-- ===================================================================================== -- Copyright (C) 2011 by HUAWEI TECHNOLOGIES. All rights reserved. -- Description: The MIB module defines the IEEE802.1x protocol MIB objects. -- IEEE802.1x protocol is mainly used to control the link layer access -- and identity verification for wireless users. -- Reference: -- Version: V3.18 -- ===================================================================================== HUAWEI-8021x-EXT-MIB DEFINITIONS ::= BEGIN IMPORTS huaweiMgmt FROM HUAWEI-MIB dot1xPaePortNumber FROM IEEE8021-PAE-MIB Unsigned32, Integer32, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI DisplayString, RowStatus,MacAddress FROM SNMPv2-TC; hwPae8021xExt MODULE-IDENTITY LAST-UPDATED "201105090000Z" ORGANIZATION "Huawei Technologies Co.,Ltd." CONTACT-INFO "Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com Email: support@huawei.com " DESCRIPTION "The MIB module defines the IEEE802.1x protocol MIB objects. IEEE802.1x protocol is mainly used to control the link layer access and identity verification for wireless users." -- Revision history REVISION "201105090000Z" DESCRIPTION "V3.18, modified the range of hwDot1xTemplateIndex and hwDot1xPortFramePool." REVISION "201011200000Z" DESCRIPTION "V3.17, modified the descriptions of this MIB file and leaves." REVISION "201007290000Z" DESCRIPTION "V3.16, added hwDot1xMacConflictDetectStatus and format to the MIB file." REVISION "201007220000Z" DESCRIPTION "V3.15, modified the descriptions of this MIB file and leaves." REVISION "201003160000Z" DESCRIPTION "V3.14, modified the version of this MIB file." REVISION "200912281030Z" DESCRIPTION "V3.11, modified datatype such as INTEGER to Integer32. Moved DEFVAL into DESCRIPTION. Modified the default values of dot1xAuthSuppTimeout and hwDot1xHandshakeCount and added the descriptions of hwDot1xTemplateConfigEntry,hwDot1xPortConfigExtEntry and hwDot1xPortAuthStatsExtEntry " REVISION "200905210000Z" DESCRIPTION "V3.09, changed 'anthenrization' to 'authentication' and 'infomation' to 'information'." REVISION "200211290900Z" DESCRIPTION "V2.00, reunification version based on the Fix-Net MIBs baseline by the MIB Standard community." ::= { huaweiMgmt 22 } hwpaeExtMibObjects OBJECT IDENTIFIER ::= { hwPae8021xExt 1 } hwdot1xPaeSystem OBJECT IDENTIFIER ::= { hwpaeExtMibObjects 1 } hwdot1xAuthQuietPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Silence period of the system, preventing malicious attack. By default, it is 60 seconds. DEFVAL { 60 } " REFERENCE " 9.4.1, quietPeriod" ::= { hwdot1xPaeSystem 1 } hwdot1xAuthTxPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Interval period of sending EAP_Request/Id packet. By default,30 seconds.DEFVAL { 30 } " REFERENCE " 9.4.1, txPeriod " ::= { hwdot1xPaeSystem 2 } hwdot1xAuthSuppTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Interval period of waiting for the supplicant to response to EAPoL packet.DEFVAL { 30 } " REFERENCE " 9.4.1, suppTimeout " ::= { hwdot1xPaeSystem 3 } hwdot1xAuthServerTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Configure the period of waiting for the response of Server. By default, it is 30 seconds.DEFVAL { 30 } " REFERENCE " 9.4.1, serverTimeout " ::= { hwdot1xPaeSystem 4 } hwdot1xAuthMaxReq OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Maximum times of authentication.DEFVAL { 2 }" REFERENCE " 9.4.1, maxReq " ::= { hwdot1xPaeSystem 5 } hwdot1xAuthReAuthPeriod OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Configure the reauthentication period. By default, it is 3600 seconds.DEFVAL { 3600 }. " REFERENCE " 9.4.1, reAuthPeriod " ::= { hwdot1xPaeSystem 6 } hwdot1xPaeAuthenticator OBJECT IDENTIFIER ::= { hwpaeExtMibObjects 2 } hwdot1xAuthConfigExtTable OBJECT-TYPE SYNTAX SEQUENCE OF Hwdot1xAuthConfigExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension of the public MIB table dot1xAuthConfigTable, with certain leaves added for describing the configuration of the object of the port authenticator. The index of this table is dot1xPaePortNumber. " REFERENCE " 9.4.1 Authenticator Configuration " ::= { hwdot1xPaeAuthenticator 1 } hwdot1xAuthConfigExtEntry OBJECT-TYPE SYNTAX Hwdot1xAuthConfigExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension of the public MIB table dot1xAuthConfigTable, with certain leaves added for describing the configuration of the object of the port authenticator. The index of this entry is dot1xPaePortNumber. " INDEX { dot1xPaePortNumber } ::= { hwdot1xAuthConfigExtTable 1 } Hwdot1xAuthConfigExtEntry ::= SEQUENCE { hwdot1xpaeportAuthAdminStatus INTEGER, hwdot1xpaeportControlledType INTEGER, hwdot1xpaeportMaxUserNum Integer32, hwdot1xpaeportUserNumNow Integer32, hwdot1xpaeportClearStatistics INTEGER, hwDot1xAuthHandshakeSwitch INTEGER, hwDot1xAuthHandshakeCount Integer32, hwDot1xAuthHandshakeInterval Integer32, hwDot1xAuthIfEAPEnd INTEGER } hwdot1xpaeportAuthAdminStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates he switch of port protocol, enabling or disenabling port 8021X. Options: 1. enabled(1) -indicates port 8021X is enabled 2. disabled(2) -indicates port 8021X is disabled " DEFVAL { 2 } ::= { hwdot1xAuthConfigExtEntry 1 } hwdot1xpaeportControlledType OBJECT-TYPE SYNTAX INTEGER { port(1), mac(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Port Access Control type, base port access control or base MAC access control. Options: 1. port(1) -base port access control 2. mac(2) -base MAC access control " DEFVAL { 2 } ::= { hwdot1xAuthConfigExtEntry 2 } hwdot1xpaeportMaxUserNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the maximum number of online users in a port. " DEFVAL { 256 } ::= { hwdot1xAuthConfigExtEntry 3 } hwdot1xpaeportUserNumNow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the number of online users in a port now. " ::= { hwdot1xAuthConfigExtEntry 4 } hwdot1xpaeportClearStatistics OBJECT-TYPE SYNTAX INTEGER { clear(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates clear various Statistics viz. Options: 1. clear(1) -indicates clearing various statistics viz " ::= { hwdot1xAuthConfigExtEntry 5 } hwDot1xAuthHandshakeSwitch OBJECT-TYPE SYNTAX INTEGER {open(1),close(0)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the status of the handshake function. Options: 1. open(1) -indicates the handshake function is enabled 2. close(0) -indicates the handshake function is disabled Default: close(0) " DEFVAL { 0 } ::= { hwdot1xAuthConfigExtEntry 6 } hwDot1xAuthHandshakeCount OBJECT-TYPE SYNTAX Integer32 (0..10) MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the permitted handshake failures. Range: 0-10 The value 0 is meaningless in current version. Default: 3 " DEFVAL { 0 } ::= { hwdot1xAuthConfigExtEntry 7 } hwDot1xAuthHandshakeInterval OBJECT-TYPE SYNTAX Integer32 (1..1800) MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the handshake interval. Unit: second Range: 1-1800 Default: 15s " DEFVAL { 20 } ::= { hwdot1xAuthConfigExtEntry 8 } hwDot1xAuthIfEAPEnd OBJECT-TYPE SYNTAX INTEGER{eapEnd(1),eapRelay(2)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates which EAP authentication mode is adopted for port or virtual port. In the 802.1x function, the authentication packet can be processed in two modes: EAP end and EAP relay. Options: 1. eapEnd(1) -indicates the EAP authentication mode is eapEnd 2. eapRelay(2) -indicates the EAP authentication mode is eapRelay Default: eapReplay(2) " DEFVAL {2} ::= { hwdot1xAuthConfigExtEntry 9 } hwDot1xMibObjects OBJECT IDENTIFIER ::= { hwpaeExtMibObjects 3 } hwDHCPTripperStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The device processes the DHCP DISCOVER and DHCP REQUEST packets only after the DHCP-trigger authentication function is enabled. Otherwise, the device does not process the DHCP DISCOVER or DHCP REQUEST packet. After the DHCP-trigger authentication function is enabled, the device triggers the authentication when receiving the DHCP DISCOVER and DHCP REQUEST packets. Indicates the status of the DHCP-trigger authentication function of the device. Options: 1. enabled(1) -indicates the DHCP-trigger authentication function is enabled 2. disabled(2) -indicates the DHCP-trigger authentication function is disabled Default: disable(2) " ::= { hwDot1xMibObjects 1 } hwDot1xTemplateConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDot1xTemplateConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is used to configure the profile used to control the user authentication through 802.1x. Profile 1 exists permanently, and it cannot be created or deleted. Other profiles can be created or deleted. The index of this table is hwDot1xTemplateIndex. This table supports only the profile mode. To create a profile, set hwDot1xTempRowStatus to createAndGo(4). The index is the ID of the profile to be created. To delete a profile, set hwDot1xTempRowStatus to destroy(6). The index is the ID of the profile to be deleted. " ::= { hwDot1xMibObjects 2 } hwDot1xTemplateConfigEntry OBJECT-TYPE SYNTAX HwDot1xTemplateConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is used to configure the profile used to control the user authentication through 802.1x. Profile 1 exists permanently, and it cannot be created or deleted. Other profiles can be created or deleted. The index of this entry is hwDot1xTemplateIndex. This table supports only the profile mode. To create a profile, set hwDot1xTempRowStatus to createAndGo(4). The index is the ID of the profile to be created. To delete a profile, set hwDot1xTempRowStatus to destroy(6). The index is the ID of the profile to be deleted. " INDEX { hwDot1xTemplateIndex } ::= { hwDot1xTemplateConfigTable 1 } HwDot1xTemplateConfigEntry ::= SEQUENCE { hwDot1xTemplateIndex Integer32, hwDot1xHandshakeSwitch INTEGER, hwDot1xHandshakeCount Integer32, hwDot1xHandshakeInterval Integer32, hwDot1xIfEAPEnd INTEGER, hwDot1xTempIfUsed INTEGER, hwDot1xTempRowStatus RowStatus } hwDot1xTemplateIndex OBJECT-TYPE SYNTAX Integer32(0..256) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the profile ID. Range: 1-256 " ::= { hwDot1xTemplateConfigEntry 1 } hwDot1xHandshakeSwitch OBJECT-TYPE SYNTAX INTEGER {open(1),close(0)} MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the status of the handshake function. Options: 1. open(1) -indicates the handshake function is enabled 2. close(0) -indicates the handshake function is disabled Default: close(0) " ::= { hwDot1xTemplateConfigEntry 2 } hwDot1xHandshakeCount OBJECT-TYPE SYNTAX Integer32 (0..10) MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the permitted handshake failures. Range: 0-10 Default: 0 " DEFVAL { 0 } ::= { hwDot1xTemplateConfigEntry 3 } hwDot1xHandshakeInterval OBJECT-TYPE SYNTAX Integer32 (1..1800) MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the handshake interval. Unit: second Range: 1-1800 Default: 15s " DEFVAL { 20 } ::= { hwDot1xTemplateConfigEntry 4 } hwDot1xIfEAPEnd OBJECT-TYPE SYNTAX INTEGER{eapEnd(1),eapRelay(2)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates which EAP authentication mode is adopted for the specified 802.1x profile. In the 802.1x function, the authentication packet can be processed in two modes: EAP end and EAP relay. Options: 1. eapEnd(1) -indicates the EAP end authentication mode. If local user authenticates on DSLAM directly, it does not need to communicate with the remote RADIUS server. If the user is not local user, it must be authenticated on the remote RADIUS server. 2. eapRelay(2) -the user must be authenticated on the remote RADIUS server Default: eapReplay(2) " DEFVAL {2} ::= { hwDot1xTemplateConfigEntry 5 } hwDot1xTempIfUsed OBJECT-TYPE SYNTAX INTEGER {used(1),unused(0)} MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether the profile is used. When a profile is not used, the profile can be deleted. Options: 1. used(1) -indicates the profile is used 2. unused(0) -indicates the profile is not used Default: unused(0) " ::= {hwDot1xTemplateConfigEntry 6 } hwDot1xTempRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates the operation type of the table. Options: 1. active(1) -indicates query operation 2. createAndGo(4) -indicates creating a profile 3. destroy(6) -indicates deleting a profile " ::= {hwDot1xTemplateConfigEntry 7 } hwDot1xPortConfigExtTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDot1xPortConfigExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension table of dot1xPaePortTable and is used for describing the authorization mode and authentication status of the port. The index of this table is dot1xPaePortNumber (defined in dot1xPaePortTable). This version supports authentication based on the port or service port; therefore, dot1xPaePortNumber indicates the ID of a port or service port. When the input value exceeds the maximum ID of the service port, dot1xPaePortNumber is treated as ifIndex. The range of the service port IDs depends on the version. This table supports the creation of the port table. After the port table is created, the 802.1x authentication is bound to the port. The create operation is as follows: Specify the ID of the port to which the 802.1x authentication needs to be bound. Set hwDot1xPortRowStatus to createAndGo(4), and issue the set operation. Optionally specify hwDot1xPortMacControl. However, if the ID of the port is the ID of the service port, hwDot1xPortMacControl cannot be specified. hwDot1xPortMacControl cannot be issued independently, and it must be issued together with hwDot1xPortRowStatus during the create operation. " ::= { hwDot1xMibObjects 3 } hwDot1xPortConfigExtEntry OBJECT-TYPE SYNTAX HwDot1xPortConfigExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension table of dot1xPaePortTable and is used for describing the authorization mode and authentication status of the port. The index of this entry is dot1xPaePortNumber (defined in dot1xPaePortTable). This version supports authentication based on the port or service port; therefore, dot1xPaePortNumber indicates the ID of a port or service port. When the input value exceeds the maximum ID of the service port, dot1xPaePortNumber is treated as ifIndex. The range of the service port IDs depends on the version. This table supports the creation of the port table. After the port table is created, the 802.1x authentication is bound to the port. The create operation is as follows: Specify the ID of the port to which the 802.1x authentication needs to be bound. Set hwDot1xPortRowStatus to createAndGo(4), and issue the set operation. Optionally specify hwDot1xPortMacControl. However, if the ID of the port is the ID of the service port, hwDot1xPortMacControl cannot be specified. hwDot1xPortMacControl cannot be issued independently, and it must be issued together with hwDot1xPortRowStatus during the create operation. " INDEX { dot1xPaePortNumber } ::= { hwDot1xPortConfigExtTable 1 } HwDot1xPortConfigExtEntry ::= SEQUENCE { hwDot1xPortControlType INTEGER, hwDot1xPortBindFlag INTEGER, hwDot1xPortAuthMode INTEGER, hwDot1xPortAuthState INTEGER, hwDot1xPortUserName OCTET STRING, hwDot1xPortFramePool DisplayString, hwDot1xPortRowStatus RowStatus, hwDot1xPortMacControl INTEGER } hwDot1xPortControlType OBJECT-TYPE SYNTAX INTEGER{physicalPort(1),servicePort(2)} MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the control type of the port. The port can be controlled in the following two ways: physical port control and service port control. Options: 1. physicalPort(1) -physical port control 2. servicePort(2) -service port control " ::= { hwDot1xPortConfigExtEntry 1 } hwDot1xPortBindFlag OBJECT-TYPE SYNTAX INTEGER{binding(1)} MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates that the 802.1x authentication is bound to the port. Options: 1. binding(1) -indicates the 802.1x authentication is bound to the port " ::= { hwDot1xPortConfigExtEntry 2 } hwDot1xPortAuthMode OBJECT-TYPE SYNTAX INTEGER{forceUnauthorized(1),auto(2),forceAuthorized(3)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the control parameters of the controlled port. A port has three authorization control modes: force-authorized mode, force-unauthorized mode, and auto mode. According to different networks, different port control modes can be selected. By default, a port is in the unauthorized state, and users connected to the port cannot access network resources. If the authentication passes, the port state switches to the authorized state and users can access the network resources. Options: 1. forceUnauthorized(1) -indicates force-authorized mode 2. auto(2) -auto mode 3. forceAuthorized(3) -indicates force-unauthorized mode Default: auto(2) " DEFVAL { 2 } ::= { hwDot1xPortConfigExtEntry 3 } hwDot1xPortAuthState OBJECT-TYPE SYNTAX INTEGER {auth(1),unAuth(2)} MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the port authentication status. Options: 1. auth(1) -indicates the port is authenticated 2. unAuth(2) -indicates the port is not authenticated Default: unauth(2) " ::= { hwDot1xPortConfigExtEntry 4 } hwDot1xPortUserName OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the user name bound to the port. " ::= { hwDot1xPortConfigExtEntry 5 } hwDot1xPortFramePool OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the address pool of the port binding. " ::= { hwDot1xPortConfigExtEntry 6 } hwDot1xPortRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates the operation type of the port table: binding the port to the 802.1x authentication, and unbinding the port from the 802.1x authentication. Options: 1. active(1) -indicates query operation 2. createAndGo(4) -indicates binding a port to the 802.1x authentication 3. destroy(6) -indicates unbinding a port from the 802.1x authentication " ::= { hwDot1xPortConfigExtEntry 7} hwDot1xPortMacControl OBJECT-TYPE SYNTAX INTEGER{enable(1),disable(2)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates whether to enable the MAC-based control function. This leaf can be issued with parameters during the create operation. This function supports port-based rather than service-port-based configuration. When hwDot1xPortMacControl is set to enable(1), only the packets whose source MAC address is the MAC address of the authorized user can reach the network side. This leaf does not support the modify operation. Options: 1. enable(1) -indicates the MAC-based control function is enabled 2. disable(2) -indicates the MAC-based control function is disabled Default: disable(2) " ::= { hwDot1xPortConfigExtEntry 8} hwDot1xPortAuthStatsExtTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDot1xPortAuthStatsExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension of the public MIB table dot1xAuthStatsEntry, with certain leaves added for describing the packet statistics of the port. The index of this table is dot1xPaePortNumber (defined in dot1xPaePortTable). The following tables list the leaves of this table. Only hwDot1xPortClearStatistics in this table supports the modify operation. The modification process is as follows: Specify the ID of the port to be modified. Set hwDot1xPortClearStatistics to the required value. The option is clear(1). Therefore, directly perform the set operation. " ::= { hwDot1xMibObjects 4 } hwDot1xPortAuthStatsExtEntry OBJECT-TYPE SYNTAX HwDot1xPortAuthStatsExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "It is an extension of the public MIB table dot1xAuthStatsEntry, with certain leaves added for describing the packet statistics of the port. The index of this entry is dot1xPaePortNumber (defined in dot1xPaePortTable). The following tables list the leaves of this table. Only hwDot1xPortClearStatistics in this table supports the modify operation. The modification process is as follows: Specify the ID of the port to be modified. Set hwDot1xPortClearStatistics to the required value. The option is clear(1). Therefore, directly perform the set operation. " INDEX { dot1xPaePortNumber } ::= { hwDot1xPortAuthStatsExtTable 1 } HwDot1xPortAuthStatsExtEntry ::= SEQUENCE { hwDot1xAuthSuccessTimes Integer32, hwDot1xAuthFailureTimes Integer32, hwDot1xEapolFailurePacketsTx Integer32, hwDot1xEapolSuccessPacketsTx Integer32, hwDot1xNoSupportPacketsRx Integer32, hwDot1xPortClearStatistics INTEGER } hwDot1xAuthSuccessTimes OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of authentication successes. " ::= { hwDot1xPortAuthStatsExtEntry 1} hwDot1xAuthFailureTimes OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of authentication failures. " ::= { hwDot1xPortAuthStatsExtEntry 2} hwDot1xEapolFailurePacketsTx OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of the transmitted Eapol-Failure packets. " ::= { hwDot1xPortAuthStatsExtEntry 3} hwDot1xEapolSuccessPacketsTx OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of the transmitted Eapol-Success packets. " ::= { hwDot1xPortAuthStatsExtEntry 4} hwDot1xNoSupportPacketsRx OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of the unsupported EAPoL packets that are received. " ::= { hwDot1xPortAuthStatsExtEntry 5} hwDot1xPortClearStatistics OBJECT-TYPE SYNTAX INTEGER {clear(1)} MAX-ACCESS read-write STATUS current DESCRIPTION "Clears the port statistics. Options: 1. clear(1) -indicates clearing the port statistics " ::= { hwDot1xPortAuthStatsExtEntry 6} hwDot1xAutoDetect OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the status of the auto-detect function of the device. After the 802.1x auto-detect function is enabled, the system automatically detects the port status and requests the user authentication. Options: 1. enabled(1) -indicates the auto-detect function of the device is enabled 2. disabled(2) -indicates the auto-detect function of the device is disabled Default: disable(2) " ::= { hwDot1xMibObjects 5 } hwDot1xIntermittentBlinkingProtection OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the intermittent blinking protection function, which is used to reduce the duration of service interruption caused by port intermittent blinking. After the intermittent blinking protection function is enabled, the system does not force the 802.1x user to go offline when the port is down. In this case, if the handshake function is already enabled, the system detects the user by using the handshake mechanism; if the handshake function is disabled, the system waits for the duration of keepalive interval x number of handshake failures, and then forces the user to go offline if the port is still down. After the intermittent blinking protection function is enabled, the count of user online duration may be incorrect. Therefore, this function is applicable to the provisioning of services with the monthly flat rate rather than in the duration-based charging mode. Indicates the status of the intermittent blinking protection function of the device. Options: 1. enabled(1) -indicates the intermittent blinking protection function is enabled 2. disabled(2) -indicates the intermittent blinking protection function is disabled Default: disable(2) " ::= { hwDot1xMibObjects 6 } hwDot1xGlobalMacControlStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Whether the global mac control is enabled in the device. Enable indicate that global mac control enable in the device; Disabled indicate that global mac control disable in the device. DEFVAL { 2 } Options: 1. enabled(1) -indicates the global mac control is enabled 2. disabled(2) -indicates the global mac control is disabled " ::= { hwDot1xMibObjects 7 } hwDot1xMacPortInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDot1xMacPortInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the port information of 802.1x, The index of this table is mac address. " ::= { hwDot1xMibObjects 8 } hwDot1xMacPortInfoEntry OBJECT-TYPE SYNTAX HwDot1xMacPortInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the port information of 802.1x, The index of this entry is mac address. " INDEX { hwDot1xMacPortInfoMacAddress } ::= { hwDot1xMacPortInfoTable 1 } HwDot1xMacPortInfoEntry ::= SEQUENCE { hwDot1xMacPortInfoMacAddress MacAddress, hwDot1xMacPortInfoAuthState Unsigned32, hwDot1xMacPortInfoAuthType Unsigned32 } hwDot1xMacPortInfoMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mac address. " ::= { hwDot1xMacPortInfoEntry 1 } hwDot1xMacPortInfoAuthState OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Authentication state. " ::= { hwDot1xMacPortInfoEntry 2 } hwDot1xMacPortInfoAuthType OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Authentication Type. " ::= { hwDot1xMacPortInfoEntry 3 } hwDot1xMacPortStatTable OBJECT-TYPE SYNTAX SEQUENCE OF HwDot1xMacPortStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the port statistics of 802.1x, The index of this table is mac address. " ::= { hwDot1xMibObjects 9 } hwDot1xMacPortStatEntry OBJECT-TYPE SYNTAX HwDot1xMacPortStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the port statistics of 802.1x, The index of this entry is mac address. " INDEX { hwDot1xMacPortInfoMacAddress } ::= { hwDot1xMacPortStatTable 1 } HwDot1xMacPortStatEntry ::= SEQUENCE { hwDot1xMacPortStatAuthSuccessTimes Unsigned32, hwDot1xMacPortStatAuthFailureTimes Unsigned32, hwDot1xMacPortStatEapolFailurePacketsTx Unsigned32, hwDot1xMacPortStatEapolSuccessPacketsTx Unsigned32, hwDot1xMacPortStatNoSupportPacketsRx Unsigned32, hwDot1xMacPortStatClearStatistics INTEGER, hwDot1xMacPortStatAuthEapolFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolFramesTx Unsigned32, hwDot1xMacPortStatAuthEapolStartFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolLogoffFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolRespIdFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolRespFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolReqIdFramesTx Unsigned32, hwDot1xMacPortStatAuthEapolReqFramesTx Unsigned32, hwDot1xMacPortStatAuthInvalidEapolFramesRx Unsigned32, hwDot1xMacPortStatAuthEapLengthErrorFramesRx Unsigned32, hwDot1xMacPortStatAuthLastEapolFrameVersion Unsigned32, hwDot1xMacPortStatAuthEapolKeyFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolKeyFramesTx Unsigned32, hwDot1xMacPortStatAuthEapolPeapFramesRx Unsigned32, hwDot1xMacPortStatAuthEapolPeapFramesTx Unsigned32 } hwDot1xMacPortStatAuthSuccessTimes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Authentication success times " ::= { hwDot1xMacPortStatEntry 1} hwDot1xMacPortStatAuthFailureTimes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Authentication Failure times " ::= { hwDot1xMacPortStatEntry 2} hwDot1xMacPortStatEapolFailurePacketsTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The numbers of the Eapol-Failure Packets which has been send by the port " ::= { hwDot1xMacPortStatEntry 3} hwDot1xMacPortStatEapolSuccessPacketsTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The numbers of the Eapol-Success Packets which has been send by the port " ::= { hwDot1xMacPortStatEntry 4} hwDot1xMacPortStatNoSupportPacketsRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The numbers of the Eapol packets which are not supported have been received in this port " ::= { hwDot1xMacPortStatEntry 5} hwDot1xMacPortStatClearStatistics OBJECT-TYPE SYNTAX INTEGER {clear(1)} MAX-ACCESS read-write STATUS current DESCRIPTION "Clear the information of the packets statistics in this port Options: 1. clear(1) -indicates clearing the information of the packets statistics in this port " ::= { hwDot1xMacPortStatEntry 6} hwDot1xMacPortStatAuthEapolFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of valid EAPOL frames of any type that has been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 7 } hwDot1xMacPortStatAuthEapolFramesTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames of any type that has been transmitted by this Authenticator. " ::= { hwDot1xMacPortStatEntry 8 } hwDot1xMacPortStatAuthEapolStartFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL Start frames that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 9 } hwDot1xMacPortStatAuthEapolLogoffFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL Logoff frames that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 10 } hwDot1xMacPortStatAuthEapolRespIdFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Resp/Id frames that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 11 } hwDot1xMacPortStatAuthEapolRespFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of valid EAP Response frames (other than Resp/Id frames) that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 12 } hwDot1xMacPortStatAuthEapolReqIdFramesTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Req/Id frames that have been transmitted by this Authenticator. " ::= { hwDot1xMacPortStatEntry 13 } hwDot1xMacPortStatAuthEapolReqFramesTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAP Request frames (other than Rq/Id frames) that have been transmitted by this Authenticator. " ::= { hwDot1xMacPortStatEntry 14 } hwDot1xMacPortStatAuthInvalidEapolFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized. " ::= { hwDot1xMacPortStatEntry 15 } hwDot1xMacPortStatAuthEapLengthErrorFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL frames that have been received by this Authenticator in which the Packet Body Length field is invalid. " ::= { hwDot1xMacPortStatEntry 16 } hwDot1xMacPortStatAuthLastEapolFrameVersion OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol version number carried in the most recently received EAPOL frame. " ::= { hwDot1xMacPortStatEntry 17 } hwDot1xMacPortStatAuthEapolKeyFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL key frames that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 18 } hwDot1xMacPortStatAuthEapolKeyFramesTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL key frames that have been sent by this Authenticator. " ::= { hwDot1xMacPortStatEntry 19 } hwDot1xMacPortStatAuthEapolPeapFramesRx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL peap frames that have been received by this Authenticator. " ::= { hwDot1xMacPortStatEntry 20 } hwDot1xMacPortStatAuthEapolPeapFramesTx OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of EAPOL peap frames that have been sent by this Authenticator. " ::= { hwDot1xMacPortStatEntry 21 } hwDot1xMacConflictDetectStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the status of the mac-conflict-detect function of the device. After the 802.1x mac-conflict-detect function is enabled, the system detects the mac conflicts. Options: 1. enabled(1) -indicates the mac-conflict-detect of the device is enabled 2. disabled(2) -indicates the mac-conflict-detect of the device is disabled Default: disable(2) " ::= { hwDot1xMibObjects 10 } END