-- ******************************************************************* -- CISCO-LWAPP-RLAN-MIB.my -- This MIB helps to manage the RLANs on the controller -- January 2018, Meghana R Deshmukh -- -- Copyright (c) 2018-2019 by Cisco Systems Inc. -- All rights reserved. -- ******************************************************************* CISCO-LWAPP-RLAN-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Integer32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF TruthValue FROM SNMPv2-TC RowStatus FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB InetAddressType, InetAddress FROM INET-ADDRESS-MIB ciscoMgmt FROM CISCO-SMI; ciscoLwappRlanMIB MODULE-IDENTITY LAST-UPDATED "201910170000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 W Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS E-mail: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. This MIB helps to manage the RLANs on the controller. The relationship between CC and the LWAPP APs can be depicted as follows: +......+ +......+ +......+ +......+ + + + + + + + + + CC + + CC + + CC + + CC + + + + + + + + + +......+ +......+ +......+ +......+ .. . . . .. . . . . . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ +......+ + + + + + + + + + + + AP + + AP + + AP + + AP + + AP + + + + + + + + + + + +......+ +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ +......+ + + + + + + + + + + + MN + + MN + + MN + + MN + + MN + + + + + + + + + + + +......+ +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the RLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends it to the controller to which it is logically connected to. Central Controller ( CC ) The central entity that terminates the LWAPP protocol tunnel from the LWAPP APs. Throughout this MIB, this entity also referred to as 'controller'. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the controllers. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Access Control List ( ACL ) A list of rules used to restrict the traffic reaching an interface or the CPU or RLAN. Each ACL is an ordered set of rules and actions. If a rule matches then the action for that rule is applied to the packet. 802.1x The IEEE ratified standard for enforcing port based access control. This was originally intended for use on wired LANs and later extended for use in 802.11 RLAN environments. This defines an architecture with three main parts - a supplicant (Ex. an 802.11 wireless client), an authenticator (the AP) and an authentication server(a Radius server). The authenticator passes messages back and forth between the supplicant and the authentication server to enable the supplicant get authenticated to the network. Temporal Key Integrity Protocol ( TKIP ) A security protocol defined to enhance the limitations of WEP. Message Integrity Check and per-packet keying on all WEP-encrypted frames are two significant enhancements provided by TKIP to WEP. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Wired Equivalent Privacy ( WEP ) A security method defined by 802.11. WEP uses a symmetric key stream cipher called RC4 to encrypt the data packets. Wi-Fi Protected Access ( WPA ) Wi-Fi Protected Access (WPA and WPA2) are security systems created in response to several serious weaknesses found in Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. RLAN Layer 2 Security RLAN layer 2 (MAC) security defines the encryption and authentication approaches such as 802.1x, WPA, WPA2, CKIP and WEP. POE (Power Over Ethernet) Power over Ethernet or PoE describes any of several standardized or ad-hoc systems which pass electrical power along with data on Ethernet cabling. This allows a single cable to provide both data connection and electrical power to devices such as wireless access points or IP cameras. Multicast Domain Name System (mDNS) This is the underlying protocol that is used for Service advertisement and discovery in technologies like Bonjour, Zero Touch Configuration REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications. [2] Draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol [3] IEEE 802.11 - The original 1 Mbit/s and 2 Mbit/s, 2.4 GHz RF and IR standard." REVISION "201906210000Z" DESCRIPTION "Added below entry to cLRlanTable - cLRlanMdnsMode Added below entry to cLRlanPolicyEntry table - cLRlanMdnsPolicy Rearranged value for cLRlanHostMode Deprecated the following compliance group - ciscoLwappRlanComplianceRev1 Added following compliance group - ciscoLwappRlanComplianceRev2" REVISION "201904230000Z" DESCRIPTION "Deprecated following objects - cLRlanRadiusHttpProfiling - cLRlanRadiusDhcpProfiling - cLRlanLocalHttpProfiling - cLRlanLocalDhcpProfiling" REVISION "201807200000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 856 } ciscoLwappRlanMIBNotifs OBJECT IDENTIFIER ::= { ciscoLwappRlanMIB 0 } ciscoLwappRlanMIBObjects OBJECT IDENTIFIER ::= { ciscoLwappRlanMIB 1 } ciscoLwappRlanConform OBJECT IDENTIFIER ::= { ciscoLwappRlanMIB 2 } ciscoLwappRlanConfig OBJECT IDENTIFIER ::= { ciscoLwappRlanMIBObjects 1 } -- ******************************************************************** -- RLAN configuration -- ******************************************************************** cLRlanTable OBJECT-TYPE SYNTAX SEQUENCE OF CLRlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the RLAN configuration sent by the controller to the APs for their operation. LWAPP APs exchange configuration messages with the controller and get the required configuration for their 802.11 related operations. As part of these messages, the RLAN configuration is pushed by the controller to the LWAPP APs. This table doesn't have any dependencies on other existing tables. By defining cLRlanIndex, the unique identifier for a RLAN, this table provides a common index structure for use in several other new tables that populate information on security related attributes like authentication, encryption, 802.11 parameters, Quality-of-Service attributes etc., that would relate to a particular RLAN. Rows are added or deleted by explicit management actions initiated by the user from a network management station through the cLRlanRowStatus object." ::= { ciscoLwappRlanConfig 1 } cLRlanEntry OBJECT-TYPE SYNTAX CLRlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table represents the RLAN configuration sent by the controller to APs for use during their operations. entries can be added/deleted by explicit management actions by Prime or by user console." INDEX { cLRlanIndex } ::= { cLRlanTable 1 } CLRlanEntry ::= SEQUENCE { cLRlanIndex Unsigned32, cLRlanRowStatus RowStatus, cLRlanProfileName SnmpAdminString, cLRlanMacFiltering SnmpAdminString, cLRlanAuthList SnmpAdminString, cLRlanSecurity8021X TruthValue, cLRlanSecurityWebAuth TruthValue, cLRlanEapAuthProfileName SnmpAdminString, cLRlanEapAuthStatus TruthValue, cLRlanWebAuthParameter SnmpAdminString, cLRlanClientLimit Unsigned32, cLRlanStatus TruthValue, cLRlanWebAuthIpv4Acl SnmpAdminString, cLRlanWebAuthIpv6Acl SnmpAdminString, cLRlanSecurity8021XAuthList SnmpAdminString, cLRlanMdnsMode INTEGER } cLRlanIndex OBJECT-TYPE SYNTAX Unsigned32 (1..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies one instance of a RLAN on the controller." ::= { cLRlanEntry 1 } cLRlanRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This is the status column for this row and used to create, modify and delete specific instances of rows in this table. This table supports modification of writable objects when the RowStatus is 'active'. The following objects are mandatory for successful creation of an entry: cLRlanIndex cLRlanProfileName." ::= { cLRlanEntry 2 } cLRlanProfileName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the profile name assigned to this RLAN. The name assigned to a RLAN has to be unique across all the RLANs on the controller. An administrator can assign a meaningful name that could later be used to refer a particular RLAN on the controller. This object cannot be modified when cLRlanRowStatus is 'active'." ::= { cLRlanEntry 3 } cLRlanMacFiltering OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "A type of security policy for Mobile Stations (Clients). This enables filtering of clients by MAC address." ::= { cLRlanEntry 4 } cLRlanAuthList OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to configure AAA Authentication list for RLAN" ::= { cLRlanEntry 5 } cLRlanSecurity8021X OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the dot1x authentication is enabled or not for the RLAN. A value of 'true' indicates that dot1x security is enabled. A value of 'false' indicates that dot1x security is disabled." ::= { cLRlanEntry 6 } cLRlanSecurityWebAuth OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the web authentication is enabled or not for the RLAN. A value of 'true' indicates that web authentication is enabled. A value of 'false' indicates that web authentication is disabled." ::= { cLRlanEntry 7 } cLRlanEapAuthProfileName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object uniquely identifies the profile name using which EAP authentication is done for this RLAN" ::= { cLRlanEntry 8 } cLRlanEapAuthStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the EAP authentication is enabled or not for the RLAN. A value of 'true' indicates that EAP authentication is enabled. A value of 'false' indicates that EAP authentication is disabled." DEFVAL { false } ::= { cLRlanEntry 9 } cLRlanWebAuthParameter OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the Parameter for web authentication for the given RLAN" ::= { cLRlanEntry 10 } cLRlanClientLimit OBJECT-TYPE SYNTAX Unsigned32 (0..10000) MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates the maximum number of allowed clients for the given RLAN. Default value 0 indicates no restriction on the client number." DEFVAL { 0 } ::= { cLRlanEntry 11 } cLRlanStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the status of the RLAN. A value of 'true' indicates that RLAN profile is enabled. A value of 'false' indicates that RLAN profile is disabled." DEFVAL { false } ::= { cLRlanEntry 12 } cLRlanWebAuthIpv4Acl OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the pre web Auth IPv4 ACL for the given RLAN." ::= { cLRlanEntry 13 } cLRlanWebAuthIpv6Acl OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the pre web Auth IPv4 ACL for the given RLAN." ::= { cLRlanEntry 14 } cLRlanSecurity8021XAuthList OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the dot1x authentication list for the given RLAN." ::= { cLRlanEntry 15 } cLRlanMdnsMode OBJECT-TYPE SYNTAX INTEGER { bridge(0), drop(1), gateway(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the mdns mode of the Remote Lan 0 indicates RLAN is in Bridge mode for mDNS packets 1 indicates RLAN is is Drop mode for mDNS packets 2 indicates RLAN is in Gateway mode for mDNS packets" DEFVAL { 0 } ::= { cLRlanEntry 16 } -- ******************************************************************** -- RLAN configuration -- ******************************************************************** cLRlanPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF CLRlanPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table holds the RLAN policies configured on the controller. Each entry is represented by the object cLRlanPolicyEntry." ::= { ciscoLwappRlanConfig 2 } cLRlanPolicyEntry OBJECT-TYPE SYNTAX CLRlanPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table represents the RLAN policy configuration sent by the controller to APs for use during their operations. entries can be added/deleted by explicit management actions by NMS or by user console" INDEX { cLRlanPolicyProfileName } ::= { cLRlanPolicyTable 1 } CLRlanPolicyEntry ::= SEQUENCE { cLRlanPolicyProfileName SnmpAdminString, cLRlanPolicyRowStatus RowStatus, cLRlanPolicyStatus TruthValue, cLRlanPolicyDesc SnmpAdminString, cLRlanPolicyIpv4Acl SnmpAdminString, cLRlanPolicyIpv6Acl SnmpAdminString, cLRlanAAAOverride TruthValue, cLRlanCentralSwitching TruthValue, cLRlanInterface SnmpAdminString, cLRlanPoeEnabled TruthValue, cLRlanHostMode INTEGER, cLRlanViolationMode INTEGER, cLRlanVoiceVlanId Unsigned32, cLRlanDataVlanId Unsigned32, cLRlanBlacklistEnabled TruthValue, cLRlanBlacklistTimeout Unsigned32, cLRlanAAAPolicyName SnmpAdminString, cLRlanSessionTimeout Unsigned32, cLRlanPreAuthEnabled TruthValue, cLRlanDhcpServerType InetAddressType, cLRlanDhcpServer InetAddress, cLRlanRadiusHttpProfiling TruthValue, cLRlanRadiusDhcpProfiling TruthValue, cLRlanLocalHttpProfiling TruthValue, cLRlanLocalDhcpProfiling TruthValue, cLRlanIpv6IngressStatus TruthValue, cLRlanIpv6EgressStatus TruthValue, cLRlanIpv4IngressStatus TruthValue, cLRlanIpv4EgressStatus TruthValue, cLRlanIpv6IngressName SnmpAdminString, cLRlanIpv6EgressName SnmpAdminString, cLRlanIpv4IngressName SnmpAdminString, cLRlanIpv4EgressName SnmpAdminString, cLRlanSplitTunnelGatewayType InetAddressType, cLRlanSplitTunnelGateway InetAddress, cLRlanSplitTunnelNetmaskType InetAddressType, cLRlanSplitTunnelNetmask InetAddress, cLRlanSplitTunnel TruthValue, cLRlanAclName SnmpAdminString, cLRlanSplitTunnelOverride TruthValue, cLRlanAccountingList SnmpAdminString, cLRlanDhcpEnabled TruthValue, cLRlanCentralDhcp TruthValue, cLRlanMdnsPolicy SnmpAdminString, cLRlanPowerLevelId Unsigned32 } cLRlanPolicyProfileName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies one instance of a RLAN policy on the controller." ::= { cLRlanPolicyEntry 1 } cLRlanPolicyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This is the status column for this row and used to create, modify and delete specific instances of rows in this table. This table supports modification of writable objects when the RowStatus is 'active'. The following objects are mandatory for successful creation of an entry: cLRlanPolicyProfileName." ::= { cLRlanPolicyEntry 2 } cLRlanPolicyStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether the RLAN policy is enabled or not. A value of 'true' indicates that RLAN policy profile is enabled. A value of 'false' indicates that RLAN policy profile is disabled." DEFVAL { false } ::= { cLRlanPolicyEntry 3 } cLRlanPolicyDesc OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object describes the policy of RLAN." ::= { cLRlanPolicyEntry 4 } cLRlanPolicyIpv4Acl OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object uniquely identifies the name of ipv4 ACL for given RLAN." ::= { cLRlanPolicyEntry 5 } cLRlanPolicyIpv6Acl OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object uniquely identifies the name of ipv6 ACL for given RLAN." ::= { cLRlanPolicyEntry 6 } cLRlanAAAOverride OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the AAA override for global parameters is enabled or disabled. A value of 'true' indicates that AAA Override is enabled. A value of 'false' indicates that AAA Override is disabled." DEFVAL { false } ::= { cLRlanPolicyEntry 7 } cLRlanCentralSwitching OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the central switching for RLAN is enabled or disabled. A value of 'true' indicates that Central Switching is enabled. A value of 'false' indicates that Central Switching is disabled." DEFVAL { true } ::= { cLRlanPolicyEntry 8 } cLRlanInterface OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object uniquely identifies the RLAN interface name." DEFVAL { "1" } ::= { cLRlanPolicyEntry 9 } cLRlanPoeEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object uniquely identifies RLAN Power Over Ethernet status. A value of 'true' indicates that RLAN POE is enabled. A value of 'false' indicates that RLAN POE is disabled." ::= { cLRlanPolicyEntry 10 } cLRlanHostMode OBJECT-TYPE SYNTAX INTEGER { sinlgeHostMode(0), multiHostMode(1), multiDomainMode(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object configures the host mode for the RLAN. 0 - SINGLE_HOST_MODE, 1 - MULTI_HOST_MODE, 2 - MULTI_DOMAIN_MODE." DEFVAL { 0 } ::= { cLRlanPolicyEntry 11 } cLRlanViolationMode OBJECT-TYPE SYNTAX INTEGER { protect(0), replace(1), shutdown(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This objecti configures the voilation mode for the RLAN. 0 - REPLACE, 1 - SHUTDOWN, 2 - PROTECT" ::= { cLRlanPolicyEntry 12 } cLRlanVoiceVlanId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies VLAN ID for the voice during the multi domain mode for RLAN on the controller. The host mode (cLRlanHostMode) should be set to multi-domain mode(value: 3)." ::= { cLRlanPolicyEntry 13 } cLRlanDataVlanId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies VLAN ID for the data during the multi domain mode for RLAN on the controller. The host mode (cLRlanHostMode) should be set to multi-domain mode(value: 3)." ::= { cLRlanPolicyEntry 14 } cLRlanBlacklistEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies is the blacklisting is enabled or not for the given RLAN. A value of 'true' indicates that RLAN Blacklisting is enabled. A value of 'false' indicates that RLAN Blacklisting is disabled." DEFVAL { true } ::= { cLRlanPolicyEntry 15 } cLRlanBlacklistTimeout OBJECT-TYPE SYNTAX Unsigned32 (0..2147483647) MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the timeout duration in seconds for the blacklist in RLAN." DEFVAL { 60 } ::= { cLRlanPolicyEntry 16 } cLRlanAAAPolicyName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the AAA policy name for the given RLAN." DEFVAL { "default-aaa-policy" } ::= { cLRlanPolicyEntry 17 } cLRlanSessionTimeout OBJECT-TYPE SYNTAX Unsigned32 (20..86400) MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the session timeout duration in seconds for RLAN." DEFVAL { 1800 } ::= { cLRlanPolicyEntry 18 } cLRlanPreAuthEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the preAuth is enabled or not for the RLAN on the controller. A value of 'true' indicates that RLAN Pre-Authentication is enabled. A value of 'false' indicates that RLAN Pre-Authentication is disabled." ::= { cLRlanPolicyEntry 19 } cLRlanDhcpServerType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the address type DHCP parameters IP for Remote-LAN." ::= { cLRlanPolicyEntry 20 } cLRlanDhcpServer OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "This object configures the DHCP parameters for Remote-LAN" ::= { cLRlanPolicyEntry 21 } cLRlanRadiusHttpProfiling OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS deprecated DESCRIPTION "This object uniquely identifies Client profiling on RLAN in Radius mode based on HTTP attribute. A value of 'true' indicates that Radius HTTP profiling is enabled. A value of 'false' indicates that Radius HTTP profiling is disabled." ::= { cLRlanPolicyEntry 22 } cLRlanRadiusDhcpProfiling OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS deprecated DESCRIPTION "This object uniquely identifies Client profiling on RLAN in Radius mode based on DHCP attribute. A value of 'true' indicates that Radius DHCP profiling is enabled. A value of 'false' indicates that Radius DHCP profiling is disabled." ::= { cLRlanPolicyEntry 23 } cLRlanLocalHttpProfiling OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS deprecated DESCRIPTION "This object uniquely identifies Client profiling on RLAN in local mode based on HTTP attribute. A value of 'true' indicates that Local HTTP profiling is enabled. A value of 'false' indicates that Local HTTP profiling is disabled." ::= { cLRlanPolicyEntry 24 } cLRlanLocalDhcpProfiling OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS deprecated DESCRIPTION "This object uniquely identifies Client profiling on RLAN in local mode based on DHCP attribute. A value of 'true' indicates that Local DHCP profiling is enabled. A value of 'false' indicates that Local DHCP profiling is disabled." ::= { cLRlanPolicyEntry 25 } cLRlanIpv6IngressStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the flow monitor on ingress traffic, for IPv6, is enabled or disabled. A value of 'true' indicates that IPv6 Ingress traffic is enabled. A value of 'false' indicates that IPv6 Ingress traffic is disabled." ::= { cLRlanPolicyEntry 26 } cLRlanIpv6EgressStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the flow monitor on egress traffic, for IPv6, is enabled or disabled. A value of 'true' indicates that IPv6 Engress traffic is enabled. A value of 'false' indicates that IPv6 Engress traffic is disabled." ::= { cLRlanPolicyEntry 27 } cLRlanIpv4IngressStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the flow monitor on ingress traffic, for IPv4, is enabled or disabled. A value of 'true' indicates that IPv4 Ingress traffic is enabled. A value of 'false' indicates that IPv4 Ingress traffic is disabled." ::= { cLRlanPolicyEntry 28 } cLRlanIpv4EgressStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the flow monitor on egress traffic, for IPv4, is enabled or disabled. A value of 'true' indicates that IPv4 Engress traffic is enabled. A value of 'false' indicates that IPv4 Engress traffic is disabled." ::= { cLRlanPolicyEntry 29 } cLRlanIpv6IngressName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the Qos profile name for flow monitor on ingress traffic, for IPv6." ::= { cLRlanPolicyEntry 30 } cLRlanIpv6EgressName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the Qos profile name for flow monitor on egress traffic, for IPv6." ::= { cLRlanPolicyEntry 31 } cLRlanIpv4IngressName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the Qos profile name for flow monitor on ingress traffic, for IPv4." ::= { cLRlanPolicyEntry 32 } cLRlanIpv4EgressName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the Qos profile name for flow monitor on egress traffic, for IPv4." ::= { cLRlanPolicyEntry 33 } cLRlanSplitTunnelGatewayType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the IP address type of gateway address for the split tunnel trafficking of the data on RLAN." ::= { cLRlanPolicyEntry 34 } cLRlanSplitTunnelGateway OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the gateway address for the split tunnel trafficking of the data on RLAN." ::= { cLRlanPolicyEntry 35 } cLRlanSplitTunnelNetmaskType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the netmask for the split tunnel trafficking of the data on RLAN." ::= { cLRlanPolicyEntry 36 } cLRlanSplitTunnelNetmask OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the netmask for the split tunnel trafficking of the data on RLAN." ::= { cLRlanPolicyEntry 37 } cLRlanSplitTunnel OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies whether the split tunnel traffic movement of the data is enabled. A value of 'true' indicates that split tunnelling is enabled. A value of 'false' indicates that split tunnelling is disabled." ::= { cLRlanPolicyEntry 38 } cLRlanAclName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies the ACL name for the split tunnel data trafficking." ::= { cLRlanPolicyEntry 39 } cLRlanSplitTunnelOverride OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object identifies whether the split tunnel traffic movement of the data is overriden. A value of 'true' indicates that split tunnel override is enabled. A value of 'false' indicates that split tunnel override is disabled." ::= { cLRlanPolicyEntry 40 } cLRlanAccountingList OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the AAA Accounting list associated to the given RLAN" ::= { cLRlanPolicyEntry 41 } cLRlanDhcpEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether the DHCP is required for the IPv4 of the given RLAN. A value of 'true' indicates that RLAN DHCP is enabled. A value of 'false' indicates that RLAN DHCP is disabled." DEFVAL { false } ::= { cLRlanPolicyEntry 42 } cLRlanCentralDhcp OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies if the central dhcp for RLAN is enabled or disabled. A value of 'true' indicates that Central DHCP is enabled. A value of 'false' indicates that Central DHCP is disabled." DEFVAL { true } ::= { cLRlanPolicyEntry 43 } cLRlanMdnsPolicy OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the mDNS service policy configured under RLAN" ::= { cLRlanPolicyEntry 44 } cLRlanPowerLevelId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the power level for port" ::= { cLRlanPolicyEntry 45 } -- ******************************************************************** -- * Compliance statements -- ******************************************************************** ciscoLwappRlanCompliances OBJECT IDENTIFIER ::= { ciscoLwappRlanConform 1 } ciscoLwappRlanGroups OBJECT IDENTIFIER ::= { ciscoLwappRlanConform 2 } ciscoLwappRlanCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRlanConfigGroup1, ciscoLwappRlanConfigGroup2 } ::= { ciscoLwappRlanCompliances 1 } ciscoLwappRlanComplianceRev1 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRlanConfigGroup1, ciscoLwappRlanConfigGroup2Sup1 } ::= { ciscoLwappRlanCompliances 2 } ciscoLwappRlanComplianceRev2 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRlanConfigGroup1Sup1, ciscoLwappRlanConfigGroup2Sup2 } ::= { ciscoLwappRlanCompliances 3 } ciscoLwappRlanComplianceRev3 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappRlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappRlanConfigGroup1Sup1, ciscoLwappRlanConfigGroup2Sup2, ciscoLwappRlanConfigGroup2Sup3 } ::= { ciscoLwappRlanCompliances 4 } ciscoLwappRlanConfigGroup1 OBJECT-GROUP OBJECTS { cLRlanRowStatus, cLRlanProfileName, cLRlanMacFiltering, cLRlanAuthList, cLRlanSecurity8021X, cLRlanSecurityWebAuth, cLRlanEapAuthProfileName, cLRlanEapAuthStatus, cLRlanWebAuthParameter, cLRlanClientLimit, cLRlanStatus, cLRlanWebAuthIpv4Acl, cLRlanWebAuthIpv6Acl, cLRlanSecurity8021XAuthList } STATUS current DESCRIPTION "This collection of objects represents the RLAN policy attributes." ::= { ciscoLwappRlanGroups 1 } ciscoLwappRlanConfigGroup2 OBJECT-GROUP OBJECTS { cLRlanPolicyRowStatus, cLRlanPolicyStatus, cLRlanPolicyDesc, cLRlanPolicyIpv4Acl, cLRlanPolicyIpv6Acl, cLRlanAAAOverride, cLRlanCentralSwitching, cLRlanInterface, cLRlanPoeEnabled, cLRlanHostMode, cLRlanViolationMode, cLRlanVoiceVlanId, cLRlanDataVlanId, cLRlanBlacklistEnabled, cLRlanBlacklistTimeout, cLRlanAAAPolicyName, cLRlanSessionTimeout, cLRlanPreAuthEnabled, cLRlanDhcpServerType, cLRlanDhcpServer, cLRlanRadiusHttpProfiling, cLRlanRadiusDhcpProfiling, cLRlanLocalHttpProfiling, cLRlanLocalDhcpProfiling, cLRlanIpv6IngressStatus, cLRlanIpv6EgressStatus, cLRlanIpv4IngressStatus, cLRlanIpv4EgressStatus, cLRlanIpv6IngressName, cLRlanIpv6EgressName, cLRlanIpv4IngressName, cLRlanIpv4EgressName, cLRlanSplitTunnelGatewayType, cLRlanSplitTunnelGateway, cLRlanSplitTunnelNetmaskType, cLRlanSplitTunnelNetmask, cLRlanSplitTunnel, cLRlanAclName, cLRlanSplitTunnelOverride, cLRlanAccountingList, cLRlanDhcpEnabled, cLRlanCentralDhcp } STATUS deprecated DESCRIPTION "This collection of objects represents the RLAN profile policy attributes." ::= { ciscoLwappRlanGroups 2 } ciscoLwappRlanConfigGroup2Sup1 OBJECT-GROUP OBJECTS { cLRlanPolicyRowStatus, cLRlanPolicyStatus, cLRlanPolicyDesc, cLRlanPolicyIpv4Acl, cLRlanPolicyIpv6Acl, cLRlanAAAOverride, cLRlanCentralSwitching, cLRlanInterface, cLRlanPoeEnabled, cLRlanHostMode, cLRlanViolationMode, cLRlanVoiceVlanId, cLRlanDataVlanId, cLRlanBlacklistEnabled, cLRlanBlacklistTimeout, cLRlanAAAPolicyName, cLRlanSessionTimeout, cLRlanPreAuthEnabled, cLRlanDhcpServerType, cLRlanDhcpServer, cLRlanIpv6IngressStatus, cLRlanIpv6EgressStatus, cLRlanIpv4IngressStatus, cLRlanIpv4EgressStatus, cLRlanIpv6IngressName, cLRlanIpv6EgressName, cLRlanIpv4IngressName, cLRlanIpv4EgressName, cLRlanSplitTunnelGatewayType, cLRlanSplitTunnelGateway, cLRlanSplitTunnelNetmaskType, cLRlanSplitTunnelNetmask, cLRlanSplitTunnel, cLRlanAclName, cLRlanSplitTunnelOverride, cLRlanAccountingList, cLRlanDhcpEnabled, cLRlanCentralDhcp } STATUS deprecated DESCRIPTION "This collection of objects represents the RLAN profile policy attributes." ::= { ciscoLwappRlanGroups 3 } ciscoLwappRlanConfigGroup2Sup2 OBJECT-GROUP OBJECTS { cLRlanPolicyRowStatus, cLRlanPolicyStatus, cLRlanPolicyDesc, cLRlanPolicyIpv4Acl, cLRlanPolicyIpv6Acl, cLRlanAAAOverride, cLRlanCentralSwitching, cLRlanInterface, cLRlanPoeEnabled, cLRlanHostMode, cLRlanViolationMode, cLRlanVoiceVlanId, cLRlanDataVlanId, cLRlanBlacklistEnabled, cLRlanBlacklistTimeout, cLRlanAAAPolicyName, cLRlanSessionTimeout, cLRlanPreAuthEnabled, cLRlanDhcpServerType, cLRlanDhcpServer, cLRlanIpv6IngressStatus, cLRlanIpv6EgressStatus, cLRlanIpv4IngressStatus, cLRlanIpv4EgressStatus, cLRlanIpv6IngressName, cLRlanIpv6EgressName, cLRlanIpv4IngressName, cLRlanIpv4EgressName, cLRlanSplitTunnelGatewayType, cLRlanSplitTunnelGateway, cLRlanSplitTunnelNetmaskType, cLRlanSplitTunnelNetmask, cLRlanSplitTunnel, cLRlanAclName, cLRlanSplitTunnelOverride, cLRlanAccountingList, cLRlanDhcpEnabled, cLRlanCentralDhcp, cLRlanMdnsPolicy } STATUS current DESCRIPTION "This collection of objects represents the RLAN profile policy attributes." ::= { ciscoLwappRlanGroups 4 } ciscoLwappRlanConfigGroup1Sup1 OBJECT-GROUP OBJECTS { cLRlanRowStatus, cLRlanProfileName, cLRlanMacFiltering, cLRlanAuthList, cLRlanSecurity8021X, cLRlanSecurityWebAuth, cLRlanEapAuthProfileName, cLRlanEapAuthStatus, cLRlanWebAuthParameter, cLRlanClientLimit, cLRlanStatus, cLRlanWebAuthIpv4Acl, cLRlanWebAuthIpv6Acl, cLRlanSecurity8021XAuthList, cLRlanMdnsMode } STATUS current DESCRIPTION "This collection of objects represents the RLAN policy attributes." ::= { ciscoLwappRlanGroups 5 } ciscoLwappRlanConfigGroup2Sup3 OBJECT-GROUP OBJECTS { cLRlanPowerLevelId } STATUS current DESCRIPTION "This collection of objects represents the RLAN profile policy attributes." ::= { ciscoLwappRlanGroups 6 } END