-- ***************************************************************** -- MY-AAA-MIB.mib: My AAA MIB file -- -- $Copyright$ -- -- ***************************************************************** -- DES7200-AAA-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Integer32, Counter32, Unsigned32, IpAddress FROM SNMPv2-SMI InetAddressType, InetAddress FROM INET-ADDRESS-MIB Counter FROM RFC1155-SMI VlanId FROM Q-BRIDGE-MIB TruthValue, DisplayString, RowStatus, MacAddress FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF ConfigStatus, IfIndex FROM DES7200-TC EnabledStatus FROM P-BRIDGE-MIB myMgmt FROM DES7200-SMI; myAAAMIB MODULE-IDENTITY LAST-UPDATED "200203200000Z" ORGANIZATION "D-Link Crop." CONTACT-INFO " http://support.dlink.com" DESCRIPTION "This module defines my AAA(802.1x) mibs." REVISION "200203200000Z" DESCRIPTION "Initial version of this MIB module." ::= { myMgmt 19} myAAAMIBObjects OBJECT IDENTIFIER ::= { myAAAMIB 1 } myDot1xAuthObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 1 } myAAAServerObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 2 } myAuthUserObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 3 } myAuthModeObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 4 } myClientProbeObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 5 } -- -- myDot1xAuth Groupfor 802.1x global settings. -- myDot1xAuthStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The enable(1)/disable(2) control used by the 802.1x global settings." DEFVAL { disabled } ::= { myDot1xAuthObjects 1 } myDot1xAuthObjectsQuietPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the quietPeriod constant currently in use by the Authenticator PAE state machine." DEFVAL { 60 } ::= { myDot1xAuthObjects 2 } myDot1xAuthObjectsTxPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the txPeriod constant currently in use by the Authenticator PAE state machine." DEFVAL { 30 } ::= { myDot1xAuthObjects 3 } myDot1xAuthObjectsSuppTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the suppTimeout constant currently in use by the Backend Authentication state machine." DEFVAL { 30 } ::= { myDot1xAuthObjects 4 } myDot1xAuthObjectsServerTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the serverTimeout constant currently in use by the Backend Authentication state machine." DEFVAL { 30 } ::= { myDot1xAuthObjects 5 } myDot1xAuthObjectsMaxReq OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value of the maxReq constant currently in use by the Backend Authentication state machine." DEFVAL { 2 } ::= { myDot1xAuthObjects 6 } myDot1xAuthObjectsReAuthPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the reAuthPeriod constant currently in use by the Reauthentication Timer state machine." DEFVAL { 3600 } ::= { myDot1xAuthObjects 7 } myDot1xAuthObjectsMaxReauth OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The value of the reAuthMax constant currently in use by the Authenticator PAE state machine." DEFVAL { 2 } ::= { myDot1xAuthObjects 8 } myDot1xAuthObjectsReAuthEnable OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The enable(1)/disable(2) control used by the Reauthentication Timer state machine." DEFVAL { 2 } ::= { myDot1xAuthObjects 9 } myDot1xAuthObjectsConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF MyDot1xAuthConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table that contains the configuration objects for the Authenticator PAE associated with each MAC address. An entry appears in this table for each MAC address that may authenticate access to itself." ::= { myDot1xAuthObjects 10 } myDot1xAuthObjectsConfigEntry OBJECT-TYPE SYNTAX MyDot1xAuthConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The configuration information for an Authenticator PAE." INDEX { myDot1xAuthObjectsConfigFdbId,myDot1xAuthObjectsConfigAddr } ::= { myDot1xAuthObjectsConfigTable 1 } MyDot1xAuthConfigEntry ::= SEQUENCE { myDot1xAuthObjectsConfigFdbId Unsigned32, myDot1xAuthObjectsConfigAddr MacAddress, myDot1xAuthObjectsPaeState INTEGER, myDot1xAuthObjectsBackendAuthState INTEGER, myDot1xAuthObjectsAuthControlledPortStatus INTEGER, myDot1xAuthObjectsKeyTxEnabled TruthValue, myDot1xAuthObjectsIfIndex IfIndex } myDot1xAuthObjectsConfigFdbId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The VID of vlan which the address blongs to." ::= { myDot1xAuthObjectsConfigEntry 1 } myDot1xAuthObjectsConfigAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The MAC address associated with this configurations." ::= { myDot1xAuthObjectsConfigEntry 2 } myDot1xAuthObjectsPaeState OBJECT-TYPE SYNTAX INTEGER { initialize(1), disconnected(2), connecting(3), authenticating(4), authenticated(5), aborting(6), held(7), forceAuth(8), forceUnauth(9) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the Authenticator PAE state machine." ::= { myDot1xAuthObjectsConfigEntry 3 } myDot1xAuthObjectsBackendAuthState OBJECT-TYPE SYNTAX INTEGER { request(1), response(2), success(3), fail(4), timeout(5), idle(6), initialize(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the Backend Authentication state machine." ::= { myDot1xAuthObjectsConfigEntry 4 } myDot1xAuthObjectsAuthControlledPortStatus OBJECT-TYPE SYNTAX INTEGER { authorized(1), unauthorized(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the controlled Port status parameter for the Port." ::= { myDot1xAuthObjectsConfigEntry 5 } myDot1xAuthObjectsKeyTxEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The value of the keyTransmissionEnabled constant currently in use by the Authenticator PAE state machine." ::= { myDot1xAuthObjectsConfigEntry 6 } myDot1xAuthObjectsIfIndex OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The interface index associated with this configurations" ::= { myDot1xAuthObjectsConfigEntry 7 } myDot1xAuthObjectsStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF MyDot1xAuthStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table that contains the statistics objects for the Authenticator PAE associated with each MAC address. An entry appears in this table for each MAC address that may authenticate access to itself." ::= { myDot1xAuthObjects 11 } myDot1xAuthStatsEntry OBJECT-TYPE SYNTAX MyDot1xAuthStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The statistics information for an Authenticator PAE." INDEX { myDot1xAuthObjectsStatsFdbId,myDot1xAuthObjectsStatsAddr } ::= { myDot1xAuthObjectsStatsTable 1 } MyDot1xAuthStatsEntry ::= SEQUENCE { myDot1xAuthObjectsStatsFdbId Unsigned32, myDot1xAuthObjectsStatsAddr MacAddress, myDot1xAuthObjectsEapolFramesRx Counter32, myDot1xAuthObjectsEapolFramesTx Counter32, myDot1xAuthObjectsEapolMyFramesRx Counter32, myDot1xAuthObjectsEapolLogoffFramesRx Counter32, myDot1xAuthObjectsEapolRespIdFramesRx Counter32, myDot1xAuthObjectsEapolRespFramesRx Counter32, myDot1xAuthObjectsEapolReqIdFramesTx Counter32, myDot1xAuthObjectsEapolReqFramesTx Counter32, myDot1xAuthObjectsInvalidEapolFramesRx Counter32, myDot1xAuthObjectsEapLengthErrorFramesRx Counter32, myDot1xAuthObjectsLastEapolFrameVersion Unsigned32, myDot1xAuthObjectsLastEapolFrameSource MacAddress } myDot1xAuthObjectsStatsFdbId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The VID of vlan which the address blongs to." ::= { myDot1xAuthStatsEntry 1 } myDot1xAuthObjectsStatsAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The MAC address associated with this states." ::= { myDot1xAuthStatsEntry 2 } myDot1xAuthObjectsEapolFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of valid EAPOL frames of any type that have been received by this Authenticator." ::= { myDot1xAuthStatsEntry 3 } myDot1xAuthObjectsEapolFramesTx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames of any type that have been transmitted by this Authenticator." ::= { myDot1xAuthStatsEntry 4 } myDot1xAuthObjectsEapolMyFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL My frames that have been received by this Authenticator." ::= { myDot1xAuthStatsEntry 5 } myDot1xAuthObjectsEapolLogoffFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL Logoff frames that have been received by this Authenticator." ::= { myDot1xAuthStatsEntry 6 } myDot1xAuthObjectsEapolRespIdFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Resp/Id frames that have been received by this Authenticator." ::= { myDot1xAuthStatsEntry 7 } myDot1xAuthObjectsEapolRespFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of valid EAP Response frames (other than Resp/Id frames) that have been received by this Authenticator." ::= { myDot1xAuthStatsEntry 8 } myDot1xAuthObjectsEapolReqIdFramesTx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Req/Id frames that have been transmitted by this Authenticator." ::= { myDot1xAuthStatsEntry 9 } myDot1xAuthObjectsEapolReqFramesTx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Request frames (other than Rq/Id frames) that have been transmitted by this Authenticator." ::= { myDot1xAuthStatsEntry 10 } myDot1xAuthObjectsInvalidEapolFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized." ::= { myDot1xAuthStatsEntry 11 } myDot1xAuthObjectsEapLengthErrorFramesRx OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames that have been received by this Authenticator in which the Packet Body Length field is invalid." ::= { myDot1xAuthStatsEntry 12 } myDot1xAuthObjectsLastEapolFrameVersion OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol version number carried in the most recently received EAPOL frame." ::= { myDot1xAuthStatsEntry 13 } myDot1xAuthObjectsLastEapolFrameSource OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The source MAC address carried in the most recently received EAPOL frame." ::= { myDot1xAuthStatsEntry 14 } myDot1xCurrentUserNumber OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Numbers of users who attached to the system ,regardless of their state." ::= { myDot1xAuthObjects 12 } myDot1xCurrentAuthenticatedUserNumber OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Numbers of user who attached to the system and their current state is authorized" ::= { myDot1xAuthObjects 13 } myDot1xAccountStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The enable(1)/disable(2) control used by the accounting function." DEFVAL { 2 } ::= { myDot1xAuthObjects 14 } myAuthIfTable OBJECT-TYPE SYNTAX SEQUENCE OF MyAuthIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of the authenticated status of interface." ::= { myDot1xAuthObjects 15 } myAuthIfEntry OBJECT-TYPE SYNTAX MyAuthIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of MAC address which can be authenticated." INDEX { myAuthIf} ::= { myAuthIfTable 1 } MyAuthIfEntry ::= SEQUENCE { myAuthIf IfIndex, myAuthIfStatus EnabledStatus } myAuthIf OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The port number of the port/trunk to which frames received from a specific port/trunk and destined for a specific MAC address." ::= { myAuthIfEntry 1 } myAuthIfStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The authentication status of a port, can be opened by setting its value to Enabled(1), or closed by setting its value to Disabled(2)." DEFVAL { 2 } ::= { myAuthIfEntry 2 } myAuthenticationMode OBJECT-TYPE SYNTAX INTEGER { eap-md5(1), chap(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Mode used for authentication" ::= { myDot1xAuthObjects 16 } myDot1xAccountUpdateStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Account Update Status" ::= { myDot1xAuthObjects 17 } myDot1xAcctInterimInterval OBJECT-TYPE SYNTAX Unsigned32 (60..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "Account Interim Interval" ::= { myDot1xAuthObjects 18 } myDot1xEapolTagEnabled OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Eapol Tag Enabled" ::= { myDot1xAuthObjects 19 } myDot1xIfUserMaxTable OBJECT-TYPE SYNTAX SEQUENCE OF MyDot1xIfUserMaxEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of the max dot1x user number on authenticated interface." ::= { myDot1xAuthObjects 20 } myDot1xIfUserMaxEntry OBJECT-TYPE SYNTAX MyDot1xIfUserMaxEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of max dot1x user number on authenticated interface." INDEX { myDot1xIfUserMaxIndex} ::= { myDot1xIfUserMaxTable 1 } MyDot1xIfUserMaxEntry ::= SEQUENCE { myDot1xIfUserMaxIndex IfIndex, myDot1xIfUserMaxNum Unsigned32 } myDot1xIfUserMaxIndex OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The interface index which dot1x authentication is enabled." ::= { myDot1xIfUserMaxEntry 1 } myDot1xIfUserMaxNum OBJECT-TYPE SYNTAX Unsigned32 (1..4000) MAX-ACCESS read-write STATUS current DESCRIPTION "The max dot1x user num on the interface, this is valid only when dot1x authentication is enable on that interface. Number 0 indicates no user number limits enabled on the interface." ::= { myDot1xIfUserMaxEntry 2 } -- -- myAAAServer Group. -- -- ::= { myAAAServerObjects 1 } this OID is obsolete myAAAServerAuthPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "UDP port used for authentication in the global configuration. For RADIUS only, default value is 1812." DEFVAL { 1812 } ::= { myAAAServerObjects 2 } myAAAServerAcctPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "UDP port used for accounting service in the global configuration. For RADIUS only, default value is 1813." DEFVAL { 1813 } ::= { myAAAServerObjects 3 } myAAAServerRadiusKeyStr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The server key to be used with all RADIUS server. Retrieving the value of this object via SNMP will return an empty string for security reasons." DEFVAL { "" } ::= { myAAAServerObjects 4 } -- ::= { myAAAServerObjects 5 } this OID is obsolete -- ::= { myAAAServerObjects 6 } this OID is obsolete -- ::= { myAAAServerObjects 7 } this OID is obsolete myAAAServerTacplusKeyStr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The server key to be used with all TACACS+ server. Retrieving the value of this object via SNMP will return an empty string for security reasons." DEFVAL { "" } ::= { myAAAServerObjects 8 } -- -- myAAAServerConfigTable -- myAAAServerConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF MyAAAServerConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table shows current configurations for each AAA server, allows existing servers to be removed and new ones to be created." ::= { myAAAServerObjects 9 } myAAAServerConfigEntry OBJECT-TYPE SYNTAX MyAAAServerConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of AAA server configuration identified by its protocol and its index." INDEX { myAAAServerConfigProtocol, myAAAServerConfigIndex } ::= { myAAAServerConfigTable 1} MyAAAServerConfigEntry ::= SEQUENCE { myAAAServerConfigProtocol INTEGER, myAAAServerConfigIndex Unsigned32, myAAAServerConfigAddressType InetAddressType, myAAAServerConfigAddress InetAddress, myAAAServerConfigAuthPort INTEGER, myAAAServerConfigAcctPort INTEGER, myAAAServerConfigKeyStr DisplayString, myAAAServerConfigRowStatus RowStatus } myAAAServerConfigProtocol OBJECT-TYPE SYNTAX INTEGER { radius(1), -- RADIUS tacplus(2) -- TACACS+ } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The variable denotes the protocol used by the managed device with the AAA server corresponding to this entry in the table." ::= { myAAAServerConfigEntry 1 } myAAAServerConfigIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A number uniquely identifying each server. If the myAAAServerConfigIndex value for row creation is already in use by an existing entry, snmp set to the myAAAServerConfigIndex value will fail. Upon reload, casIndex values may be changed." ::= { myAAAServerConfigEntry 2 } myAAAServerConfigAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of address format used for the myAAAServerConfigAddress object." ::= { myAAAServerConfigEntry 3 } myAAAServerConfigAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address of the server." ::= { myAAAServerConfigEntry 4 } myAAAServerConfigAuthPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "UDP/TCP port used for authentication in the server. For RADIUS, default value is 1812. For TACACS+, default value is 49." ::= { myAAAServerConfigEntry 5 } myAAAServerConfigAcctPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "UDP/TCP port used for accounting service in the server. For RADIUS, default value is 1813. For TACACS+, the value of myAAAServerConfigAcctPort is ignored, myAAAServerConfigAuthPort will be used instead." ::= { myAAAServerConfigEntry 6 } myAAAServerConfigKeyStr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The server key to be used with this server. Retrieving the value of this object via SNMP will return an empty string for security reasons." DEFVAL { "" } ::= { myAAAServerConfigEntry 7 } myAAAServerConfigRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this table entry. Once the entry status is set to active, the associated entry cannot be modified except destroyed by setting this object to destroy(6)." ::= { myAAAServerConfigEntry 8 } -- -- myAuthAddress Group. -- myAuthAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF MyAuthAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of MAC address which can be authenticated." ::= { myAuthUserObjects 1 } myAuthAddrEntry OBJECT-TYPE SYNTAX MyAuthAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of MAC address which can be authenticated." INDEX { myAuthPort,myAuthMacAddress} ::= { myAuthAddrTable 1 } MyAuthAddrEntry ::= SEQUENCE { myAuthPort IfIndex, myAuthMacAddress MacAddress, myAuthAddrStatus INTEGER } myAuthPort OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The port number of the port/trunk to which frames received from a specific port/trunk and destined for a specific MAC address." ::= { myAuthAddrEntry 1 } myAuthMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The MAC address which can be authenticated." ::= { myAuthAddrEntry 2 } myAuthAddrStatus OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "valid(1) - this entry is currently in use . invalid(2) - writing this value to the object removes the corresponding entry." ::= { myAuthAddrEntry 3 } -- -- my authentication user information -- myAuthUserTable OBJECT-TYPE SYNTAX SEQUENCE OF MyAuthUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of authentication User Info." ::= { myAuthUserObjects 2 } myAuthUserEntry OBJECT-TYPE SYNTAX MyAuthUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of authentication User Info table." INDEX { myAuthUserFdbId,myAuthUserMacAddress} ::= { myAuthUserTable 1 } MyAuthUserEntry ::= SEQUENCE { myAuthUserFdbId Unsigned32, myAuthUserMacAddress MacAddress, myAuthUserName DisplayString, myAuthUserSessionId DisplayString, myAuthUserIpAddr IpAddress, myAuthUserPort INTEGER, myAuthUserStatus ConfigStatus } myAuthUserFdbId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The VID of vlan which the address blongs to." ::= { myAuthUserEntry 1 } myAuthUserMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION " The MAC Address of authentication User ." ::= { myAuthUserEntry 2 } myAuthUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The Name of authentication User." ::= { myAuthUserEntry 3 } myAuthUserSessionId OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION " The Session Id of authentication User ." ::= { myAuthUserEntry 4 } myAuthUserIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION " The IP Address of authentication User ." ::= { myAuthUserEntry 5 } myAuthUserPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION " The interface of authentication User ." ::= { myAuthUserEntry 6 } myAuthUserStatus OBJECT-TYPE SYNTAX ConfigStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to 'invalid' will close a authenticated user, set its value to valid will cause no action of agent, when query always return value valid." ::= { myAuthUserEntry 7 } -- -- my vpn authentication user information -- myAuthUserForVPNDel OBJECT-TYPE SYNTAX DisplayString (SIZE (1..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "VPN user's name. Setting this object will delete a authenticated user and this user is unauthenticated. The set string is the username. Reading this object always return null string." ::= { myAuthUserObjects 3 } -- authorization mode objects myIpAuthorizationMode OBJECT-TYPE SYNTAX INTEGER { disable(1), dhcpServer(2), radiusServer(3), supplicant(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "disable(1) - don't limit ip address of user dhcpServer(2) - limit ip address of user, only ip address assigned by the dhcp server is legit. radiusServer(3) - limit ip address of user, only ip address assigned by the radius server is legit. supplicant(4) - mac+ip+port indicates different users (get the IP adress through supplicant)" ::= { myAuthModeObjects 1 } --- ---Client probe --- myClientProbeEnabledStatus OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The status of client probe function." ::= { myClientProbeObjects 1 } myClientProbeHelloInterval OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The interval that client send hello packets." ::= { myClientProbeObjects 2 } myClientProbeAliveInteval OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "When switch does not receive any legal hello packets from client in this interval,it will send RADIUS-Account-Stop to RADIUS server to stop this connection.The value of the objects must be more than myClientProbeHelloInterval" ::= { myClientProbeObjects 3 } myAAAMIBConformance OBJECT IDENTIFIER ::= { myAAAMIB 2 } myAAAMIBCompliances OBJECT IDENTIFIER ::= { myAAAMIBConformance 1 } myAAAMIBGroups OBJECT IDENTIFIER ::= { myAAAMIBConformance 2 } -- compliance statements myAAAMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the My AAA MIB" MODULE -- this module MANDATORY-GROUPS { myDot1xAuthMIBGroup, myAAAServerMIBGroup, myAuthAddrMIBGroup, myAuthModeMIBGroup } GROUP myClientProbeGroup DESCRIPTION "This group is mandatory only for those system which support client probe function." ::= { myAAAMIBCompliances 1 } -- units of conformance myDot1xAuthMIBGroup OBJECT-GROUP OBJECTS { myDot1xAuthStatus, myDot1xAuthObjectsQuietPeriod, myDot1xAuthObjectsTxPeriod, myDot1xAuthObjectsSuppTimeout, myDot1xAuthObjectsServerTimeout, myDot1xAuthObjectsMaxReq, myDot1xAuthObjectsReAuthPeriod, myDot1xAuthObjectsReAuthEnable, myDot1xAuthObjectsConfigFdbId, myDot1xAuthObjectsConfigAddr, myDot1xAuthObjectsPaeState, myDot1xAuthObjectsBackendAuthState, myDot1xAuthObjectsAuthControlledPortStatus, myDot1xAuthObjectsKeyTxEnabled, myDot1xAuthObjectsIfIndex, myDot1xAuthObjectsStatsFdbId, myDot1xAuthObjectsStatsAddr, myDot1xAuthObjectsEapolFramesRx, myDot1xAuthObjectsEapolFramesTx, myDot1xAuthObjectsEapolMyFramesRx, myDot1xAuthObjectsEapolLogoffFramesRx, myDot1xAuthObjectsEapolRespIdFramesRx, myDot1xAuthObjectsEapolRespFramesRx, myDot1xAuthObjectsEapolReqIdFramesTx, myDot1xAuthObjectsEapolReqFramesTx, myDot1xAuthObjectsInvalidEapolFramesRx, myDot1xAuthObjectsEapLengthErrorFramesRx, myDot1xAuthObjectsLastEapolFrameVersion, myDot1xAuthObjectsLastEapolFrameSource, myDot1xCurrentUserNumber, myDot1xCurrentAuthenticatedUserNumber, myDot1xAuthObjectsMaxReauth, myAuthIf, myAuthIfStatus, myAuthenticationMode } STATUS current DESCRIPTION "A collection of objects providing dot1x authentication managment." ::= { myAAAMIBGroups 1 } myAAAServerMIBGroup OBJECT-GROUP OBJECTS { myAAAServerAuthPort, myAAAServerAcctPort, myAAAServerRadiusKeyStr, myAAAServerTacplusKeyStr, myAAAServerConfigAddressType, myAAAServerConfigAddress, myAAAServerConfigAuthPort, myAAAServerConfigAcctPort, myAAAServerConfigKeyStr, myAAAServerConfigRowStatus } STATUS current DESCRIPTION "A collection of objects providing AAA server managment." ::= { myAAAMIBGroups 2 } myAuthAddrMIBGroup OBJECT-GROUP OBJECTS { myAuthMacAddress, myAuthPort, myAuthAddrStatus, myAuthUserFdbId, myAuthUserMacAddress, myAuthUserName, myAuthUserSessionId, myAuthUserIpAddr, myAuthUserPort, myAuthUserStatus } STATUS current DESCRIPTION "A collection of objects providing address permitted authentication managment." ::= { myAAAMIBGroups 3 } myAuthModeMIBGroup OBJECT-GROUP OBJECTS { myIpAuthorizationMode } STATUS current DESCRIPTION "A collection of objects providing authentication mode managment." ::= { myAAAMIBGroups 4 } myClientProbeGroup OBJECT-GROUP OBJECTS { myClientProbeEnabledStatus, myClientProbeHelloInterval, myClientProbeAliveInteval } STATUS current DESCRIPTION "A collection of objects providing client probe management." ::= { myAAAMIBGroups 5 } END