-- ***************************************************************************** -- Filename: epon-security.mib -- Description: Contains iSwitch MIB Extension. -- MIB Version: 1.00 -- -- Copyright (C) 2001 by UTStarcom, Inc. All rights reserved. -- Reproduction of this document is authorized on the condition that -- the foregoing copyright notice is included. -- -- NOTE: The contents of this document are subject to change without notice -- ***************************************************************************** -- ***************************************************************************** -- Version: $Id: $ -- Last Modified: $DateTime: $ -- Change List #: $Change: $ -- ***************************************************************************** UTSECURITY-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, IpAddress FROM SNMPv2-SMI Counter, TimeTicks FROM RFC1155-SMI RowStatus, TruthValue FROM SNMPv2-TC ifIndex, DisplayString FROM RFC1213-MIB MacAddress, BridgeId, Timeout FROM BRIDGE-MIB uts-epon FROM UTS-EPON-MIB; -- utsGeponBBS1000plus FROM UTS-BBS-COMMON-MIB; utSecurity MODULE-IDENTITY LAST-UPDATED "9407272253Z" -- Wed Jul 27 22:53:04 PDT 1994 ORGANIZATION "UTSTARcom Inc" CONTACT-INFO "Postal: UTSTARcom Inc Alameda, California 9xxxx Tel: +1 510 555 1212 E-Mail: mibs@utstar.com " DESCRIPTION "Contains UT EPON MIB Extensions." ::= { uts-epon 5 } utsEfmPonSecurityExt OBJECT IDENTIFIER ::= { utSecurity 1 } utsEponSecExtObjects OBJECT IDENTIFIER ::= { utsEfmPonSecurityExt 1 } ------ ------ 1. Security ------ utsDot3SecurityMIB OBJECT IDENTIFIER ::= { utsEponSecExtObjects 1 } utsDot3SecurityObjects OBJECT IDENTIFIER ::= { utsDot3SecurityMIB 1 } utsDot3SecurityOltObjects OBJECT IDENTIFIER ::= { utsDot3SecurityObjects 1 } ------ ------ OLT ------ --utsDot3SecurityOltTable OBJECT-TYPE --SYNTAX SEQUENCE OF UtsDot3SecurityOltEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION --"Table for dot3 OLT security MIBs." -- ::= { utsDot3SecurityOltObjects 2 } -- --utsDot3SecurityOltEntry OBJECT-TYPE --SYNTAX UtsDot3SecurityOltEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION --"An entry in the dot3 OLT MIBs table." -- INDEX { ifIndex } -- ::= { utsDot3SecurityOltTable 1 } -- --UtsDot3SecurityOltEntry ::= -- SEQUENCE { -- utsDot3SecurityOltAuthState INTEGER -- } -- --utsDot3SecurityOltAuthState OBJECT-TYPE --SYNTAX INTEGER { -- enabled(1), -- disabled(2) --} -- MAX-ACCESS read-only -- STATUS current -- DESCRIPTION --"OLT Authenticator state." -- ::= { utsDot3SecurityOltEntry 1 } ------ ------ ONU ------ --utsDot3SecurityTable OBJECT-TYPE --SYNTAX SEQUENCE OF UtsDot3SecurityEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION --"Table for dot3 ONU security MIBs." -- ::= { utsDot3SecurityObjects 3 } -- --utsDot3SecurityEntry OBJECT-TYPE --SYNTAX UtsDot3SecurityEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION --"An entry in the dot3 OLT MIBs table." -- INDEX { ifIndex } -- ::= { utsDot3SecurityTable 1 } -- --UtsDot3SecurityEntry ::= -- SEQUENCE { -- utsDot3SecurityAuthState INTEGER, -- utsDot3SecurityAuthMethod INTEGER, -- utsDot3SecurityAuthParamIndex INTEGER, -- utsDot3SecurityEncryAuthState INTEGER, -- utsDot3SecurityEncryEnable TruthValue, -- utsDot3SecurityEncryDirection INTEGER, -- utsDot3SecurityEncryKeyUpdateMethod INTEGER, -- utsDot3SecurityEncryKey OCTET STRING(SIZE(0..16)) -- -- } -- --utsDot3SecurityAuthState OBJECT-TYPE --SYNTAX INTEGER { -- authorized(1), -- unauthorized(2) --} -- MAX-ACCESS read-only -- STATUS current -- DESCRIPTION --"Authentication state." -- ::= { utsDot3SecurityEntry 1 } -- --utsDot3SecurityAuthMethod OBJECT-TYPE --SYNTAX INTEGER { -- deny-always(1), -- authorize-always(2), -- sec-802-1x-radius(3) --} -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"A ONU will be authorized if the method is disabled. If 802_1x_radius is --selected, then the supported authentication algorithm is EAP-MD5." -- ::= { utsDot3SecurityEntry 2 } -- --utsDot3SecurityAuthParamIndex OBJECT-TYPE --SYNTAX INTEGER -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"It's a index pointing to the entry in the corresponding authentication --parameter table for the specified authentication method. So multiple ONUs --can either share a same authentication setting or have its own --authentication setting." -- ::= { utsDot3SecurityEntry 3 } -- --utsDot3SecurityEncryAuthState OBJECT-TYPE --SYNTAX INTEGER { -- enabled(1), -- disabled(2) --} -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"Encryption state." -- ::= { utsDot3SecurityEntry 4 } -- -- --utsDot3SecurityEncryEnable OBJECT-TYPE --SYNTAX TruthValue -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"Encryption state." -- ::= { utsDot3SecurityEntry 5 } -- --utsDot3SecurityEncryDirection OBJECT-TYPE --SYNTAX INTEGER { -- downlink(1), -- bothlinks(2) --} -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"Encryption direction." --::= { utsDot3SecurityEntry 6 } -- -- --utsDot3SecurityEncryKeyUpdateMethod OBJECT-TYPE --SYNTAX INTEGER { -- passave(0), -- disabled(1) --} -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"Encryption key update method." -- ::= { utsDot3SecurityEntry 7 } -- --utsDot3SecurityEncryKey OBJECT-TYPE --SYNTAX OCTET STRING(SIZE(0..16)) -- MAX-ACCESS read-write -- STATUS current -- DESCRIPTION --"Encryption key. The initial value is from the authentication bit sequence --in ONU registration message." -- ::= { utsDot3SecurityEntry 8 } ------ ------ ------ utsDot3Security802RadiusObjects OBJECT IDENTIFIER ::= { utsDot3SecurityMIB 2} ------ ------ radius server's Group ------ utsDot3Security802RadiusGroup OBJECT IDENTIFIER ::= { utsDot3Security802RadiusObjects 1 } utsDot3Security8021xRadiusAutoSwitch OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enabled or Disabled auto switch to primary or secondary." ::= { utsDot3Security802RadiusGroup 1 } utsDot3Security8021xRadiusRetryTimes OBJECT-TYPE SYNTAX INTEGER (1..10) MAX-ACCESS read-write STATUS current DESCRIPTION "Radius server retry times, range 1..10." ::= { utsDot3Security802RadiusGroup 2 } utsDot3Security8021xRadiusTimeout OBJECT-TYPE SYNTAX INTEGER (1..15) MAX-ACCESS read-write STATUS current DESCRIPTION "Radius server message sent time out seconds." ::= { utsDot3Security802RadiusGroup 3 } utsDot3Security8021xRadiusBackToPrimary OBJECT-TYPE SYNTAX INTEGER (1..255) MAX-ACCESS read-write STATUS current DESCRIPTION "Radius server back to run on primary after X minutes." ::= { utsDot3Security802RadiusGroup 4 } utsDot3Security8021xRadiusRealm OBJECT-TYPE SYNTAX DisplayString(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Radius server realm." ::= { utsDot3Security802RadiusGroup 5} utsDot3Security8021xRadiusNasIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Radius server nsa ip address." ::= { utsDot3Security802RadiusGroup 6} utsDot3Security8021xRadiusSvrPrimaryOnuAuthIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary IP address." ::= { utsDot3Security802RadiusGroup 11 } utsDot3Security8021xRadiusSvrPrimaryOnuAuthPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary port number." ::= { utsDot3Security802RadiusGroup 12 } utsDot3Security8021xRadiusPrimaryOnuAuthSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Primary shared secret key." ::= { utsDot3Security802RadiusGroup 13 } utsDot3Security8021xRadiusSvrSecondaryOnuAuthIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary IP address." ::= { utsDot3Security802RadiusGroup 14 } utsDot3Security8021xRadiusSvrSecondaryOnuAuthPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary port number." ::= { utsDot3Security802RadiusGroup 15 } utsDot3Security8021xRadiusSecondaryOnuAuthSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Secondary hared secret key." ::= { utsDot3Security802RadiusGroup 16 } utsDot3Security8021xRadiusSvrPrimaryOnuAcctIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary IP address." ::= { utsDot3Security802RadiusGroup 17 } utsDot3Security8021xRadiusSvrPrimaryOnuAcctPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary port number." ::= { utsDot3Security802RadiusGroup 18 } utsDot3Security8021xRadiusPrimaryOnuAcctSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Primary shared secret key." ::= { utsDot3Security802RadiusGroup 19 } utsDot3Security8021xRadiusSvrSecondaryOnuAcctIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary IP address." ::= { utsDot3Security802RadiusGroup 20 } utsDot3Security8021xRadiusSvrSecondaryOnuAcctPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary port number." ::= { utsDot3Security802RadiusGroup 21 } utsDot3Security8021xRadiusSecondaryOnuAcctSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Secondary hared secret key." ::= { utsDot3Security802RadiusGroup 22 } utsDot3Security8021xRadiusSvrPrimaryCliAuthIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary IP address." ::= { utsDot3Security802RadiusGroup 23 } utsDot3Security8021xRadiusSvrPrimaryCliAuthPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary port number." ::= { utsDot3Security802RadiusGroup 24 } utsDot3Security8021xRadiusPrimaryCliAuthSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Primary shared secret key." ::= { utsDot3Security802RadiusGroup 25 } utsDot3Security8021xRadiusSvrSecondaryCliAuthIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary IP address." ::= { utsDot3Security802RadiusGroup 26 } utsDot3Security8021xRadiusSvrSecondaryCliAuthPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary port number." ::= { utsDot3Security802RadiusGroup 27 } utsDot3Security8021xRadiusSecondaryCliAuthSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Secondary hared secret key." ::= { utsDot3Security802RadiusGroup 28 } utsDot3Security8021xRadiusSvrPrimaryCliAcctIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary IP address." ::= { utsDot3Security802RadiusGroup 29 } utsDot3Security8021xRadiusSvrPrimaryCliAcctPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's primary port number." ::= { utsDot3Security802RadiusGroup 30 } utsDot3Security8021xRadiusPrimaryCliAcctSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Primary shared secret key." ::= { utsDot3Security802RadiusGroup 31 } utsDot3Security8021xRadiusSvrSecondaryCliAcctIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary IP address." ::= { utsDot3Security802RadiusGroup 32 } utsDot3Security8021xRadiusSvrSecondaryCliAcctPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "RADIUS server's secondary port number." ::= { utsDot3Security802RadiusGroup 33 } utsDot3Security8021xRadiusSecondaryCliAcctSharedKey OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..31)) MAX-ACCESS read-write STATUS current DESCRIPTION "Secondary hared secret key." ::= { utsDot3Security802RadiusGroup 34 } END