }
::= { cLWapiWlanConfigEntrty 4 }
cLWCSWlanWapiPsk OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(8..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the Pre-Shared Key for WAI PSK authentication for the WLAN.
The key can be in ASCII or HEX format.
'ascii' 8-40 characters
'hex' 4-40 octets. "
::= { cLWapiWlanConfigEntrty 5 }
cLWCSWlanWapiConfigUnicasCiphersEntry OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The selector of a supported unicast cipher suite. It consists of an OUI (the first 3 octets)
and a cipher suite identifier (the last octet)."
::= { cLWapiWlanConfigEntrty 6 }
cLWCSWlanWapiConfigUnicastCipherSize OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the length in bit of the USK. This should be 256 for SMS4.
The first 128bits is the UEK and the last 128bits is the UCK."
::= { cLWapiWlanConfigEntrty 7 }
cLWCSWlanWapiMcastCipherSize OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the length in bit of the MSK. This should be 256 for in SMS4.
The first 128bits is the MEK and the last 128bits is the MCK."
::= { cLWapiWlanConfigEntrty 8 }
cLWCSWlanBKLifeTime OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the maximum lifetime of a BK in the BK cache."
DEFVAL {43200}
::= { cLWapiWlanConfigEntrty 9 }
cLWCSWlanBKReauthThreshold OBJECT-TYPE
SYNTAX Unsigned32
UNITS "percentage"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the percentage of the BK lifetime that should expire before a WAI reauthentication occurs."
DEFVAL {70}
::= { cLWapiWlanConfigEntrty 10 }
cLWCSWlanWapiConfigMulticastCipher OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(4))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the multicast cipher suite that this entity must adopt. The WAPI Parameter
Set information element shall adopt the value of this variable, which contains a 3-octet OUI and
a one-octet cipher suite identifier."
::= { cLWapiWlanConfigEntrty 11 }
cLWCSWlanWapiAuthenticationSuiteSelected OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the selector of the last AKM suite negotiated."
::= { cLWapiWlanConfigEntrty 12 }
cLWCSWlanWapiUnicastCipherSelected OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the selector of the last unicast cipher suite negotiated."
::= { cLWapiWlanConfigEntrty 13 }
cLWCSWlanWapiMulticastCipherSelected OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the selector of the last multicast cipher suite negotiated."
::= { cLWapiWlanConfigEntrty 14 }
cLWCSWlanWapiPreauthenticationState OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the state of Preauthentication
in WAPI and currently it is not supported."
::= { cLWapiWlanConfigEntrty 15 }
-- wapiAPTable
cLWapiAPTable OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiAPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the WAPI details and
configurations for each AP connected."
::= {ciscoLwappWapiMIBObjects 4}
cLWapiAPEntry OBJECT-TYPE
SYNTAX CiscoWapiAPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWapiAPTable Table."
INDEX {cLApSysMacAddress}
::= {cLWapiAPTable 1}
CiscoWapiAPEntry ::=
SEQUENCE{
cLWCSWapiAPMaxUnicastKeysSupport Integer32 }
cLWCSWapiAPMaxUnicastKeysSupport OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the maximum number of USK's that an AP can support."
::= { cLWapiAPEntry 1 }
-- wapiWlanAuthenticationSuitesConfigTable
cLWapiWlanAKMSuitesConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiAuthenticationConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the WAPI config entry for the WLAN."
::= {ciscoLwappWapiMIBObjects 5}
cLWapiWlanAKMSuitesConfigEntry OBJECT-TYPE
SYNTAX CiscoWapiAuthenticationConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWapiWlanAKMSuitesConfig Table"
INDEX {cLWlanIndex, cLWCSWlanWapiAuthenticationSuiteIndex}
::= {cLWapiWlanAKMSuitesConfigTable 1}
CiscoWapiAuthenticationConfigEntry ::=
SEQUENCE{
cLWCSWlanWapiAuthenticationSuiteIndex INTEGER,
cLWCSWlanWapiAuthenticationSuite OCTET STRING,
cLWCSWlanWapiAuthenticationSuiteEnable TruthValue }
cLWCSWlanWapiAuthenticationSuiteIndex OBJECT-TYPE
SYNTAX INTEGER {
cert (1),
psk (2) }
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object is used to a index for AKM suites on the WLAN."
::= { cLWapiWlanAKMSuitesConfigEntry 1 }
cLWCSWlanWapiAuthenticationSuite OBJECT-TYPE
SYNTAX OCTET STRING(SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the AKM suite octects on the WLAN."
::= { cLWapiWlanAKMSuitesConfigEntry 2 }
cLWCSWlanWapiAuthenticationSuiteEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable the AKM suites on the WLAN."
::= { cLWapiWlanAKMSuitesConfigEntry 3 }
-- wapiCipherstable
cLWapiCiphers OBJECT-TYPE
SYNTAX SEQUENCE OF CiscoWapiCiphersEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maintains the unicast cipher suites supported by this entity.
It allows enabling and disabling of each unicast cipher suite by network management.
The unicast cipher suite list in the WAPI Parameter Set information
element is formed using the information in this table."
::= {ciscoLwappWapiMIBObjects 6 }
cLWapiCiphersEntry OBJECT-TYPE
SYNTAX CiscoWapiCiphersEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the cLWapiCiphers Table."
INDEX { cLWlanIndex, cLWCSWlanCipherIndex }
::= { cLWapiCiphers 1 }
CiscoWapiCiphersEntry ::=
SEQUENCE {
cLWCSWlanCipherIndex Unsigned32,
cLWCSWlanCipherEnabled TruthValue
}
cLWCSWlanCipherIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object represents auxiliary index of the CiscoWapiCiphersEntry."
::= { cLWapiCiphersEntry 1 }
cLWCSWlanCipherEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents enables or disables the unicast cipher."
::= { cLWapiCiphersEntry 2 }
ciscoLwappWapiConfig OBJECT IDENTIFIER ::={ciscoLwappWapiMIB 2}
clWapiASIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the IP address of the WAPI authentication server."
::= { ciscoLwappWapiConfig 1 }
clWapiASPortNumber OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the UDP port number for WAPI authentication server."
::= { ciscoLwappWapiConfig 2 }
clWapiASRequestTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents timeout value for the packets sent to Auth Server."
::= { ciscoLwappWapiConfig 3 }
clWapiMulticastRekeyMethod OBJECT-TYPE
SYNTAX INTEGER {
disabled(1),
timeBased(2),
messageBased(3),
timemessageBased(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object selects a mechanism for rekeying the WAPI MSK. The default is time-based, once per day. Rekeying the MSK is only applicable to an entry acting in the AE role."
DEFVAL {timeBased}
::= { ciscoLwappWapiConfig 4 }
clWapiMulticastRekeyTime OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the time in seconds after which the WAPI MSK will be refreshed. The timer will start the moment the MSK was set using the MLME-SETWPIKEYS request primitive."
DEFVAL {86400}
::= { ciscoLwappWapiConfig 5 }
clWapiMulticastRekeyMessages OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the message count in thousands after which the WAPI MSK will be refreshed. The message counter will start the moment the MSK was set using the MLME-SETWPIKEYS request primitive."
::= { ciscoLwappWapiConfig 6 }
clWapiMulticastRekeyStrict OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object signals that the MSK shall be refreshed whenever a STA leaves the BSS that possesses the MSK."
::= { ciscoLwappWapiConfig 7 }
clWapiConfigCertificateUpdateCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the number of times messages in the WAPI hhandshake protocol will be retried per certificate handshake attempt."
DEFVAL {3}
::= { ciscoLwappWapiConfig 8 }
clWapiConfigMulticastUpdateCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the number of times message 1 in the WAPI muticast key announcement handshake will be retried per MSK handshake attempt."
DEFVAL {3}
::= { ciscoLwappWapiConfig 9 }
clWapiConfigUnicastUpdateCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the number of times message 1 and message 3 in the WAPI unicast key announcement handshake will be retried per USK handshake attempt."
DEFVAL {3}
::= { ciscoLwappWapiConfig 10 }
cLWCSWapiConfigureVersion OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI configuration version"
::= { ciscoLwappWapiConfig 11 }
clWapiConfigControlledPortControl OBJECT-TYPE
SYNTAX INTEGER {
auto(0)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the value of the Controlled
port. If the value is 0 which means automatic, the
current behaviour. The state of the controlled port
shall be based on the result of authentication."
::= { ciscoLwappWapiConfig 12 }
clWapiUserInvalidCertificationInbreakNetwork OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI user with
invalid certification."
::= { ciscoLwappWapiConfig 13 }
cLApWAPISecurityLowAttack OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI security low attack notification
information."
::= { ciscoLwappWapiConfig 14 }
clWapiUnicastRekeyMethod OBJECT-TYPE
SYNTAX INTEGER {
disabled(1),
timeBased(2),
messageBased(3),
timeMessageBased(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object selects a mechanism for rekeying the WAPI USK.
The default is time-based, once per day. Rekeying the USK
is only applicable to an entry acting in the AE role.
Method 1 (disabled) will temporarily stop the unicast rekeying"
DEFVAL {timeBased}
::= { ciscoLwappWapiConfig 15 }
clWapiUnicastRekeyTime OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the time in seconds after which the
WAPI USK will be refreshed. The timer will start the
moment the USK was set using the MLME-SETWPIKEYS
request primitive."
DEFVAL {86400}
::= { ciscoLwappWapiConfig 16 }
clWapiUnicastRekeyMessage OBJECT-TYPE
SYNTAX Unsigned32
UNITS "1000 messages"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the message count in thousands
after which the WAPI USK will be refreshed.
The message counter will start the moment the USK was set
using the MLME-SETWPIKEYS request primitive. This MIB will be
configurable od of TIME or TIME&PACKET"
::= { ciscoLwappWapiConfig 17 }
clWapiConfigSATimeout OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the maximum time a security association shall take to set up."
DEFVAL {60}
::= { ciscoLwappWapiConfig 18 }
cLApWAPIReplayAttack OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI replay attack notification information."
::= { ciscoLwappWapiConfig 19 }
cLApWAPITamperAttack OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI tamper attack notification information."
::= { ciscoLwappWapiConfig 20 }
clWapiAddressRedirectAttack OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the WAPI redirect attack notification information."
::= { ciscoLwappWapiConfig 21}
ciscoLwappWapiCertificateObjects OBJECT IDENTIFIER ::={ciscoLwappWapiMIB 3}
clWapiWLCCertificateStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the installation
state of WLC Certificate. True means the WLC certificate
is installed. False means it is uninstalled."
::= { ciscoLwappWapiCertificateObjects 1 }
clWapiCACertificateStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the installation
state of Certificate Authority Certificate. True means the CA certificate
is installed. False means it is uninstalled"
::= { ciscoLwappWapiCertificateObjects 2 }
clWapiASCertificateStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the installation
state of Auth Server Certificate. True means the AS certificate
is installed. False means it is uninstalled."
::= { ciscoLwappWapiCertificateObjects 3 }
ciscoLwappWapiMIBNotifObjects OBJECT IDENTIFIER ::={ciscoLwappWapiMIB 4}
--********************************************************************
-- * Notifications
--********************************************************************
ciscoLwappWapiUserInvalidCertificateNetworkTrap NOTIFICATION-TYPE
OBJECTS {
clWapiUserInvalidCertificationInbreakNetwork
}
STATUS current
DESCRIPTION
"This notification will be sent when the WAPI
Client is installed with invalid certificates."
::= {ciscoLwappWapiMIBNotifObjects 1 }
ciscoLwappWapiSecurityLowAttackTrap NOTIFICATION-TYPE
OBJECTS {
cLApWAPISecurityLowAttack
}
STATUS current
DESCRIPTION
"This notification will be sent when AP received a fake Unicast Key
Negotiation Response frame of which the WIE_AUSE is different with that
of AP sent before."
::= {ciscoLwappWapiMIBNotifObjects 2 }
ciscoLwappWapiReplayAttackTrap NOTIFICATION-TYPE
OBJECTS {
cLApWAPIReplayAttack
}
STATUS current
DESCRIPTION
"This notification will be sent when AP received an AE challenge is different with that of AP received before."
::= {ciscoLwappWapiMIBNotifObjects 3 }
ciscoLwappWapiTamperAttackTrap NOTIFICATION-TYPE
OBJECTS {
cLApWAPITamperAttack
}
STATUS current
DESCRIPTION
"This notification will be sent when AP received an invaild Message Authentication Code."
::= {ciscoLwappWapiMIBNotifObjects 4 }
ciscoLwappWapiAddressRedirectAttackTrap NOTIFICATION-TYPE
OBJECTS {
clWapiAddressRedirectAttack
}
STATUS current
DESCRIPTION
"This notification will be sent when AP received an address redirect attack trap.
Radio interface information (MAC), BSSID, SSID, Mac of station"
::= {ciscoLwappWapiMIBNotifObjects 5 }
END