-- **************************************************************************** -- **************************************************************************** -- Copyright(c) 2004 Mediatrix Telecom, Inc. -- NOTICE: -- This document contains information that is confidential and proprietary -- to Mediatrix Telecom, Inc. -- Mediatrix Telecom, Inc. reserves all rights to this document as well as -- to the Intellectual Property of the document and the technology and -- know-how that it includes and represents. -- This publication cannot be reproduced, neither in whole nor in part in -- any form whatsoever without written prior approval by -- Mediatrix Telecom, Inc. -- Mediatrix Telecom, Inc. reserves the right to revise this publication -- and make changes at any time and without the obligation to notify any -- person and/or entity of such revisions and/or changes. -- **************************************************************************** -- **************************************************************************** MX-CONF-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Integer32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF MxEnableState, MxActivationState, MxIpHostName, MxIpAddress, MxIpPort, MxAdvancedIpPort, MxIpSubnetMask, MxDigitMap FROM MX-TC MxUInt64, MxFloat32, MxIpHostNamePort, MxIpAddr, MxIpAddrPort, MxIpAddrMask, MxUri, MxUrl FROM MX-TC2 mediatrixServices FROM MX-SMI2; confMIB MODULE-IDENTITY LAST-UPDATED "1910210000Z" ORGANIZATION " Mediatrix Telecom, Inc. " CONTACT-INFO " Mediatrix Telecom, Inc. 4229, Garlock Street Sherbrooke (Quebec) Canada Phone: (819) 829-8749 " DESCRIPTION " Configuration Manager The Configuration Manager (Conf) service allows executing configuration scripts as well as performing backup/restore of the unit's configuration. " ::= { mediatrixServices 800 } confMIBObjects OBJECT IDENTIFIER ::= { confMIB 1 } -- **************************************************************************** -- Group:Configuration Scripts -- **************************************************************************** scriptsGroup OBJECT IDENTIFIER ::= { confMIBObjects 100 } -- Scalar:Generic Configuration Script Filename scriptGenericFileName OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..254) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Generic Configuration Script Filename Name of the generic configuration script to run. Using a generic configuration script but no specific configuration script or vice-versa is allowed. Using both generic and specific configuration scripts is also allowed. This field may contain some macros that are substituted by the actual value at the moment of fetching the configuration script. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { scriptsGroup 100 } -- Scalar:Specific Configuration Script Filename scriptSpecificFileName OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..254) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Specific Configuration Script Filename Name of the specific configuration script to run. Using a specific configuration script but no generic configuration script or vice-versa is allowed. Using both generic and specific configuration scripts is also allowed. When using a specific configuration script and a generic configuration script, commands from the specific configuration script override commands from the generic configuration script. This field may contain some macros that are substituted by the actual value at the moment of fetching the configuration script. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { scriptsGroup 200 } -- Scalar:Location (Path) scriptsLocation OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Location (Path) Path to the location of the configuration files. The path is relative to the root of the configuration scripts server referenced by the parameter ScriptsTransfer/ ScriptsTransferSrvHostname. Use '/' to separate subdirectories. This field may contain some macros that are substituted by the actual value at the moment of fetching the configuration script. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { scriptsGroup 300 } -- *************************************************************************** -- Group:Configuration Scripts Transfer -- *************************************************************************** scriptsTransferGroup OBJECT IDENTIFIER ::= { scriptsGroup 400 } -- Scalar:Transfer Protocol scriptsTransferProtocol OBJECT-TYPE SYNTAX INTEGER { http(100) , https(200) , tftp(300) , ftp(400) , file (500) } MAX-ACCESS read-write STATUS current DESCRIPTION " Transfer Protocol Protocol used to transfer the configuration script files. * HTTP: Hypertext Transfer Protocol. * HTTPS: Hypertext Transfer Protocol over Transport Layer Security. * TFTP: Trivial File Transfer Protocol. * FTP: File Transfer Protocol. * File: Complete path to a configuration script in an onboard storage. " DEFVAL { https } ::= { scriptsTransferGroup 100 } -- Scalar:User Name scriptsTransferUsername OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " User Name User name used to transfer the configuration script, if the protocol selected by the parameter ScriptsTransferProtocol requires it. " DEFVAL { "" } ::= { scriptsTransferGroup 200 } -- Scalar:Password scriptsTransferPassword OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Password Password used to transfer the configuration script, if the protocol selected by the parameter ScriptsTransferProtocol requires it. " DEFVAL { "" } ::= { scriptsTransferGroup 300 } -- Scalar:Server Hostname and port scriptsTransferSrvHostname OBJECT-TYPE SYNTAX MxIpHostNamePort MAX-ACCESS read-write STATUS current DESCRIPTION " Server Hostname and port Configuration scripts server hostname and port. Use the special port value zero to indicate the protocol default. " DEFVAL { "0.0.0.0:0" } ::= { scriptsTransferGroup 400 } -- Scalar:Level of security for HTTPS certificate validation. scriptsTransferCertificateValidation OBJECT-TYPE SYNTAX INTEGER { noValidation(100) , hostName(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Level of security for HTTPS certificate validation. When downloading a script from an HTTPS server, this parameter defines the level of security to use when validating the server's certificate. * NoValidation: Allow a connection to the server without validating its certificate. The only condition is to receive a certificate from the server. This option provides partial security and should be selected with care. * HostName: Allow a connection to the server by validating its certificate is trusted and valid. The validations performed on the certificate include the expiration date and that the Subject Alternate Name (SAN) or Common Name (CN) matches the FQDN or IP address of the server. " DEFVAL { hostName } ::= { scriptsTransferGroup 500 } -- Scalar:Certificate Trust Level for HTTPS connections scriptsTransferCertificateTrustLevel OBJECT-TYPE SYNTAX INTEGER { locallyTrusted(100) , ocspOptional(200) , ocspMandatory(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Certificate Trust Level for HTTPS connections Define how a peer certificate is considered trusted for a HTTPS connection. * LocallyTrusted: A certificate is considered trusted when the certificate authority (CA) that signed the peer certificate is present in the Cert.OthersCertificatesInfo table. The certificate revocation status is not verified. * OcspOptional: A certificate is considered trusted when it is locally trusted and is not revoked by its certificate authority (CA). The certificate revocation status is queried using the Online Certificate Status Protocol (OCSP). If the OCSP server is not available or the verification status is unknown, the certificate is considered trusted. * OcspMandatory: A certificate is considered trusted when it is locally trusted and is not revoked by its certificate authority (CA). The certificate revocation status is queried using the Online Certificate Status Protocol (OCSP). If the OCSP server is not available or the verification status is unknown, the certificate is considered not trusted. " DEFVAL { locallyTrusted } ::= { scriptsTransferGroup 600 } -- Scalar:Script Transfer Cipher Suite scriptsTransferCipherSuite OBJECT-TYPE SYNTAX INTEGER { cS1(100) , cS2(200) , cS3(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Script Transfer Cipher Suite Defines the allowed cipher suites for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the cipher suite according to its configuration. * CS1: + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_DSS_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA + TLS_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_DSS_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_RC4_128_SHA + TLS_RSA_WITH_RC4_128_MD5 * CS2: + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA * CS3: + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 " DEFVAL { cS1 } ::= { scriptsTransferGroup 700 } -- Scalar:TLS Version scriptsTransferTlsVersion OBJECT-TYPE SYNTAX INTEGER { sSLv3(100) , tLSv1(200) , tLSv1-1(300) , tLSv1-2 (400) } MAX-ACCESS read-write STATUS current DESCRIPTION " TLS Version Defines the allowed TLS version for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the TLS version according to its configuration. * SSLv3: Allow SSL version 3 and all TLS versions. * TLSv1: Allow TLS versions 1 and up. * TLSv1_1: Allow TLS versions 1.1 and up. * TLSv1_2: Allow TLS versions 1.2 and up. The device will always send its highest supported TLS version in the ClientHello message. The server will select the highest supported TLS version it supports from the ClientHello message. The device will then validate that the selected version is allowed. If the version is not allowed the device will close the connection. " DEFVAL { tLSv1 } ::= { scriptsTransferGroup 800 } -- Scalar:Http Authentication Method scriptsTransferHttpAuthenticationMethod OBJECT-TYPE SYNTAX INTEGER { normal(100) , proprietaryV1(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Http Authentication Method Selects the authentication method to access scripts on a server. * Normal: No special authentication method is used. Standard procedures are used, e.g. basic or digest authentication. * ProprietaryV1: Proprietary method used for device authentication when downloading scripts from an EMS server. It will automatically fallback to Normal mode if the server does not support this authentication method. " DEFVAL { normal } ::= { scriptsTransferGroup 900 } -- End of group:Configuration Scripts Transfer -- *************************************************************************** -- Group:Automatic Transfer -- *************************************************************************** automaticScriptsTransferGroup OBJECT IDENTIFIER ::= { scriptsGroup 500 } -- Scalar:Transfer On Restart scriptsTransferOnRestartEnable OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " Transfer On Restart Enables the automatic configuration scripts transfer when the unit is restarted. * Enable: Configuration scripts are automatically transferred when the unit is restarted. * Disable: Configuration scripts are not automatically transferred when the unit is restarted. The ScriptsTransferOnRestartEnable and the ScriptsDhcpDownloadEnable parameters depend on the ScriptsTransferOnRestartDhcpScriptMaxDelay parameter. For more details refer to the ScriptsTransferOnRestartDhcpScriptMaxDelay parameter. " DEFVAL { disable } ::= { automaticScriptsTransferGroup 100 } -- Scalar:Scripts Transfer Number of Retries scriptsTransferRetriesNumber OBJECT-TYPE SYNTAX Integer32 ( -1..100 ) MAX-ACCESS read-write STATUS current DESCRIPTION " Scripts Transfer Number of Retries Maximum attempts to retry a scripts transfer until its success when it fails upon an automatic transfer on restart or automatic periodic transfer. The retries are only attempted if the server is unreachable. Unreachable port or file not found errors don't trigger the retry mechanism. The time interval between retries is 30 seconds. * -1 means a retry to infinity. * 0 means no retry. " DEFVAL { -1 } ::= { automaticScriptsTransferGroup 150 } -- Scalar:Periodic Transfer scriptsTransferPeriodicEnable OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " Periodic Transfer Enables the automatic periodic configuration scripts transfer. This requires that the device time is correctly set, which can be done with the HOC service. * Enable: Configuration scripts are automatically transferred periodically. * Disable: Configuration scripts transfer is not periodic. " DEFVAL { disable } ::= { automaticScriptsTransferGroup 200 } -- Scalar:Time Unit scriptsTransferPeriodicTimeUnit OBJECT-TYPE SYNTAX INTEGER { minutes(100) , hours(200) , days(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Time Unit Time unit for the parameter ScriptsTransferInterval. * Minutes: Automatic configuration scripts transfer is performed every x minutes. * Hours: Automatic configuration scripts transfer is performed every x hours. * Days: Automatic configuration scripts transfer is performed every x days at the time specified by the ScriptsTransferTimeRange parameter. " DEFVAL { hours } ::= { automaticScriptsTransferGroup 300 } -- Scalar:Time Interval scriptsTransferInterval OBJECT-TYPE SYNTAX Unsigned32 ( 1..60 ) MAX-ACCESS read-write STATUS current DESCRIPTION " Time Interval Time interval between automatic configuration scripts transfer. The time unit is selected by the ScriptsTransferPeriodicTimeUnit parameter. " DEFVAL { 1 } ::= { automaticScriptsTransferGroup 400 } -- Scalar:Daily Transfer Time scriptsTransferTimeOfDay OBJECT-TYPE SYNTAX Integer32 ( -1..23 ) MAX-ACCESS read-write STATUS obsolete DESCRIPTION " Daily Transfer Time This parameter is obsolete and has been replaced by the ScriptsTransferTimeRange parameter. " DEFVAL { -1 } ::= { automaticScriptsTransferGroup 500 } -- Scalar:DHCP Triggered Script Support. scriptsDhcpDownloadEnable OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " DHCP Triggered Script Support. When enabled, the tftp-server (66) and bootfile (67) DHCP options or sub-options 66 and 67 of the vendor-specific option (43) are used to download a configuration script. If this configuration script is identical to the last executed script, it will not be run twice. The script retry mechanism is not enabled for the DHCP triggered scripts. If options 66 and 67 are received, both scripts are executed independently and the ScriptsAllowRepeatedExecution parameter will have no effect since the service keeps only the last executed script. The script defined by the tftp-server (option 66) option is executed first. The ScriptsTransferOnRestartEnable and the ScriptsDhcpDownloadEnable parameters depend on the ScriptsTransferOnRestartDhcpScriptMaxDelay parameter. For more details refer to the ScriptsTransferOnRestartDhcpScriptMaxDelay parameter. " DEFVAL { enable } ::= { automaticScriptsTransferGroup 600 } -- Scalar:Scripts Dhcp Options Format scriptsDhcpOptionsFormat OBJECT-TYPE SYNTAX INTEGER { fullyQualified(100) , url(200) , serverHost(300) , autoDetect(400) } MAX-ACCESS read-write STATUS current DESCRIPTION " Scripts Dhcp Options Format Defines the file server address format of DHCP options 66 and 67. * FullyQualified: Allow up to 2 DHCP options (66 and/or 67) to specify a string in the format Script=[protocol]:// [username]:[password]@[server]/[path]/[file]. * Url: Allow one DHCP option to specify a file or folder URL in the format [protocol]://[username]:[password]@[server]/ [path]/[file]. It is possible to use macros in the URL (see below). If the URL ends with a '/', it is further completed with the path and filename specified in ScriptLocation and ScriptGenericFileName parameters. * ServerHost: Allow one DHCP option to specify the IP address or FQDN of a file server. Uses the path and filename specified in the ScriptLocation and ScriptGenericFileName parameters, use the transfer protocol, username and password specified in ScriptTransferProtocol, ScriptTransferUsername and ScriptTransferPassword parameters. * AutoDetect: Automatically detects the format of the DHCP Option, according to these criteria: + A value beginning with 'Script=' is considered as 'FullyQualified'; + A value beginning with '[protocol]://' is considered as a URL; + A value that looks like an IPv4/IPv6 address or domain name is considered as a 'ServerHost'. The following macros can be inserted in the URL and will be replaced by their actual values: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { autoDetect } ::= { automaticScriptsTransferGroup 650 } -- Scalar:Scripts Transfer On Restart versus Dhcp Script Max Delay scriptsTransferOnRestartDhcpScriptMaxDelay OBJECT-TYPE SYNTAX Unsigned32 ( 0..360 ) MAX-ACCESS read-write STATUS current DESCRIPTION " Scripts Transfer On Restart versus Dhcp Script Max Delay This parameter allows the prioritization of the DHCP script versus the automatic script at startup when both ScriptsDhcpDownloadEnable and ScriptsTransferOnRestartEnable parameters are set to 'Enable'. When the unit is restarted and the delay is set to 0, the script associated with the ScriptsTransferOnRestartEnable parameter is immediately transferred. When the unit is restarted and the delay is set to a value other than 0, the script associated with the ScriptsTransferOnRestartEnable parameter is transferred when this delay is expired. While the script is delayed: * If DHCP options provide script information to transfer, then the transfer of the script associated with the ScriptsTransferOnRestartEnable parameter is aborted. * If there is no DHCP option providing script information to transfer, once the delay is expired, the script associated with the ScriptsTransferOnRestartEnable parameter is transferred. This value is expressed in seconds (s). " DEFVAL { 0 } ::= { automaticScriptsTransferGroup 660 } -- Scalar:Daily Transfer Time Range scriptsTransferTimeRange OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..24) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Daily Transfer Time Range Time range when the automatic configuration scripts transfer occurs. The time unit selected by the ScriptsTransferPeriodicTimeUnit parameter must be Days. If a time range is specified, the unit will fetch the configuration files at a random time within the interval specified. The format should be one of the following: * hh[:mm[:ss]] * hh[:mm[:ss]] - hh[:mm[:ss]] Where: * hh: Hours. * mm: Minutes. * ss: Seconds. " DEFVAL { "" } ::= { automaticScriptsTransferGroup 700 } -- End of group:Automatic Transfer -- Scalar:Decryption Key scriptsSecretKey OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..112) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Decryption Key Key used to decrypt configuration scripts when they are encrypted (auto-detected). The key is encoded in hexadecimal notation, meaning only characters in the range 0-9, A-F, and a-f can be used. Each character encodes 4 bits and the maximum key length is 112 characters, which gives a binary key of 56 bytes. It is the maximum accepted by the MxCryptFile external tool. For example, a 32 bits key could look like: A36CB299. " DEFVAL { "" } ::= { scriptsGroup 600 } -- Scalar:Allow Repeated Execution scriptsAllowRepeatedExecution OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " Allow Repeated Execution Allows the execution of a script even if it is identical to the last executed script. It has no effect when the two DHCP options tftp-server (66) and bootfile (67) are present since only the last executed script is kept. " DEFVAL { enable } ::= { scriptsGroup 650 } -- *************************************************************************** -- Group:Configuration Script Exportation -- *************************************************************************** scriptExportGroup OBJECT IDENTIFIER ::= { scriptsGroup 1000 } -- Scalar:Export Content scriptExportContent OBJECT-TYPE SYNTAX INTEGER { allConfig(100) , modifiedConfig(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Export Content Content to export in generated configuration script. * AllConfig: Export everything. * ModifiedConfig: Export only the configuration that has been modified (differs from the default values). " DEFVAL { modifiedConfig } ::= { scriptExportGroup 100 } -- Scalar:Export Service Name scriptExportServiceName OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..64) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Export Service Name Name of the service from which to export configuration. The special value 'All' can be used to export the configuration of all services. " DEFVAL { "All" } ::= { scriptExportGroup 150 } -- Scalar:Export Script Destination URL scriptExportUrl OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..512) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Export Script Destination URL URL where to send the exported configuration script. The URL should follow this format: protocol://[user[:password]@]hostname[:port]/[path/]filename The brackets [] denote an optional parameter. The filename may contain alphanumerical and '-._%$' characters as well as macros that are substituted at the moment of sending the configuration script. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %serial% - the serial number of the unit. The transfer protocols supported are: * TFTP * FTP * FILE Examples of valid URLs: * tftp://tftpserver.com:69/folder/script.cfg * ftp://guest@ftpserver.com/script.cfg * ftp://username:password@ftpserver.com/script.cfg * file://script.cfg The protocol default port is used if none is specified. " DEFVAL { "" } ::= { scriptExportGroup 200 } -- Scalar:Encryption Key scriptExportSecretKey OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..64) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Encryption Key Key used to encrypt the exported configuration script. The key is encoded in hexadecimal notation, meaning only characters in the range 0-9 and A-F can be used. The maximum key length is 64 characters, which gives a binary key of 32 bytes (256 bits). It is the maximum key size accepted by the MxCryptFile external tool. For example, a 32 bits key could look like: A36CB299. " DEFVAL { "" } ::= { scriptExportGroup 300 } -- End of group:Configuration Script Exportation -- *************************************************************************** -- Group:Configuration Script Statistics -- *************************************************************************** scriptsStatsGroup OBJECT IDENTIFIER ::= { scriptsGroup 10000 } -- Scalar:Current Script Transfer State scriptsStatsCurrentTransferState OBJECT-TYPE SYNTAX INTEGER { idle(100) , transfering(200) , running(300) } MAX-ACCESS read-only STATUS current DESCRIPTION " Current Script Transfer State The current state of the configuration script transfer and execution. * Idle: No configuration script is currently running. * Transfering: A configuration script is currently being transferred. * Running: The transferred configuration script is currently running. " DEFVAL { idle } ::= { scriptsStatsGroup 700 } -- Scalar:Last Transfer Result scriptsStatsLastTransferResult OBJECT-TYPE SYNTAX INTEGER { none(100) , success(200) , executionFailed(300) , transferFailed(400) } MAX-ACCESS read-only STATUS current DESCRIPTION " Last Transfer Result Result of the last configuration scripts transfer and run command. * None: No configuration scripts transfer performed since the last reset to default settings. * Success: The last configuration scripts transfer succeeded and the transferred scripts were ran successfully. * ExecutionFailed: The last configuration scripts transfer succeeded but at least one of the transferred scripts failed to run. * TransferFailed: At least one of the last configuration scripts transfer failed. " ::= { scriptsStatsGroup 800 } -- Scalar:Last Successful Transfer Date and Time scriptsStatsLastTransferDateTime OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-only STATUS current DESCRIPTION " Last Successful Transfer Date and Time Date and time of the last successful configuration script transfer and execution command since the last reset to default settings. " ::= { scriptsStatsGroup 900 } -- Scalar:Current Script Export State scriptsStatsCurrentExportState OBJECT-TYPE SYNTAX INTEGER { idle(100) , transfering(200) , exporting(300) } MAX-ACCESS read-only STATUS current DESCRIPTION " Current Script Export State The current state of the configuration script exportation. * Idle: No configuration script is currently exporting. * Exporting: A configuration script exportation is currently in progress. * Transfering: The exported configuration script is currently being transferred. " DEFVAL { idle } ::= { scriptsStatsGroup 1000 } -- Scalar:Last Export Result scriptsStatsLastExportResult OBJECT-TYPE SYNTAX INTEGER { none(100) , success(200) , exportationFailed(300) , transferFailed(400) } MAX-ACCESS read-only STATUS current DESCRIPTION " Last Export Result Result of the last configuration script exportation command. * None: No configuration script exportation performed since the last reset to default settings. * Success: The last configuration script exportation succeeded and has been transferred successfully. * ExportationFailed: The last configuration script exportation failed. * TransferFailed: The last configuration script exportation succeeded but the script failed to transfer. " ::= { scriptsStatsGroup 1100 } -- Scalar:Last Successful Export Date and Time scriptsStatsLastExportDateTime OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-only STATUS current DESCRIPTION " Last Successful Export Date and Time Date and time of the last successful configuration script exportation and transfer command since the last reset to default settings. " ::= { scriptsStatsGroup 1200 } -- End of group:Configuration Script Statistics -- End of group:Configuration Scripts -- **************************************************************************** -- Group:Configuration Backup File -- **************************************************************************** imageGroup OBJECT IDENTIFIER ::= { confMIBObjects 200 } -- Scalar:File Name imageFileName OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..254) ) MAX-ACCESS read-write STATUS current DESCRIPTION " File Name Name of the file used to backup (save) and restore (load) the unit's configuration. It is composed of alphanumerical and '-._%$' characters as well as macros. The macros used in this field are replaced by the unit's MAC address or MFP version right before backing up or restoring the unit's configuration. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { imageGroup 100 } -- Scalar:File Location (Path) imageLocation OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-write STATUS current DESCRIPTION " File Location (Path) Path to the location of the configuration image file. The path is relative to the root of the transfer server. Use '/' to separate subdirectories. When the Transfer Protocol is 'File', this may be prefixed by one of the following to indicate storage media: * 'Persistent:' for onboard persistent storage - this is the default. * 'Volatile:' for onboard non-persistent storage. This field may contain some macros that are substituted by the actual value at the moment of fetching the configuration script. The supported macros are: * %mac% - the MAC address of the unit. * %version% - the MFP version of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %profile% - the MFP profile of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { imageGroup 200 } -- Scalar:Backup Content imageBackupContent OBJECT-TYPE SYNTAX INTEGER { config(100) , configAndCertificates(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Backup Content Defines what to include in the backup image file. * Config: Only the unit's configuration and ruleset files are included in the backup image. * ConfigAndCertificates: The unit's configuration, ruleset files and certificates are included in the backup image. It is strongly recommended to activate encryption (see the ImagePrivacyAlgo and ImageSecretKey parameters) when including certificates in the backup image because host certificates include the private key. * Note: Only ruleset files from the folder '/sbc/rulesets' in the File service are included in the backup image. " DEFVAL { configAndCertificates } ::= { imageGroup 250 } -- *************************************************************************** -- Group:Configuration Image Transfer -- *************************************************************************** imageTransferGroup OBJECT IDENTIFIER ::= { imageGroup 300 } -- Scalar:Image Transfer Protocol imageTransferProtocol OBJECT-TYPE SYNTAX INTEGER { http(100) , https(200) , tftp(300) , ftp(400) , file (500) } MAX-ACCESS read-write STATUS current DESCRIPTION " Image Transfer Protocol Protocol used to upload a configuration image during backup and transfer during restore. * HTTP: Hypertext Transfer Protocol. * HTTPS: Hypertext Transfer Protocol over Transport Layer Security. * TFTP: Trivial File Transfer Protocol. * FTP: File Transfer Protocol. * File: Complete path to a configuration image in an onboard storage. " DEFVAL { https } ::= { imageTransferGroup 100 } -- Scalar:User Name imageTransferUsername OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " User Name User name used to transfer the configuration image, if the protocol selected by the parameter ImageTransferProtocol requires it. " DEFVAL { "" } ::= { imageTransferGroup 200 } -- Scalar:Password imageTransferPassword OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Password Password used to transfer the configuration image, if the protocol selected by the parameter ImageTransferProtocol requires it. " DEFVAL { "" } ::= { imageTransferGroup 300 } -- Scalar:Server Hostname and port imageTransferSrvHostname OBJECT-TYPE SYNTAX MxIpHostNamePort MAX-ACCESS read-write STATUS current DESCRIPTION " Server Hostname and port Configuration backup/restore server hostname and port. Use the special value zero to indicate the protocol default. " DEFVAL { "0.0.0.0:0" } ::= { imageTransferGroup 400 } -- Scalar:Image Transfer Cipher Suite imageTransferCipherSuite OBJECT-TYPE SYNTAX INTEGER { cS1(100) , cS2(200) , cS3(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Image Transfer Cipher Suite Defines the allowed cipher suites for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the cipher suite according to its configuration. * CS1 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS_DHE_DSS_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS_DHE_DSS_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_RC4_128_SHA - TLS_RSA_WITH_RC4_128_MD5 * CS2 - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA * CS3 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 " DEFVAL { cS1 } ::= { imageTransferGroup 500 } -- Scalar:TLS Version imageTransferTlsVersion OBJECT-TYPE SYNTAX INTEGER { sSLv3(100) , tLSv1(200) , tLSv1-1(300) , tLSv1-2 (400) } MAX-ACCESS read-write STATUS current DESCRIPTION " TLS Version Defines the allowed TLS version for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the TLS version according to its configuration. * SSLv3: Allow SSL version 3 and all TLS versions. * TLSv1: Allow TLS versions 1 and up. * TLSv1_1: Allow TLS versions 1.1 and up. * TLSv1_2: Allow TLS versions 1.2 and up. The device will always send its highest supported TLS version in the ClientHello message. The server will select the highest supported TLS version it supports from the ClientHello message. The device will then validate that the selected version is allowed. If the version is not allowed the device will close the connection. " DEFVAL { tLSv1 } ::= { imageTransferGroup 600 } -- End of group:Configuration Image Transfer -- *************************************************************************** -- Group:Privacy -- *************************************************************************** imagePrivacyGroup OBJECT IDENTIFIER ::= { imageGroup 400 } -- Scalar:Privacy Enable imagePrivacyAlgo OBJECT-TYPE SYNTAX INTEGER { none(100) , defaultAlgo(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Privacy Enable Defines the encryption method to use for backup operations. This parameter is not used for restore operations. * None: Backup images are not encrypted. * DefaultAlgo: Backup images are encrypted with the default algorithm. " DEFVAL { none } ::= { imagePrivacyGroup 100 } -- Scalar:Decryption Key imageSecretKey OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Decryption Key Key used for backup operations to encrypt backup images when the ImagePrivacyAlgo parameter is not set to 'None'. The key is also used when performing an image restore. In that case, the encryption algorithm is auto-detected therefore the ImagePrivacyAlgo parameter is ignored. " DEFVAL { "" } ::= { imagePrivacyGroup 200 } -- End of group:Privacy -- Scalar:Last Backup Result imageBackupStatus OBJECT-TYPE SYNTAX INTEGER { none(100) , success(200) , failed(300) } MAX-ACCESS read-only STATUS current DESCRIPTION " Last Backup Result Result of the last configuration backup command. * None: No configuration backup operation has been performed since the last reset to default settings. * Success: Last configuration backup operation succeeded. * Failed: Last configuration backup operation failed. " ::= { imageGroup 600 } -- Scalar:Last Restore Result imageRestoreStatus OBJECT-TYPE SYNTAX INTEGER { none(100) , success(200) , applyFailed(300) , loadFailed(400) } MAX-ACCESS read-only STATUS current DESCRIPTION " Last Restore Result Result of the last configuration restore command. * None: No configuration restore has been performed since the last reset to default settings. * Success: The last configuration restore succeeded. * ApplyFailed: The configuration load succeeded but restoring failed during the last configuration restore command execution. * LoadFailed: The configuration load failed during the last configuration restore command. " ::= { imageGroup 800 } -- End of group:Configuration Backup File -- *************************************************************************** -- Group:Configuration Alias -- *************************************************************************** aliasGroup OBJECT IDENTIFIER ::= { confMIBObjects 300 } -- ****************************************************************** -- Table:Macro -- ****************************************************************** macrosTable OBJECT-TYPE SYNTAX SEQUENCE OF MacrosEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Macro This table contains information about macro functions. " ::= { aliasGroup 100 } macrosEntry OBJECT-TYPE SYNTAX MacrosEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " A row in table Macro. " INDEX { macrosName } ::= { macrosTable 1 } MacrosEntry ::= SEQUENCE { macrosName OCTET STRING, macrosDescription OCTET STRING } -- Index:Macro Name macrosName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Macro Name Displays the macro name. " DEFVAL { "" } ::= { macrosEntry 100 } -- Columnar:Macro Desciption macrosDescription OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Macro Desciption Shows the macro description. " DEFVAL { "" } ::= { macrosEntry 200 } -- End of table:Macro -- ****************************************************************** -- Table:Alias -- ****************************************************************** aliasTable OBJECT-TYPE SYNTAX SEQUENCE OF AliasEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Alias This table contains information about alias. " ::= { aliasGroup 200 } aliasEntry OBJECT-TYPE SYNTAX AliasEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " A row in table Alias. " INDEX { aliasName } ::= { aliasTable 1 } AliasEntry ::= SEQUENCE { aliasName OCTET STRING, aliasEntity OCTET STRING, aliasType INTEGER, aliasContext OCTET STRING } -- Index:Alias Name aliasName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Alias Name Displays the alias name. " DEFVAL { "" } ::= { aliasEntry 100 } -- Columnar:Alias Value aliasEntity OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Alias Value Shows the alias value. " ::= { aliasEntry 200 } -- Columnar:Alias Type aliasType OBJECT-TYPE SYNTAX INTEGER { module(100) , object(200) , columnar(300) } MAX-ACCESS read-only STATUS current DESCRIPTION " Alias Type Shows the alias type. " DEFVAL { module } ::= { aliasEntry 300 } -- Columnar:Alias Context aliasContext OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Alias Context Shows the alias context. " ::= { aliasEntry 400 } -- End of table:Alias -- End of group:Configuration Alias -- **************************************************************************** -- Group:Notification Messages Configuration -- **************************************************************************** notificationsGroup OBJECT IDENTIFIER ::= { confMIBObjects 60010 } -- Scalar:Minimal Severity of Notification minSeverity OBJECT-TYPE SYNTAX INTEGER { disable(0) , debug(100) , info(200) , warning(300) , error(400) , critical (500) } MAX-ACCESS read-write STATUS current DESCRIPTION " Minimal Severity of Notification Sets the minimal severity to issue a notification message incoming from this service. * Disable: No notification is issued. * Debug: All notification messages are issued. * Info: Notification messages with a 'Informational' and higher severity are issued. * Warning: Notification messages with a 'Warning' and higher severity are issued. * Error: Notification messages with an 'Error' and higher severity are issued. * Critical: Notification messages with a 'Critical' severity are issued. " DEFVAL { warning } ::= { notificationsGroup 100 } -- End of group:Notification Messages Configuration -- **************************************************************************** -- Group:Configuration Settings -- **************************************************************************** configurationGroup OBJECT IDENTIFIER ::= { confMIBObjects 60020 } -- Scalar:Need Restart needRestartInfo OBJECT-TYPE SYNTAX INTEGER { no(0) , yes(100) } MAX-ACCESS read-only STATUS current DESCRIPTION " Need Restart Indicates if the service needs to be restarted for the configuration to fully take effect. * Yes: Service needs to be restarted. * No: Service does not need to be restarted. Services can be restarted by using the Scm.ServiceCommands.Restart command. " ::= { configurationGroup 100 } -- End of group:Configuration Settings END