CISCOSB-RADIUS-COA DEFINITIONS ::= BEGIN -- Title: CISCOSB CoA Radius Private Extension -- Version: 9.50 -- Date: 01-Jul-2022 IMPORTS Unsigned32, IpAddress,Counter32, MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI TruthValue, RowStatus, DisplayString, DateAndTime, TimeStamp, TEXTUAL-CONVENTION FROM SNMPv2-TC InetAddressType,InetAddress,InetAddressIPv6 FROM INET-ADDRESS-MIB -- RFC2851 switch001, rlRadius,rlAAAEap FROM CISCOSB-MIB; rlRadiusCoA MODULE-IDENTITY LAST-UPDATED "202207010000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO "Postal: 170 West Tasman Drive San Jose , CA 95134-1706 USA Website: Cisco Small Business Support Community " DESCRIPTION "The private MIB module definition for CoA Radius feature in CISCOSB devices." REVISION "202207010000Z" DESCRIPTION "Added this MODULE-IDENTITY clause." ::= { switch001 247 } -- -- Radius CoA Client Inet table -- rlRadiusCoAClientInetTable OBJECT-TYPE SYNTAX SEQUENCE OF RlRadiusCoAClientInetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table listing the RADIUS CoA entry." ::= { rlRadiusCoA 1 } rlRadiusCoAClientInetEntry OBJECT-TYPE SYNTAX RlRadiusCoAClientInetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry in RADIUS CoA table." INDEX { rlRadiusCoAClientInetAddressType, rlRadiusCoAClientInetAddress } ::= { rlRadiusCoAClientInetTable 1 } RlRadiusCoAClientInetEntry ::= SEQUENCE { rlRadiusCoAClientInetAddressType InetAddressType, rlRadiusCoAClientInetAddress InetAddress, rlRadiusCoAClientInetKey DisplayString, rlRadiusCoAClientInetKeyDigest OCTET STRING, rlRadiusCoAClientInetClearCountersAction TruthValue, rlRadiusCoAClientInetRowStatus RowStatus } rlRadiusCoAClientInetAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The Inet address type of RADIUS CoA referred to in this table entry." ::= { rlRadiusCoAClientInetEntry 1} rlRadiusCoAClientInetAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The Inet address of the RADIUS CoA referred to in this table entry." ::= { rlRadiusCoAClientInetEntry 2 } rlRadiusCoAClientInetKey OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128|160)) MAX-ACCESS read-write STATUS current DESCRIPTION "Secret key to be shared with this RADIUS CoA. The key with length of 160 means the key is not set" DEFVAL { "" } ::= { rlRadiusCoAClientInetEntry 3 } rlRadiusCoAClientInetKeyDigest OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "The Digest of the rlRadiusCoAClientInetKey" ::= { rlRadiusCoAClientInetEntry 4 } rlRadiusCoAClientInetClearCountersAction OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Set to TRUE to clear the Radius CoA Client counters." ::= { rlRadiusCoAClientInetEntry 5 } rlRadiusCoAClientInetRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Radius CoA Client Entry status" ::= { rlRadiusCoAClientInetEntry 6 } -- -- Radius CoA Client counters action table -- rlRadiusCoAClientInetCountersTable OBJECT-TYPE SYNTAX SEQUENCE OF RlRadiusCoAClientInetCountersEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "MIB to show radius CoA counters per client" ::= { rlRadiusCoA 2 } rlRadiusCoAClientInetCountersEntry OBJECT-TYPE SYNTAX RlRadiusCoAClientInetCountersEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The row definition for this table." INDEX { rlRadiusCoAClientInetAddressType, rlRadiusCoAClientInetAddress } ::= { rlRadiusCoAClientInetCountersTable 1 } RlRadiusCoAClientInetCountersEntry::= SEQUENCE { rlRadiusCoAClientInetAverageResponseTime Unsigned32, rlRadiusCoAClientInetCoARequests Counter32, rlRadiusCoAClientInetCoATransactions Counter32, rlRadiusCoAClientInetCoARetransmissions Counter32, rlRadiusCoAClientInetCoAActiveTransactions Counter32, rlRadiusCoAClientInetCoAAckResponses Counter32, rlRadiusCoAClientInetCoANakResponses Counter32, rlRadiusCoAClientInetCoAInvalidRequests Counter32, rlRadiusCoAClientInetCoAErrors Counter32, rlRadiusCoAClientInetDisconnectRequests Counter32, rlRadiusCoAClientInetDisconnectTransactions Counter32, rlRadiusCoAClientInetDisconnectRetransmissions Counter32, rlRadiusCoAClientInetDisconnectActiveTransactions Counter32, rlRadiusCoAClientInetDisconnectAckResponses Counter32, rlRadiusCoAClientInetDisconnectNakResponses Counter32, rlRadiusCoAClientInetDisconnectInvalidRequests Counter32, rlRadiusCoAClientInetDisconnectErrors Counter32 } rlRadiusCoAClientInetAverageResponseTime OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Average Ack response time in milliseconds" ::= { rlRadiusCoAClientInetCountersEntry 1 } rlRadiusCoAClientInetCoARequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the CoA Requests received from CoA clients" ::= { rlRadiusCoAClientInetCountersEntry 2 } rlRadiusCoAClientInetCoATransactions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts CoA completed transactions. A Completed transaction occurs once the Switch send an CoA-ACK or CoA-NAK in response to a CoA-Request from a CoA client" ::= { rlRadiusCoAClientInetCountersEntry 3 } rlRadiusCoAClientInetCoARetransmissions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts received retransmitted CoA Requests. A retransmitted CoA-Requests is a Request in which the Request identifier is identical to the identifier of a previous Request" ::= { rlRadiusCoAClientInetCountersEntry 4 } rlRadiusCoAClientInetCoAActiveTransactions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Transactions that are currently active. An active transaction is a transaction in which a CoA-Request from a COA Client has been received but an CoA-ACK or CoA-NAK response has not been sent yet. Once an CoA-ACK or CoA-NAK is sent this counter is decremented" ::= { rlRadiusCoAClientInetCountersEntry 5 } rlRadiusCoAClientInetCoAAckResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of CoA-Ack responses sent by the switch" ::= { rlRadiusCoAClientInetCountersEntry 6 } rlRadiusCoAClientInetCoANakResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of CoA-Nak responses sent by the switch" ::= { rlRadiusCoAClientInetCountersEntry 7 } rlRadiusCoAClientInetCoAInvalidRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts invalid CoA-requests received by the switch. An invalid request is one of the following: - A Request in which the secret in the Request does not match the Secret configured on the device - A Request with no session identifier - A Request with an unsupported attribute - A Request in which a supported attribute is empty - A Request which is discarded because the event-timestamp is not current, or if eventtimestamp is mandatory and received request does not include this attributes" ::= { rlRadiusCoAClientInetCountersEntry 8 } rlRadiusCoAClientInetCoAErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts errors upon receiving CoA-Request. An error can be an internal error in which a request cannot be processed due to resource issue, or if a secret has not been configured for the CoA client" ::= { rlRadiusCoAClientInetCountersEntry 9 } rlRadiusCoAClientInetDisconnectRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the Disconnect Requests received from CoA clients" ::= { rlRadiusCoAClientInetCountersEntry 10 } rlRadiusCoAClientInetDisconnectTransactions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts Disconnect completed transactions. A Completed transaction occurs once the Switch send an Disconnect-ACK or Disconnect-NAK in response to a Disconnect-Request from a CoA client." ::= { rlRadiusCoAClientInetCountersEntry 11 } rlRadiusCoAClientInetDisconnectRetransmissions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts received retransmitted Disconnect Requests. A retransmitted Disconnect-Requests is a Request in which the Request identifier is identical to the identifier of a previous Request" ::= { rlRadiusCoAClientInetCountersEntry 12 } rlRadiusCoAClientInetDisconnectActiveTransactions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Transactions that are currently active. An active transaction is a transaction in which a Disconnect-Request from a COA Client has been received but an Disconnect-ACK or Disconnect-NAK response has not been sent yet. Once an Disconnect-ACK or Disconnect-NAK is sent this counter is decremented" ::= { rlRadiusCoAClientInetCountersEntry 13 } rlRadiusCoAClientInetDisconnectAckResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of Disconnect-Ack responses sent by the switch" ::= { rlRadiusCoAClientInetCountersEntry 14 } rlRadiusCoAClientInetDisconnectNakResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of Disconnect-Nak responses sent by the switch" ::= { rlRadiusCoAClientInetCountersEntry 15 } rlRadiusCoAClientInetDisconnectInvalidRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts invalid Disconnect-requests received by the switch. An invalid request is one of the following: - A Request in which the secret in the Request does not match the Secret configured on the device - A Request with no session identifier - A Request with an unsupported attribute - A Request in which a supported attribute is empty" ::= { rlRadiusCoAClientInetCountersEntry 16 } rlRadiusCoAClientInetDisconnectErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts errors upon receiving Disconnect-Request. An error can be an internal error in which a request cannot be processed due to resource issue, or if a secret has not been configured for the CoA client" ::= { rlRadiusCoAClientInetCountersEntry 17 } -- -- Radius CoA Clear All counters -- rlRadiusCoAClearCountersAction OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "To clear Radius CoA counters for all clients." DEFVAL { false } ::= { rlRadiusCoA 3 } -- -- Radius CoA port -- rlRadiusCoARxUdpPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "To define the UDP port used for Radius CoA requests." DEFVAL { 3799 } ::= { rlRadiusCoA 4 } -- -- Radius CoA Client Default Secret Key -- rlRadiusCoAGlobalKey OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128|160)) MAX-ACCESS read-write STATUS current DESCRIPTION "Global Secret key to be shared with this all Radius CoA clients. The key with length of 160 means the key is not set" DEFVAL { "" } ::= { rlRadiusCoA 5 } -- -- Radius CoA Client Default Secret Key Digest -- rlRadiusCoAGlobalKeyDigest OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Global Secret key Digest" ::= { rlRadiusCoA 6 } -- -- Radius CoA Ignore Secret Key -- rlRadiusCoAIgnoreServerKey OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "To ignore the CoA server-key" DEFVAL { false } ::= { rlRadiusCoA 7 } -- -- Radius CoA Event-Timestamp Attribute behavior -- rlRadiusCoAEventTimeStampDropPacket OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "To configure the device to discard a Packet of Disconnect (POD) Request or Change of Authorization (CoA) Request that do not include an Event-Timestamp Attribute" DEFVAL { false } ::= { rlRadiusCoA 8 } -- -- Radius CoA behavior for username domain stripping for received PoD and CoA -- RlRadiusCoAUserNameDomainStrippingType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Behavior for username domain stripping for received PoD and CoA" SYNTAX INTEGER { disable(0), leftToRight(1), rightToLeft(2) } RlRadiusCoAUserNameDomainDelimiter ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "To configure the username domain delimitator for received PoD and CoA Requests" SYNTAX INTEGER { at(1), hyphen(2), slash(3), backSlash(4), hash(5), dollar(6), percent(7) } rlRadiusCoAUserNameDomainStrippingMethod OBJECT-TYPE SYNTAX RlRadiusCoAUserNameDomainStrippingType MAX-ACCESS read-write STATUS current DESCRIPTION "To enable and define the behavior for username domain stripping for received PoD and CoA Requests" DEFVAL { disable } ::= { rlRadiusCoA 9 } -- -- Radius CoA username domain delimitator for received PoD and CoA Requests -- rlRadiusCoAUserNameDomainStrippingDelimiter OBJECT-TYPE SYNTAX RlRadiusCoAUserNameDomainDelimiter MAX-ACCESS read-write STATUS current DESCRIPTION "To configure the username domain delimitator for received PoD and CoA Requests" DEFVAL { at } ::= { rlRadiusCoA 10 } -- -- AAAEAP Ignore disable-port command VSA -- rlAAAEapIgnoreCommandDisablePort OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "To configure the device to ignore a RADIUS Change of Authorization (CoA) disable port command VSA" DEFVAL { false } ::= { rlRadiusCoA 11 } -- -- AAAEAP Ignore bounce-port command VSA -- rlAAAEapIgnoreCommandBouncePort OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "To configure the device to ignore a RADIUS Change of Authorization (CoA) bounce port command VSA" DEFVAL { false } ::= { rlRadiusCoA 12 } END