-- ZyXEL Communications Corporation -- Private Enterprise MIB definition -- This file describes the ZyXEL Communications Corporation Enterprise MIB. -- It contains ZyXEL products OIDs, and common managed objects. -- $Log: ZYXEL-PORT-AUTHENTICATION-MIB.mib $ -- Revision 1.7 2013/12/06 07:07:55 ccho -- remove uncessary imports -- Revision 1.6 2013/11/20 06:53:55 ccho -- renaming identifier name for SMI.V2 -- Revision 1.5 2013/11/06 05:42:10 ccho -- fix mib style -- Revision 1.4 2012/09/19 07:43:52 Kevin -- if it's leaf node, revise the vender name from zyxel to zy -- Revision 1.3 2012/08/22 09:47:30 Kevin -- clean warning for SNMPc -- Revision 1.2 2012/07/05 06:24:13 Kevin -- 1. upgrade from SNMP to SNMPv2 -- 2. clean warning -- Revision 1.1 2012/05/30 07:50:24 Kevin -- Initial revision ZYXEL-PORT-AUTHENTICATION-MIB DEFINITIONS ::= BEGIN IMPORTS OBJECT-TYPE FROM SNMPv2-SMI -- RFC2578 MODULE-IDENTITY FROM SNMPv2-SMI EnabledStatus FROM P-BRIDGE-MIB dot1dBasePort FROM BRIDGE-MIB esMgmt FROM ZYXEL-ES-SMI; zyxelPortAuthentication MODULE-IDENTITY LAST-UPDATED "201207010000Z" ORGANIZATION "Enterprise Solution ZyXEL" CONTACT-INFO "" DESCRIPTION "The subtree for port authentication" ::= { esMgmt 62 } zyxelPortAuthenticationSetup OBJECT IDENTIFIER ::= { zyxelPortAuthentication 1 } -- ******************************************************************* -- * -- * zyxelPortAuthenticationSetup -- * -- ******************************************************************* -- zyxelPortAuthenticationState zyPortAuthenticationState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable 802.1x port authentication for the switch." ::= { zyxelPortAuthenticationSetup 1 } -- zyxelPortAuthenticationTable zyxelPortAuthenticationPortTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelPortAuthenticationPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains port authentication configuration" ::= { zyxelPortAuthenticationSetup 2 } zyxelPortAuthenticationPortEntry OBJECT-TYPE SYNTAX ZyxelPortAuthenticationPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains port authentication configuration." INDEX { dot1dBasePort } ::= { zyxelPortAuthenticationPortTable 1 } ZyxelPortAuthenticationPortEntry ::= SEQUENCE { zyPortAuthenticationPortState EnabledStatus, zyPortReAuthenticationPortState EnabledStatus, zyPortReAuthenticationPortTimer INTEGER , zyPortAuthenticationPortQuietPeriod INTEGER , zyPortAuthenticationPortTxPeriod INTEGER , zyPortAuthenticationPortSupplicantTimeout INTEGER , zyPortAuthenticationPortMaxRequest INTEGER , zyPortAuthenticationPortGuestVlanState EnabledStatus, zyPortAuthenticationPortGuestVlan INTEGER , zyPortAuthenticationPortGuestVlanHostMode INTEGER , zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber INTEGER , zyPortAuthenticationPortCompoundAuthenticationMode INTEGER } zyPortAuthenticationPortState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable 802.1x port authentication on the port. You must first allow 802.1x authentication on the Switch before configuring it on each port. " ::= { zyxelPortAuthenticationPortEntry 1 } zyPortReAuthenticationPortState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable 802.1x port re-authentication on the port. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port." ::= { zyxelPortAuthenticationPortEntry 2 } zyPortReAuthenticationPortTimer OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the length of time required to pass before a client has to re-enter his or her username and password to stay connected to the port. " ::= { zyxelPortAuthenticationPortEntry 3 } zyPortAuthenticationPortQuietPeriod OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the number of seconds the port remains in the HELD state and rejects further authentication requests from the connected client after a failed authentication exchange. " ::= { zyxelPortAuthenticationPortEntry 4 } zyPortAuthenticationPortTxPeriod OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the number of seconds the Switch waits for client's response before re-sending an identity request to the client. " ::= { zyxelPortAuthenticationPortEntry 5 } zyPortAuthenticationPortSupplicantTimeout OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the number of seconds the Switch waits for client's response to a challenge request before sending another request. " ::= { zyxelPortAuthenticationPortEntry 6 } zyPortAuthenticationPortMaxRequest OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the number of times the Switch tries to authenticate client(s) before sending unresponsive ports to the Guest VLAN. This is set to 2 by default. That is, the Switch attempts to authenticate a client twice. If the client does not respond to the first authentication request, the Switch tries again. If the client still does not respond to the second request, the Switch sends the client to the Guest VLAN. The client needs to send a new request to be authenticated by the Switch again. " ::= { zyxelPortAuthenticationPortEntry 7 } zyPortAuthenticationPortGuestVlanState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable Guest VLAN on the port. Clients that fail authentication are placed in the guest VLAN and can receive limited services. " ::= { zyxelPortAuthenticationPortEntry 8 } zyPortAuthenticationPortGuestVlan OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "Enter the number that identifies the guest VLAN. Make sure this is a VLAN recognized in your network. A guest VLAN is a pre-configured VLAN on the Switch that allows non-authenticated users to access limited network resources through the Switch. You must also enable IEEE 802.1x authentication on the Switch and the associated ports. " ::= { zyxelPortAuthenticationPortEntry 9 } zyPortAuthenticationPortGuestVlanHostMode OBJECT-TYPE SYNTAX INTEGER { multiHost(0), multiSecure(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Specify how the Switch authenticates users when more than one user connect to the port (using a hub). Select Multi-Host to authenticate only the first user that connects to this port. If the first user enters the correct credential, any other users are allowed to access the port without authentication. If the first user fails to enter the correct credential, they are all put in the guest VLAN. Once the first user who did authentication logs out or disconnects from the port, rest of the users are blocked until a user does the authentication process again. Select Multi-Secure to authenticate each user that connects to this port. " ::= { zyxelPortAuthenticationPortEntry 10 } zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-write STATUS current DESCRIPTION "If you set Host-mode to Multi-Secure, specify the maximum number of users that the Switch will authenticate on this port. " ::= { zyxelPortAuthenticationPortEntry 11 } zyPortAuthenticationPortCompoundAuthenticationMode OBJECT-TYPE SYNTAX INTEGER { strict(0), loose(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Set compound authentication mode at strict mode or loose mode for the switch. Users can use this setting to choise authentication strict or loose of 802.1x and mac authentication." ::= { zyxelPortAuthenticationPortEntry 12 } -- zyxelPortAuthenticationEapolFloodState zyPortAuthenticationEapolFloodState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable EAPoL flood for the switch. Users can use this setting to control forwarding of EAPoL packet when 802.1x function is disable." ::= { zyxelPortAuthenticationSetup 3 } END