-- ******************************************************************* -- FS-WLAN-SECURITY-MIB.mib : FS WLAN DHCP MIB -- -- Oct 2009, luolc -- -- Copyright (c) 2009 by FS.COM Inc.. -- All rights reserved. -- ******************************************************************* FS-WLAN-SECURITY-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32 FROM SNMPv2-SMI TruthValue, DisplayString, MacAddress, RowStatus FROM SNMPv2-TC MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUP FROM SNMPv2-CONF fsApgWlanId FROM FS-AC-MGMT-MIB fsMgmt FROM FS-SMI; -- ********************************************** -- * MODULE IDENTITY -- ********************************************** fsWLANsecurityMIB MODULE-IDENTITY LAST-UPDATED "200910280000Z" ORGANIZATION "FS.COM Inc.." CONTACT-INFO "Tel: 400-865-2852 E-mail: https://www.fs.com/live_chat_service_mail.html " DESCRIPTION " Wlan security software private MIB for FS SNC. This is AC device manage MIB. " REVISION "200910280000Z" DESCRIPTION "Initial version of this MIB module." ::= { fsMgmt 61 } -- *************************************************************************** -- * Major sections -- *************************************************************************** fsWLANsecurityMIBObjects OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 1 } --*************************************************************************** --* AP agent MIB object --*************************************************************************** fsAPworkmode OBJECT-TYPE SYNTAX INTEGER { fitap(1), fatap(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This Attribute present AP device work mode , Value 1 means Fit AP , Value 2 means Fat AP." DEFVAL { 1 } ::= { fsWLANsecurityMIBObjects 1} --*************************************************************************** --* fsWLANsecurityConfig Table --*************************************************************************** fsWLANsecurityConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FSWLANsecurityConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "FS Private WLAN security MIB" ::={ fsWLANsecurityMIBObjects 2 } fsWLANsecurityConfigEntry OBJECT-TYPE SYNTAX FSWLANsecurityConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An agent MAY process one or more WLAN security , which is identifed by fsApgWlanId. In other words, wlan ID is the index of this MIB table." INDEX { fsApgWlanId } ::={ fsWLANsecurityConfigTable 1 } FSWLANsecurityConfigEntry ::= SEQUENCE { fsWLANsecrymode INTEGER, fsstaticweplength INTEGER, fs8021xweplength INTEGER, fsWPAenabled TruthValue, fsWPAPairwisecipher INTEGER, fsWPAakmmode INTEGER, fsWPApskPassPhrase DisplayString, fsWLANsecry80211i TruthValue, fsWAPIasuIpaddress Unsigned32, fsWAPIcertificateformat INTEGER, fsWAPImsrekeyClientoff TruthValue, fsWAPIimportcertificate INTEGER, fsWAPIcacertificatename DisplayString, fsWAPIlocalcertificatename DisplayString, fsWAPIascertificatename DisplayString, fsRSNenabled TruthValue, fsRSNPairwisecipher INTEGER, fsRSNakmmode INTEGER, fsRSNpskPassPhrase DisplayString, fsWEPAuthenAlgorithm INTEGER, fsWLANsecurityStatus RowStatus, fsACauthenMethodsupport INTEGER, fsWLANEAPAuthenSupport INTEGER } fsWLANsecrymode OBJECT-TYPE SYNTAX INTEGER {open(1),staticwep(2), wep8021x(3),wpanone(4),wpapsk(5),wpa8021x(6),tsn(7) } MAX-ACCESS read-write STATUS current DESCRIPTION "This attribute present wlan security mode. Value 1 means open, Value 2 means static-wep,Value 3 means 802.1x-wep,Value 4 means WPA-PSK, Value 5 means WPA-802.1x,Value 6 means TSN(Hybrid)" ::= { fsWLANsecurityConfigEntry 1} fsstaticweplength OBJECT-TYPE SYNTAX INTEGER { wep40(1),wep104(2),wep128(3)} MAX-ACCESS read-write STATUS current DESCRIPTION "Static WEP key length,1 means WEP-40, 2 means WEP-104, 3 means WEP-128,default is 2." DEFVAL { 2 } ::= { fsWLANsecurityConfigEntry 2} fs8021xweplength OBJECT-TYPE SYNTAX INTEGER { wep40(1),wep104(2),wep128(3)} MAX-ACCESS read-write STATUS current DESCRIPTION "IEEE802.1x WEP key length,1 means WEP-40, 2 means WEP-104, 3 means WEP-128,default is 2." DEFVAL { 2 } ::= { fsWLANsecurityConfigEntry 3} fsWPAenabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Does this WLAN open WPA1 (it is not RSNA) support. " DEFVAL { false } ::= { fsWLANsecurityConfigEntry 4} fsWPAPairwisecipher OBJECT-TYPE SYNTAX INTEGER { tkip(1),aes(2), tkiporaes(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "WPA1 cipher mode default is TKIP(1)." DEFVAL { 1 } ::= { fsWLANsecurityConfigEntry 5} fsWPAakmmode OBJECT-TYPE SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "WPA1 AKM mode ,default is 802.1x." DEFVAL { 1 } ::= { fsWLANsecurityConfigEntry 6} fsWPApskPassPhrase OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "WPA1 PSK password ,it is write-only. Any try to read it return FAIL." ::= { fsWLANsecurityConfigEntry 7 } fsWLANsecry80211i OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "IEEE802.11i or WAPI security mode. true means IEEE802.11i, false means WAPI." DEFVAL { true} ::= { fsWLANsecurityConfigEntry 8 } fsWAPIasuIpaddress OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS read-write STATUS current DESCRIPTION "WAPI ASU IP address." ::= { fsWLANsecurityConfigEntry 9 } fsWAPIcertificateformat OBJECT-TYPE SYNTAX INTEGER { x509v3(1), wapigbw(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "WAPI certificate format ,1 means x509v3, 2 means WAPI-GBW. Now we only support x509v3." DEFVAL { 1 } ::= { fsWLANsecurityConfigEntry 10 } fsWAPImsrekeyClientoff OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "When one user off line, deos the WAPI sure update group keys, default is false." DEFVAL { false } ::= { fsWLANsecurityConfigEntry 11 } fsWAPIimportcertificate OBJECT-TYPE SYNTAX INTEGER { ca(1),local(2),as(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Import WAPI certificate,this is write-only." ::= { fsWLANsecurityConfigEntry 12 } fsWAPIcacertificatename OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "WAPI CA certificate file name, default is wapi_ca.cer." ::= { fsWLANsecurityConfigEntry 13 } fsWAPIlocalcertificatename OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "WAPI Local certificate file name, default is wapi_local.cer." ::= { fsWLANsecurityConfigEntry 14 } fsWAPIascertificatename OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "WAPI ASU certificate file name, default is wapi_as.cer." ::= { fsWLANsecurityConfigEntry 15 } fsRSNenabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "RSNA (WPA2) enable or disable" ::= { fsWLANsecurityConfigEntry 16 } fsRSNPairwisecipher OBJECT-TYPE SYNTAX INTEGER { tkip(1), aes(2), tkiporaes(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "WPA2 cipher mode." DEFVAL { 2 } ::= { fsWLANsecurityConfigEntry 17 } fsRSNakmmode OBJECT-TYPE SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "WPA2 authen key manage mode." DEFVAL { 1 } ::= { fsWLANsecurityConfigEntry 18 } fsRSNpskPassPhrase OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "WPA2 PSK password ,it is write-only. Any try to read it return FAIL." ::= { fsWLANsecurityConfigEntry 19 } fsWEPAuthenAlgorithm OBJECT-TYPE SYNTAX INTEGER { openSystem(1), sharedKey(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "authentication algorithms supported by the Authencator. The following are the values and the associated algorithm. Value = 1: Open System Value = 2: Shared Key" ::= { fsWLANsecurityConfigEntry 20 } fsWLANsecurityStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The status column used for creating and deleting instances of the columnar objects in the default WEP key Table." ::= { fsWLANsecurityConfigEntry 21 } fsACauthenMethodsupport OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "authentication method supported by the AC, including the EAP-SIM authentication, WEP authentication, EAP-MD5 authentication." ::= { fsWLANsecurityConfigEntry 22 } fsWLANEAPAuthenSupport OBJECT-TYPE SYNTAX INTEGER { enableEAPAuthentication(0), disableEAPAuthentication(1), notSupportingEAPAuthentication(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Whether the current ap or ac enables or diables the EAP authentication." ::= { fsWLANsecurityConfigEntry 23 } --******************************************************************** -- * dot11WEPDefaultKeys TABLE --******************************************************************** fsWEPDefaultKeysTable OBJECT-TYPE SYNTAX SEQUENCE OF FSWEPDefaultKeysEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Conceptual table for WEP default keys. " REFERENCE "IEEE Std 802.11-2007, 8.3.2" ::= { fsWLANsecurityMIBObjects 3 } fsWEPDefaultKeysEntry OBJECT-TYPE SYNTAX FSWEPDefaultKeysEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An Entry (conceptual row) in the WEP Default Keys Table." INDEX { fsApgWlanId, fsWEPDefaultKeyIndex } ::= { fsWEPDefaultKeysTable 1 } FSWEPDefaultKeysEntry ::= SEQUENCE { fsWEPDefaultKeyIndex INTEGER, fsWEPDefaultKeyValue OCTET STRING, fsWEPDefaultKeyLength INTEGER } fsWEPDefaultKeyIndex OBJECT-TYPE SYNTAX INTEGER (1..4) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The auxiliary variable used to identify instances of the columnar objects in the WEP Default Keys Table. The value of this variable is equal to the WEPDefaultKeyID + 1" ::= { fsWEPDefaultKeysEntry 1 } fsWEPDefaultKeyValue OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "A WEP default secret key value." ::= { fsWEPDefaultKeysEntry 2 } fsWEPDefaultKeyLength OBJECT-TYPE SYNTAX INTEGER { wep40(1),wep104(2),wep128(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "A WEP default secret key length." ::= { fsWEPDefaultKeysEntry 3 } --******************************************************************** -- * End of dot11WEPDefaultKeys TABLE --******************************************************************** --******************************************************************** --* Compliance statements --******************************************************************** fsWlansecurityMIBConform OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 2 } fsWlansecurityMIBCompliances OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 1 } fsWlansecurityMIBGroups OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 2 } fsWlansecurityMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the wlan security module of FS Ac device Manager" MODULE MANDATORY-GROUPS { fsWlansecuritycofigGroup, fsWEPDefaultKeysGroup, fsWlansecurityTrapGroup } ::= { fsWlansecurityMIBCompliances 1 } --******************************************************************** --* Units of conformance --******************************************************************** fsWlansecuritycofigGroup OBJECT-GROUP OBJECTS { fsAPworkmode, fsWLANsecrymode , fsstaticweplength, fs8021xweplength, fsWPAenabled, fsWPAPairwisecipher, fsWPAakmmode, fsWPApskPassPhrase, fsWLANsecry80211i, fsWAPIasuIpaddress, fsWAPIcertificateformat, fsWAPImsrekeyClientoff, fsWAPIimportcertificate, fsWAPIcacertificatename, fsWAPIlocalcertificatename, fsWAPIascertificatename, fsRSNenabled, fsRSNPairwisecipher, fsRSNakmmode, fsRSNpskPassPhrase, fsWEPAuthenAlgorithm, fsWLANsecurityStatus, fsACauthenMethodsupport, fsWLANEAPAuthenSupport, fsWlansecurityWepDecrytEnableTrapVar, fsWlansecurityDeviceMAC } STATUS current DESCRIPTION "This collection of objects represents the WLAN security private MIB " ::= { fsWlansecurityMIBGroups 1 } fsWEPDefaultKeysGroup OBJECT-GROUP OBJECTS { fsWEPDefaultKeyValue, fsWEPDefaultKeyLength } STATUS current DESCRIPTION "This collection of objects represents the WLAN WEP default keys." ::= { fsWlansecurityMIBGroups 2 } fsWlansecurityTrapGroup NOTIFICATION-GROUP NOTIFICATIONS { fsWlansecurityWepDecrytErr } STATUS current DESCRIPTION "This collection of objects represents the wlan wep traps private MIB " ::= { fsWlansecurityMIBGroups 3 } --*********************************************************** --* variable of trap --*********************************************************** fsWlansecurityTrapvar OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 3 } fsWlansecurityWepDecrytEnableTrapVar OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Tell the host whether need to send the trap." ::= { fsWlansecurityTrapvar 1 } fsWlansecurityDeviceMAC OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-write STATUS current DESCRIPTION "MAC address of the device." ::= { fsWlansecurityTrapvar 2 } --*********************************************************** --* wep decryt error trap --*********************************************************** fsWLANsecurityTraps OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 0 } fsWlansecurityWepDecrytErr NOTIFICATION-TYPE OBJECTS { fsApgWlanId, fsWlansecurityDeviceMAC } STATUS current DESCRIPTION "The information of an event of a wep decrytion error." ::= { fsWLANsecurityTraps 1 } END